Hacking : A Brief Rundown

The image of a hacker that popular media would have you believe is that of a shady loner. Someone who acts for themselves, ruthlessly targeting innocent people and organizations. This is a bit unfair as hackers come in all shapes, sizes, and unsurprisingly, genders. It's a bit of a misnomer characterizing hackers as villains, as they are providing an increasingly valuable skill set to the software and security sectors.

This nefarious image arises from the anecdote everyone's heard. Someone's credit card information has been stolen, and the perpetration is some faceless hacker. We've come to know and despise this caricature, with good reason too. Hacking itself is simply circumventing security measures in order to gain unauthorized access to data. Hacking has come to be the leading cause of data breaches, and is only poising to be a bigger issue to the private and public sector 1.

This doesn't necessarily have to happen using a computer, it can be as simple as making a phone call posing as an IT administrator, fishing for a password. It all comes down to the fact that information is valuable. Where there is money, people will be willing to justify their means to acquire it. However, the field itself draws many in as hobbyists and experts alike. Sometimes the act of breaking new software is it's own reward^2.

As a result, many software firms invite hackers to test their software. This allows them to have faster turn around on security issues. Hacking has become a sort of sport, in which groups at conventions like DefCon attemp to best each other. This can be lucrative, as software companies offer prizes to those who can break their systems³.

Hacking has taken a political stage as well. Since so much data is being stored digitally, it is a huge deal to states defense. Cyberwarfare has become a real thing, unfortunately. It poses a threat to state defense the way espionage does, and the battlefield is still unmapped. We are barely on the verge of the what countries are capable when concentrating their efforts on cyber-assault. Recently it was reveaeled that the stuxnet worm that infected Iranian nuclear facilities was designed by Israeli and US operations. This is the tip of the iceberg, as systems more vulnerable exist 4.  

1. http://www.informationweek.com/security/attacks/hacking-becomes-leading-cause-of-data-br/229402094

2. http://ethics.csc.ncsu.edu/abuse/hacking/study.php

3.http://www.homelandsecuritynewswire.com/dr20120415-companies-hiring-hackers-to-harden-defenses

4.http://www.usatoday.com/story/money/columnist/2013/06/23/baverman-columnist-entrepreneurs-startups/2445807/

Open Source: Some things to consider

Open source software is amazing. It provides everyone the opportunity to look at how the software they are using is structured, and what has gone in to developing it. Through this openness, the software can be modified and enhanced by anyone who is capable. This means bugs can be fixed quickly and efficiently, without waiting for the original developers as with proprietary software. However, open source isn't without it's share of problems. I love the wave of open alternatives to common commercial products that has hit the internet in the past 10 years. Firefox as opposed to Internet Explorer, Open Office as opposed to Office, Gimp as opposed to Adobe Photoshop, VLC as opposed to Windows Media Player, the list goes on.

With open source software you face a problem of people contributing, but not seeing a larger picture in the software's lifespan. Quick hacks are very popular in open source communities, as far as bug fixes or enhancements to the software. These hacks are often written by people hastily, omitting some very important programming concepts. This is that their code ought to be clear, and readable. Clarity is a cornerstone of developing good code, as in any quick hack you write, someone will be without you trying to read it and figure out what is happening. Another problem with community involvement in software development is that code contributed by random people is often not completely modular.

That's not to say that these aren't issues in proprietary software models. In general when you involve a community you face communication barriers, and this is no different in open source development. Despite this open source software development is a tremendous feat. It involves people from around the world with the opportunity to code for their favorite software. We are seeing free alternatives to products that cost huge amounts, with the strength of communities backing them.

Open source is really amazing, we just need more people who can code in order to fully realize it's potential. To the average person it doesn't mean much that you can get GIMP online for free, or that there are thousands of pages of tech support on their forums, or that their school can even get these programs for free.

Agile : Some facts

For those of you who are unfamiliar, Agile software development is a sort of method used to accomplish goals within software projects. A simple design for projects in order to help ensure they are accomplished within a reasonable amount of time, and within set budget constraints. Mind you this exists for a reason, as it's estimated that 80% of all software projects fail, coming either over budget or running out of time. This is huge! How can so many software projects fail in such a spectacular manner?

We must take a look at some fundamental problems plaguing most projects :

• Lack of customer input
• Requirements are vague
• Poorly planned schedules
• Poor management of product changes
• Poor testing

Agile remedies these by putting the costumer on a pedestal. They are King of the process, and given position as a member on the development team. This ensures that the requirements are clear, and that their input has an audience. In Agile schedules are dynamically negotiated, and the only thing set in stone is the delivery date for the product. It's because of this flexibility and closeness to the costumer that Agile has become so widely adopted. It provides the bones for an organized approach to software development.

Personally, after learning about the Agile approach to software development I was very pleased. Reading about this has helped me understand some common practices in software development in a business setting. An organized and consistent approach to accomplishing the small tasks that make up larger software projects is absolutely necessary. Even through my classes I could tell managing these tasks becomes cumbersome, as I've experienced in group projects.

Through some research I've found some other conventions to software development. Among Agile there are many other methods tried, some less successful and others more. This list comes courtesy of Peter Boughton of Stack Exchange.
http://programmers.stackexchange.com/questions/11512/are-there-any-major-alternatives-to-waterfall-and-agile

• Agile - based on iterative and incremental development, where requirements and solutions evolve through collaboration between self-organizing, cross-functional teams.
• Cleanroom - the focus of the Cleanroom process is on defect prevention, rather than defect removal.
• Iterative - a cyclic software development process developed in response to the weaknesses of the waterfall model. It starts with an initial planning and ends with deployment with the cyclic interactions in between.
  
• RAD - uses minimal planning in favor of rapid prototyping. The "planning" of software developed using RAD is interleaved with writing the software itself.
• RUP - The Rational Unified Process (RUP) is an adaptable iterative software development process framework, intended to be tailored by selecting the elements of the process that are appropriate.
• Spiral - combining elements of both design and prototyping-in-stages, in an effort to combine advantages of top-down and bottom-up concepts. This model of development combines the features of the prototyping model and the waterfall model.
  
• Waterfall - sequential through the phases of Conception, Initiation, Analysis, Design, Construction, Testing and Maintenance.
  
• Lean - a translation of Lean manufacturing and Lean IT principles and practices to the software development domain; everything not adding value to the customer is considered to be waste.
• V-Model - Instead of moving down in a linear way, the process steps are bent upwards after the coding phase, to form the typical V shape. The V-Model demonstrates the relationships between each phase of the development life cycle and its associated phase of testing.
  
• TDD - relies on the repetition of a very short development cycle: first the developer writes a failing automated test case that defines a desired improvement or new function, then produces code to pass that test and finally refactors the new code to acceptable standards.