The story of economic sanctions as told by PMI

Manufacturing PMI August 2014

While the world is watching the civil war in Ukraine the European economics is sliding into oblivion. The Manufacturing PMI tells a story that should scare the hell out of the politicians of EU – so bad the business dynamics in manufacturing looks.

In August, out of 26 countries, only 9 reported improvement in the index, 15 recorded a slowdown in the two countries has not changed. In fairness it should be noted that 21 countries report PMI is still above the level of 50 points, and below only 5. But it is not so important, because the dynamics is still downward. There are those who are moving in the right direction: in Greece and Turkey business activity index in August was able to finally overcome the mark of 50 points. The rest of Europe presents a serious reason for concern, whether peripheral or central: everywhere there are signs of a serious recession.

United States, on the other hand, sports …
Read the full article ->

Externalities are crucial for the software industry

balance-200x150

Externalities exist in any business. We are very familiar by now with the externalities of the manufacturing industries – air and water pollution, noise pollution, depletion of resources etc. But what about the software industry? How bad is the industry’s addiction to the externalities?

In economics, an externality is a cost or benefit which affects a party who did not choose to incur that cost or benefit.[1]

For example, manufacturing activities which cause air pollution impose health and clean-up costs on the whole society, while the neighbors of an individual who chooses to fire-proof his home may benefit from a reduced risk of a fire spreading to their own houses. If external costs exist, such as pollution, the producer may choose to produce more of the product than would be produced if he were required to pay all associated environmental costs. If there are external benefits, such as in public safety, less of the good may


Read the full article ->

Microsoft strategy success: Nokia no more

R.I.P. Nokia

Now it should be painfully obvious to everyone that the long-term strategic plan of Microsoft to bring down and absorb Nokia worked. Many years of hard work by high-profile managers and large investments are finally set to bring home profit for Microsoft.

Now that Nokia is bought by Microsoft, Microsoft can finally make the mobile devices that are, well, mobile devices. They will have the technology, the market, and the people. Unfortunately, they still have to make it all work. They still may run this very successful business of Nokia into the ground. And there is a high chance they will.

There was a time when I was wondering if it was just a Microsoft venture, or a joint venture by Microsoft and Samsung. Actually, no, I would not go as far as to say it is all clear now. We will see how things pan out.

The hole in the market remains though and the market share of …
Read the full article ->

Insourcing – a new fashion trend

Outsourcing-vs-Insourcing

There is a new trend, a new fashion in the high-tech industry. They already coined the most natural term for it and it is called “insourcing”. A recent article was called “Insourcing QA to gain more control over the resources”. Yes, indeed, so outsourcing has outlived its hype by far and we need a new something for the managers to get bonuses about.

Not surprisingly, the new trend is a direct reversal of the previous trend. So, there is nothing new there really. In a decade or so we will be high on outsourcing again, so the Indians and others should just hang in there for a while and we’ll be back.

Reality is that neither outsourcing nor insourcing are the ultimate answer to anything. No magic bullet is going to cure an ineffectively managed business. The best one can do is ignore these fashions completely. Unless you are a consultant of outsourcing, of course, because now you will be …
Read the full article ->

Negotiations and Expectations

business people at boring meeting

Some negotiations are like sailing in and out. Others – not quite. Why do so many negotiations fail and other, while successful, still present a thorny winding road to the participants? Why should people suffer through negotiations instead of just talking?

While there may be many reasons for not actually getting what you wanted in the first place in the negotiations and feeling frustrated about the results, should we actually make our lives harder than needed? What is the reason that many people think negotiations are a hard job? Why do they get drained out in a course of a short two hour business meeting that happens to be labeled “negotiation”?

I have a theory. It all has to do with expectations. Should you come to the meeting without particular expectations, you would be fairly objective and could actually follow the logic of the arguments on both sides, see compromises, do your job. But what happens when you come to …
Read the full article ->

Strategic direction: security ebb

fuggedaboutit-375x360

Something quite prominent happened in the security field over the last week. It is a strategic move so I am going to talk about it here rather than on Holy Hash! although it would be interesting to the security folks too.

So, what happened, you ask? Ah, nothing so spectacular that TV shows would interrupt their evening program for but so momentous that I wish they would. It all started with the little exercise at RSA Conference where a couple of so-called “security leaders” declared that security is the territory of really large companies and anyone smaller should just forget about it. I already wrote my opinion about the basic idea of ignoring risks in an area where an incident, according to Coverity, runs on average to 7 million dollars but can easily be a couple of orders of magnitude more.

It would all go away into the history unnoticed if it was not for Bruce Schneier who …
Read the full article ->

Mitigating risks … is a waste of money?

X-risk_chart

There was an interesting talk at one of the panels at the RSA Conference, where SilverSky and Adobe claimed that investing in security is a waste of money. Their message is simple and compelling:

“For most companies it’s going to be far cheaper and serve their customers a lot better if they don’t do anything [about security bugs] until something happens. You’re better off waiting for the market to pressure on you to do it.”

Although they say that this was all in pretense, we all know it was not, companies large and small try to avoid fixing problems as long as they can, waiting for customers to complain loud before ever doing anything. Basically, this is a risk that companies rate as unimportant because of its low perceived rate of occurrence.

The problem with this kind of risks that they cannot be properly rated. The probability of these risks is hard to rate because the data is …
Read the full article ->

Everything is a hammer…

nokia-7

It looks like for Stephen Elop, the Microsoft  manager in charge of Nokia, everything looks like a Windows computer. What is all this nonsense about Nokia delivering cheap smartphones in developing countries? That market is already taken, first by LG and Samsung and then a couple times over by Chinese manufacturers. He ran the most successful mobile company in the world into the ground and he should be proud of that achievement. I am sure he is. Can you imagine what it takes, what kind of dedication, to actually take the market leader and run it into the ground, destroy everything very quickly and systematically? It is a mind-boggling achievement. We will be watching Stephen for his next career move to see what company will be brought to its knees next.


Read the full article ->

Software Security Philosophy

fs-gang

What is “security”? Well, not in broad sense, that is, but in software security? What does it mean: to develop secure software? What do we understand to fall into the realm of software security?

I tell you what I mean when I say “software security”. For me, the software security means to bring the intent of the original designer to the customer.

This is very simple. The designer had some idea in mind when designing the software. He had some intention for the software to function in a particular way. That mental picture is translated into design, brought over into development, translated into source code, translated into binary, delivered, installed and configured at the csutomer’s site. And our task is to ensure that what operates now at the customer’s site reflects exactly what developer had in mind. If it does not – we have a breach of security.

I know that this is a very broad definition and it …
Read the full article ->

State of security – still miserable

iot-construction-c13-3

Even after all these years the software industry seems to be ever in a state where we believe that if vulnerability exists but is unknown to the public it cannot be exploited, so our software is “practically secure.” In theory this is true, but the problem is that once someone finds the vulnerability, the finder may just exploit the vulnerability instead of reporting it or helping to fix it. Having “hidden” vulnerabilities doesn’t really make the vulnerabilities go away; it simply means that the vulnerabilities are a time bomb, with no way to know when they will be exploited.

Security is a fascinating subject even for uninitiated not to mention Bruce (who makes money with it no slower than the US Treasury printing presses) that may be looked at from different perspectives and talked about in several management dialects, including McKenzie (I do not speak it but I can understand it in a round-about sort of ways). Talking about security …
Read the full article ->