What is the most secure way to authenticate electronic data? Until recently,
many technical people would have answered ‘cryptographic keys' without
blinking. But recent headline events - and a ‘biggie' last year - have
raised serious doubts about the ability of cryptographic keys to protect
vital government and corporate data.
Here are two examples from February that should make CIOs, CTOs and CSOs
tremble in their boardrooms: McAfee revoking keys for signing apps on the
Apple store; and stolen keys from Bit9 being used to sign malware.
In the McAfee case, a McAfee administrator revoked (by mistake) the digital
key for certifying desktop apps that run on Apple's OS X, thereby creating
serious problems for customers who wanted to install or upgrade Mac antivirus
The original Arstechnica article (McAfee revoking keys) noted that the
administrator intended ... (more)
The pressure on enterprises to deploy applications as fast as possible has
never been greater. The mobile revolution, the huge impact of cloud
computing, and the BYOD trend have intensified the pressure, forcing large
organizations to re-think and re-tool their approaches to app development.
For many, the answer has been to embrace rapid app development.
A recent survey by XebiaLabs discovered that most organizations' delivery
models are unsuitable and that application deployments fail up to 30% of the
Much of the flaws in creating and updating apps come from human error. ... (more)
Finally, a low-cost cloud-based QA testing tool hits the market. After an
extensive beta program by software testers at 500 companies from 23
countries, QASymphony announced general availability of qTest, a cloud-based
enterprise test management solution.
The testing tool is aimed at small and growing QA teams looking to escape the
heavy lifting and expense required from enterprise-focused systems such as HP
Its vendor claims qTest is on par with large enterprise systems, yet unlike
those heavyweights the platform's SaaS subscription model makes it a low-risk