The New Journey of The Software Professional

Having spent 16 years in software engineering I ventured into software support in 2003 (with 8th year started at the time of this writing). Now it is time for the next gradual shift into software security (the domain I previously had exposure to but not as a primary focus):

The title of this post is borrowed from the book I read from cover to cover long time ago and recently put on my desk again:

Journey of the Software Professional: The Sociology of Software Development

- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -

4 Responses to “The New Journey of The Software Professional”

  1. Knyghte Says:

    Congratulations, Dmitry! I wish you the best on this new voyage; please stay with your positive and cool attitude, the IT security environment is highly competitive, in part it’s a meritocracy, there’s a frequent bad attitude towards the software development and highly inflated egos. It has its very good aspects, but I see what I’ve described everyday.

    Don’t you let people change you!

    Cheers!

  2. jduck Says:

    Nice. If you have any questions I’m willing to help you :-)

  3. Jamie Faye Fenton Says:

    Software Support => Software Security

    It is a logical progression of sorts. A really well implemented operating system should make support issues much less rampant, as well as making security issues much less problematic.

    A security hole is taking advantage of a bug — if bugs can’t have unexpected consequences (like handing something root access, or creating an opprotunity to tell a lie), then the system is fundamentally more secure.

    One gentleman with an extraordinary insight into security issues is Mark M. Miller, currently of Google. I have learned more from him than anybody else. One of his sayings that I cherish is:
    “Never prohibit what you can’t prevent”. MarkM was and is a real fan of the “capability security model”, which I strongly recommend you learn about (if you don’t already know about it).

    My other guru-level saint in this field is Bruce Schneier , who has a different take than MarkM does - which is to make sure you focus on the real threats rather than the theoretical ones, and that you don’t panic.

    So will you be shifting more into forensics now?

    – Jamie F.

  4. Dmitry Vostokov Says:

    Thank you all for encouraging comments! ;-)
    Dmitry

Leave a Reply

You must be logged in to post a comment.