May 6, 2013
With the official election result has been announced, I think it is time to get start working again. Let’s rest for a day or two and we should all right.
We need to make sure that we are working harder towards the next 5 years to build a Better Malaysia for all Malaysian. Keep it up everyone.
April 10, 2013
March 24, 2013
If one thinks a software project manager would mean to cater for all, I personally think that it is not workable or too ideal to be true.
We have mentioned earlier the experience for Project Manager would be more important than certification, it is very important they need to have experience in 3 of them
Let us go into the detail for the 3 types.
1) Windows-based application
-Most often, this kind of application is meant for internally use or used by a particular group of people. The performance of it can be closely monitored and control. Not much threat would be found or targeted as it is a closed system. The programmer would be more free to code or use of library files because it can speed up the development progress but not greatly affecting the stability of the application
2) Web-based application
-You can find this application available for our every now and then. You can easily access and it is very convenient to the user but it also coming with more threat as it is open to all public. Code exploit or DOS is quite common to be faced by web application nowadays, even we would have a more high-end machine, but it would not be the ideal solution as resources might run out one day. You will need to make sure that any code or library you use is ideal or safe to be used. We do see a lot of web application get hang or out of service once they user surge up suddenly. It is our task to make sure the code is optimize as you are now serving more users.
3) Cloud-based application
-It would be almost the same as web application but you need to make sure you resource utilization is optimum. Since it is still quite expensive in term of cloud services, we need to make sure we are running optimum code on it. If library used or code used might jeopardise the performance of the entire application, it is a must to drop it and run an alternative solution. To benefit from the cloud-based infrastructure as well, we need to make sure our code is less dependency or less setting to the operating system. As such, you will be able to get more instance to serve your cloud=based application once the load is increase.
As an conclusion, we just wish to highlight the differences between different application. If we are using the same method for all 3 different applications, it is most probably we would fail. We need to understand the limitation for each application and plan accordingly. That is the reason more and more trainings being organized for these 3 different kind of project management course.
March 16, 2013
On the normal circumstances, we should have no problem because CD/DVD normally bundled together when we purchase Microsoft license. But what if we have lost the CD after a couple of year and wish to reformat our PC. We are left with no other options as we could not be able to download its media online.
We understand that Microsoft might be offering the latest windows for download but it is only limited to MSDN user or corporate user. End user are often been ignored. How good if Microsoft can offer the media to be downloaded online with a valid product key. We are not promoting pirated windows installation but it is always a issue if we have accidentally lost the CD or the installation is having problem.
I think not only Microsoft, all the other software vendor should do the same. Even some products are outdated or obsolete, I think they should allow user to download it provided with a valid license. Some pc manufacturer also does provide such service, we can key in our model no or service tag in order to download our notebook/pc driver online.
March 16, 2013
At here, we are talking about the IT industry project management. A lot of certification or standard being introduced in Project Management for software development but we have a doubt on the feasibility of this standard or certification.
We do understand that all the standard it actually written by a group of experienced user. But would it be applicable to all the organization or promised success for them? Shall we be putting all our justification on standard or certification alone?
I do agree in some extend but not all.
From my personal point of view, I think an experience project manager should have gone through the whole software development process. He should be able to tell all the common problems or risks during the entire process. He should be get a basic picture of the entire software not only from the customer requirement, but also the development process and all sort of technical issue which might arise.
With this in mind, he should be able to monitor the entire progress of the software. Obviously, he should also have some in depth knowledge about the customer industry and their common practice. It will ensure that completed software shall be easily adapted into the organization rather than wasted.
On the other hand, if a project manager just a certified PM without practically going through the software development process, he should not be able to carry out his work successfully. He would be able to understand the entire process theoretically but a lot of risk or potential risk might not be able to handle. Even with some statistic or track records, I don’t think it help a lot but just giving some standard to follow only. Even if there is a delay, the project manager might not be able to cater if he/she without any technical know-how on the issue.
As such, I think an experience project manager is more important than a certified project manager. We understand a lot of failure if without a certified project manager but we never categorized if this project manager is capable enough. With an experience project manager, he should be able to track all the project, changes, requirements with its way to ensure the entire software development is successful.
March 8, 2013
After the Chinese New Year celebration and getting our yearly bonus, we tend to start looking for new and open opportunity. It is either we wish to change our working environment or learning something new to enhance our existing skill. So this is a very peak session where company want to get new staff or existing staff changing work.
To get new job, we will need to go through the Interview session. Some well-established company might need to go through a few round of selection before we could secure our job, but did we ever thought of learning something during the Interview session rather than just requesting for higher pay or better better. Indeed, we could learn quite a number of things during the interview session.
1) Learning or get to know their skills : Different company have different working style, we might not be aware of it. It is good that we could learn the something from other company in order to improve ourself. Sometimes we just need to get some basic idea in order for us to improve further. Even we are failed in the interview, at least we could or understand how people work differently.
