Hi,
I have written several pieces of software and would like to hear any
thoughts anyone has on what measures i should take to ensure(!) its
stability and security at the hands of the *users*. I have obviously
put error handling in :O) but have heard of loads of other things i
could do like obfuscation and assembly signing.
All comments welcomed and appreciated in advance, so ... thanks!
James Randle. 6 1179
James,
A few of the things that I've found useful in releasing software to end
users:
1. Go through every line and look at the exception list in the
framework docs for any methods you call. Understand when each is
thrown, and catch every (and only) exception that you can do something
with. Assume anything not caught will give the user a nasty error.
Catching SecurityExcepti on on a disk write is more important than
FileNotFoundExc eption: good users tend to know where their files are
more often then they know that they don't have write permissions to the
department share.
2. Any time anything goes wrong, do the following: show the user a
polite message asking them to change their input (like sales, the
customer is always right; your software made the error, not them), and
write extensive debugging information some place where they'll be able
to get it to you.
3. Document everything public. If you're releasing a library, use the
built-in XML documentation that plugs into Intellisense. If you're
releasing non-library software, document from turning on the computer
through all normal tasks as bulleted how-to guides. Include a glossary
and screen shots. Don't bother writing mission statements and such
because no one reads them. Searchable online troubleshooting guides
have always seemed to be the most useful for my users.
4. Write and work around test cases that includes inane things, like
people unplugging USB drives in the middle of saving and the disk
filling up. Someone will be missing installation files, configuration,
proper access to the thing you assume everyone has access to, etc.
5. Don't wait for people to save configuration and don't make them load
it. Give them options like starting where they left off.
I'm sure there's more but that'll take you a long way.
I'm not sure about the usefulness of obfuscation: it's been proven
extensively that there is almost no security in obfuscation. Those who
want to reverse engineer always find a way. I prefer to patent and be
ready to defend my claim. Also, know your rights as a copyright holder;
anything original you do is copyrighted by you whether you explicitly
claim it or not.
HTH!
Stephan
pigeonrandle wrote:
Hi,
I have written several pieces of software and would like to hear any
thoughts anyone has on what measures i should take to ensure(!) its
stability and security at the hands of the *users*. I have obviously
put error handling in :O) but have heard of loads of other things i
could do like obfuscation and assembly signing.
All comments welcomed and appreciated in advance, so ... thanks!
James Randle.
Stephan,
Thanks for your reply. I already have a big list of things i still need
to do, and it seems to be getting bigger and BIGGER!
Thanks again,
James.
ssamuel wrote:
James,
A few of the things that I've found useful in releasing software to end
users:
1. Go through every line and look at the exception list in the
framework docs for any methods you call. Understand when each is
thrown, and catch every (and only) exception that you can do something
with. Assume anything not caught will give the user a nasty error.
Catching SecurityExcepti on on a disk write is more important than
FileNotFoundExc eption: good users tend to know where their files are
more often then they know that they don't have write permissions to the
department share.
2. Any time anything goes wrong, do the following: show the user a
polite message asking them to change their input (like sales, the
customer is always right; your software made the error, not them), and
write extensive debugging information some place where they'll be able
to get it to you.
3. Document everything public. If you're releasing a library, use the
built-in XML documentation that plugs into Intellisense. If you're
releasing non-library software, document from turning on the computer
through all normal tasks as bulleted how-to guides. Include a glossary
and screen shots. Don't bother writing mission statements and such
because no one reads them. Searchable online troubleshooting guides
have always seemed to be the most useful for my users.
4. Write and work around test cases that includes inane things, like
people unplugging USB drives in the middle of saving and the disk
filling up. Someone will be missing installation files, configuration,
proper access to the thing you assume everyone has access to, etc.
5. Don't wait for people to save configuration and don't make them load
it. Give them options like starting where they left off.
I'm sure there's more but that'll take you a long way.
I'm not sure about the usefulness of obfuscation: it's been proven
extensively that there is almost no security in obfuscation. Those who
want to reverse engineer always find a way. I prefer to patent and be
ready to defend my claim. Also, know your rights as a copyright holder;
anything original you do is copyrighted by you whether you explicitly
claim it or not.
HTH!
Stephan
pigeonrandle wrote:
Hi,
I have written several pieces of software and would like to hear any
thoughts anyone has on what measures i should take to ensure(!) its
stability and security at the hands of the *users*. I have obviously
put error handling in :O) but have heard of loads of other things i
could do like obfuscation and assembly signing.
All comments welcomed and appreciated in advance, so ... thanks!
