For the classic Extreme Programming team, developers and their customer all work daily in the same room. But other methodologies are less stringent, and even XP teams sometimes need to find compromises when organizations exist across multiple campuses, or continents. Enter collaborative technologies - where they are allowed.
Many organizations are nervous about user-installed software, and publish rules banning unapproved installation. Some actually block non-sanctioned installation, and perhaps justifiably: Bit9, Inc., whose technology solves the problem of unwanted software on the desktop has compiled a list of the top applications with known security vulnerabilities, including applications frequently downloaded by individuals (and thus perhaps not sanctioned by the enterprise) and not classified as malicious. Each has at least one critical vulnerability, and relies on the end user, not the corporate IT department, to manually patch or upgrade to fix bugs.
Collaborative software commonly used by Agile teams, either with their customers or with distant team members, do appear on the list:
Number
View the full list on Bit9.com's site.
Hmmm. What's on your desktop?
Many organizations are nervous about user-installed software, and publish rules banning unapproved installation. Some actually block non-sanctioned installation, and perhaps justifiably: Bit9, Inc., whose technology solves the problem of unwanted software on the desktop has compiled a list of the top applications with known security vulnerabilities, including applications frequently downloaded by individuals (and thus perhaps not sanctioned by the enterprise) and not classified as malicious. Each has at least one critical vulnerability, and relies on the end user, not the corporate IT department, to manually patch or upgrade to fix bugs.
Collaborative software commonly used by Agile teams, either with their customers or with distant team members, do appear on the list:
Number
3. Skype 1.4
7. AOL Instant Messenger 5.5
8. Microsoft Windows/MSN Messenger 5.0
9. Yahoo Instant Messenger 6.0
15. ICQ 2003a
7. AOL Instant Messenger 5.5
8. Microsoft Windows/MSN Messenger 5.0
9. Yahoo Instant Messenger 6.0
15. ICQ 2003a
View the full list on Bit9.com's site.
Hmmm. What's on your desktop?
Community comments
... but most of them are already offering patches
by Alex Popescu,
Re: ... but most of them are already offering patches
by Deborah (Hartmann) Preuss,
Re: ... but most of them are already offering patches
by Noah Campbell,
... but most of them are already offering patches
by Alex Popescu,
Your message is awaiting moderation. Thank you for participating in the discussion.
I find this very interesting: most of the software included in the list are already providing patches/fixes for the reported vulnerabilities. And afaik, most of them are having quite a good release schedule, so there are great chances these problems are fixed very quickly.
./alex
--
.w( the_mindstorm )p.
Re: ... but most of them are already offering patches
by Deborah (Hartmann) Preuss,
Your message is awaiting moderation. Thank you for participating in the discussion.
I guess the issue for enterprises is: installing such patches (or new versions) is up to the employee, not a systematic or highly reliable method for protection of corporate assets.
Re: ... but most of them are already offering patches
by Noah Campbell,
Your message is awaiting moderation. Thank you for participating in the discussion.
That's why most corporations block IM protocols at the network level. Secure IM is possible, but not from the IM's listed above. Jive Wildfire (jivesoftware.org) supports secure communication between client and server.
-Noah