2) Get more implementation or technical knowledge: Normally during interview, we will be bombard with lots of question, from general to technical. What if we could not answer some of the technical questions? It will be very shameful. But we need not bother about that. We could ask the interviewer for their answer or their common solutions, so in another way, we could learn from other experience. At least you gain something rather than nothing.
A lot of people writing about how to get prepare for interview but we are not. We just wish to highlight to the people that you have to gain something during Interview even without securing a job. I think gaining some extra knowledge is more important that just aiming for better pay or benefit. If we could keep on learning, one day we will reach the same destination.
March 7, 2013
This is not a tutorial of cracking or asking you to use Windows 8 illegally. This is my own personal experience and just want to share it out.
Windows 8 comes with its full pack or upgrade pack. I happen to buy its Windows 8 upgrade pack for my existing Windows 7 upgrade. It does contain a product key on the Windows 8 upgrade pack but unfortunately I found out that this key is not able to be activated online. I really doubt it initially why does this happen but I have better understanding after I need to format and install the OS a couple of times.
Windows 8 Upgrade pack: http://windows.microsoft.com/en-my/windows/buy
If you have an existing Windows like Windows 7, you can actually upgrade for free provided you have the Windows 8 Upgrade pack CD. You need not activate again after you have upgraded to Windows 8. I think this is a very big loop hole for microsoft to design its product in such. If I were a user having a windows before and do the Windows 8 upgrade, I can use it for free (but we do not encourage).
I think the main reason behind is that the activation steps have been disable for user who install Windows 8 via upgrade method. As we know, normally microsoft product does require us to activate our system using its key, but if you are using Windows 8 Upgrade pack, you only need to use the product key during installation process only.
If I have a OEM DVD from vendor like HP, DELL when I purchase the machine, I could simply install that. And after that, using some valid windows 8 key found online and install with Windows 8 upgrade pack CD, I could use the machine as if I have the original version of Windows.
This is my finding after all. Might not work for all but I personally experience that. Use it on your own risk.
March 6, 2013
If you are a new user for Linux but wish to secure your server without using any complicated command, you could try this way.
You could use the hosts.deny and hosts.allow. It normally located in your /etc/ folder. Please be caution when setting it because if you set it incorrectly, you might be trapped and cannot access to your server.
Using hosts.deny, you could protect all application or only a specific application. Let’s say, if you want to block all access to your SSH and enable only traffic from x.x.x.x.
You could just do the following:
1) hosts.deny (sshd: ALL)
2) hosts.allow (sshd: x.x.x.x)
For more reading, you could check out http://linux.about.com/od/commands/l/blcmdl5_hostsde.htm
Besides using this method, you could also use iptable in your Linux machine. But it will be much more complicated. Try it yourself then.
February 28, 2013
On the software engineer life, we might need to catch up with deadline and rushing for project. Most of the time, we wish to speed up our development and thus will procure some ready made third party software library. Did we ever though it might create some serious issues for the project?
Normally these are the reason for us to start using third party software library, is this true?
1) Reduce development. Delivered faster.
It is on one aspect, but it might not be another. We could complete our task faster but also we added a lot of unused code to our project. We could not prevent that in order to use the library for its features. We also can’t control or customized much as it comes as it is. At the end, the application loads slower and it affect the completely user experience.
2) Security issue.
Since it is a software library. It means to be encrypted or compiled. It only expose the required function to the developer. We have no way to find out what it did on the background. As such, if there is any insecure code written or any back-door, it would be a big issues. to the end user. We need to look into this thoroughly before start using any third party software library.
3) Update & support
Software and library is almost the same. It meant to comes with bugs or errors. It is very important to get a software library which also be updated as well as technical support whichever we requested. Technology is advancing day by day, it is the same for our software as well. If the software library is from a dedicated vendor and frequently updated, we can assure our solution is up to date as well. It is a tedious job if we are changing the software library from every now and then. It will just create more workload for our developer.
Obviously it is a needs for third party software library, but we also need to evaluate it properly before start using it. Besides it fits to our user requirements, we also need to check on the code vulnerability, approach and loop holes. Or else, it will not be able to stay for long or the security aspect of the software will be compromised.
February 27, 2013
We understand that security has been a very important issue nowadays. Web server is the most easiest way to invade your privacy. This is not due to hacking or etc. Sometimes it is a careless mistake or misconfiguration of the Administrator.
For an example, if you are hosting some file on your webserver, it is very important to disable the directory listing from the Apache or IIS server. Or else, once the search engine like Google crawled your page, it will be listed at there, it might be potentially used by unauthorized people. This is another reason for Data Harvestor to misuse it.
You can always disable it with
Options Indexes FollowSymLinks
Allow from all
I have just do some web surf today and I found out a lot of them have the same issues. If you do not protect it correctly, you should see the same Google Search Result on your page
We are not here to promote hacking but you can see some of the information is revealed to the public. This might not be aware by the administrator as well. As a result, it is always important for you to disable the “directory listing” from your web server.