Herman Mehling

What is the most secure way to authenticate electronic data? Until recently, many technical people would have answered ‘cryptographic keys' without blinking. But recent headline events - and a ‘biggie' last year - have raised serious doubts about the ability of cryptographic keys to protect vital government and corporate data. Here are two examples from February that should make CIOs, CTOs and CSOs tremble in their boardrooms: McAfee revoking keys for signing apps on the Apple store; and stolen keys from Bit9 being used to sign malware. In the McAfee case, a McAfee administrator revoked (by mistake) the digital key for certifying desktop apps that run on Apple's OS X, thereby creating serious problems for customers who wanted to install or upgrade Mac antivirus products. The original Arstechnica article (McAfee revoking keys) noted that the administrator intended ... (more)

A Cloud-Based Testing Tool for the Budget-Minded

Finally, a low-cost cloud-based QA testing tool hits the market. After an extensive beta program by software testers at 500 companies from 23 countries, QASymphony announced general availability of qTest, a cloud-based enterprise test management solution. The testing tool is aimed at small and growing QA teams looking to escape the heavy lifting and expense required from enterprise-focused systems such as HP Quality Center. Its vendor claims qTest is on par with large enterprise systems, yet unlike those heavyweights the platform's SaaS subscription model makes it a low-risk pr... (more)