Home » Author Archives: Jim Bird (page 8)

Author Archives: Jim Bird

Jim Bird
Jim is an experienced CTO, software development manager and project manager, who has worked on high-performance, high-reliability mission-critical systems for many years, as well as building software development tools. His current interests include scaling Lean and Agile software development methodologies, software security and software assurance.

Peer reviews for security are a waste of time?

software-development-2-logo

At this year’s RSA conference, one of the panel’s questioned whether software security is a waste of time. A panellist, John Viega, said a few things that I agreed with, and a lot that I didn’t. Especially that “peer reviews for security are a waste of time.” This statement is wrong on every level. Everyone should know by now that ...

Read More »

Appsec at RSA 2013

software-development-2-logo

This was my second time at the RSA conference on IT security. Like last year, I focused on the appsec track, starting with a half-day mini-course on how to write secure applications for developers, presented by Jim Manico and Eoin Keary representing OWASP. It was a well-attended session. Solid, clear guidance from people who really do understand what it takes ...

Read More »

A Bug is a Terrible Thing to Waste

software-development-2-logo

Some development teams, especially Agile teams, don’t bother tracking bugs. Instead of using a bug tracking system, when testers find a bug, they talk to the developer and get it fixed, or they write a failing test that needs to be fixed and add it to the Continuous Integration test suite, or if they have to, they write up a ...

Read More »

Releasing more often drives better Dev and better Ops

devops-logo

One of the most important decisions that we made as a company was to release less software, more often. After we went live, we tried to deliver updates quarterly, because until then we had followed a staged delivery lifecycle to build the system, with analysis and architecture upfront, and design and development and testing done in 3-month phases. But this ...

Read More »

Code and Code Reviews: What’s in a Name?

software-development-2-logo

In a code review a developer needs to look at the code from two different perspectives: Correctness. Is the code logically correct, does it do what it is supposed to do? Will it hold up in the real world? Is it safe? Does it handle errors and exceptions? Does it check for bad input parameters and return values? Is it ...

Read More »

Appsec and Technical Debt

software-development-2-logo

Technical debt is a fact of life for anyone working in software development: work that needs to be done to make the system cleaner and simpler and cheaper to run over the long term, but that the business doesn’t know about or doesn’t see as a priority. This is because technical debt is mostly hidden from the people that use ...

Read More »

Design Doesn’t Emerge from Code

scrumalliance-logo

I know a lot of people who are transitioning to Agile or already following Agile development methods. Almost all of them are using something based on Scrum at the core, mixed with common XP practices like Continuous Integration and refactoring and automated unit testing – pretty much how Mike Cohn says things should be done in his book Succeeding with ...

Read More »

Frankensystems, Half-Strangled Zombies and other Monsters

software-development-2-logo

There are lots of ugly things that can happen to a system over time. This is what the arguments over technical debt are all about – how to keep code from getting ugly and fragile and hard to understand and more expensive to maintain over time, because of sloppiness and short-sighted decision making. But some of the ugliest things that ...

Read More »

Hardening Sprints. What are they? Do you need them?

scrumalliance-logo

For anyone who is developing software using Scrum, XP or another incremental development approach, the idea of a “hardening sprint” or a “release iteration” is bound to come up. But people disagree about what a “hardening sprint” should include, when you need to do one, and if you should do them at all. There is a deep divide between people ...

Read More »

Classic Mistakes in Software Development and Maintenance

software-development-2-logo

…the only difference between experienced and inexperienced developers is that the experienced ones realize when they’re making mistakes. Jeff Atwood, Escaping from Gilligan’s Island An important part of risk management, and responsible management at all, is making sure that you aren’t doing anything obviously stupid. Steve McConnell’s list of Classic Mistakes is a place to start: a list of common ...

Read More »
Want to take your Java Skills to the next level?
Grab our programming books for FREE!
  • Save time by leveraging our field-tested solutions to common problems.
  • The books cover a wide range of topics, from JPA and JUnit, to JMeter and Android.
  • Each book comes as a standalone guide (with source code provided), so that you use it as reference.
Last Step ...

Where should we send the free eBooks?

Good Work!
To download the books, please verify your email address by following the instructions found on the email we just sent you.