James Randle.
Hello pigeonrandle,
Testin, testing and testing one more time :)
Unit-, component-, system-, integration-, stress-, whitebox- testings, codecoverage.
But this doesnt help you on 100%, ask users go give u feedback and for example
present the free version of your app to the 20 most active users who have
found the bugs
pHi,
pI have written several pieces of software and would like to hear any
pthoughts anyone has on what measures i should take to ensure(!) its
pstability and security at the hands of the *users*. I have obviously
pput error handling in :O) but have heard of loads of other things i
pcould do like obfuscation and assembly signing.
pAll comments welcomed and appreciated in advance, so ... thanks!
pJames Randle.
p>
---
WBR,
Michael Nemtsev :: blog: http://spaces.live.com/laflour
"At times one remains faithful to a cause only because its opponents do not
cease to be insipid." (c) Friedrich Nietzsche
James,
Seems like that's always the case. Just remember that all-nighters
become 5% less productive per year of coder's age past age 23. :)
Stephan
pigeonrandle wrote:
Stephan,
Thanks for your reply. I already have a big list of things i still need
to do, and it seems to be getting bigger and BIGGER!
Thanks again,
James.
ssamuel wrote:
James,
A few of the things that I've found useful in releasing software to end
users:
1. Go through every line and look at the exception list in the
framework docs for any methods you call. Understand when each is
thrown, and catch every (and only) exception that you can do something
with. Assume anything not caught will give the user a nasty error.
Catching SecurityExcepti on on a disk write is more important than
FileNotFoundExc eption: good users tend to know where their files are
more often then they know that they don't have write permissions to the
department share.
2. Any time anything goes wrong, do the following: show the user a
polite message asking them to change their input (like sales, the
customer is always right; your software made the error, not them), and
write extensive debugging information some place where they'll be able
to get it to you.
3. Document everything public. If you're releasing a library, use the
built-in XML documentation that plugs into Intellisense. If you're
releasing non-library software, document from turning on the computer
through all normal tasks as bulleted how-to guides. Include a glossary
and screen shots. Don't bother writing mission statements and such
because no one reads them. Searchable online troubleshooting guides
have always seemed to be the most useful for my users.
4. Write and work around test cases that includes inane things, like
people unplugging USB drives in the middle of saving and the disk
filling up. Someone will be missing installation files, configuration,
proper access to the thing you assume everyone has access to, etc.
5. Don't wait for people to save configuration and don't make them load
it. Give them options like starting where they left off.
I'm sure there's more but that'll take you a long way.
I'm not sure about the usefulness of obfuscation: it's been proven
extensively that there is almost no security in obfuscation. Those who
want to reverse engineer always find a way. I prefer to patent and be
ready to defend my claim. Also, know your rights as a copyright holder;
anything original you do is copyrighted by you whether you explicitly
claim it or not.
HTH!
Stephan
pigeonrandle wrote:
Hi,
I have written several pieces of software and would like to hear any
thoughts anyone has on what measures i should take to ensure(!) its
stability and security at the hands of the *users*. I have obviously
put error handling in :O) but have heard of loads of other things i
could do like obfuscation and assembly signing.
>
All comments welcomed and appreciated in advance, so ... thanks!
James Randle.
"ssamuel" <ss*****@gmail. comwrote in message
news:11******** *************@e 64g2000cwd.goog legroups.com...
James,
Seems like that's always the case. Just remember that all-nighters
become 5% less productive per year of coder's age past age 23. :)
Also remember that 82.7% of all statistics are made up on the spot.
PS
>
Stephan
pigeonrandle wrote:
>Stephan, Thanks for your reply. I already have a big list of things i still need to do, and it seems to be getting bigger and BIGGER!
Thanks again, James.
ssamuel wrote:
James,
A few of the things that I've found useful in releasing software to end
users:
1. Go through every line and look at the exception list in the
framework docs for any methods you call. Understand when each is
thrown, and catch every (and only) exception that you can do something
with. Assume anything not caught will give the user a nasty error.
Catching SecurityExcepti on on a disk write is more important than
FileNotFoundExc eption: good users tend to know where their files are
more often then they know that they don't have write permissions to the
department share.
2. Any time anything goes wrong, do the following: show the user a
polite message asking them to change their input (like sales, the
customer is always right; your software made the error, not them), and
write extensive debugging information some place where they'll be able
to get it to you.
3. Document everything public. If you're releasing a library, use the
built-in XML documentation that plugs into Intellisense. If you're
releasing non-library software, document from turning on the computer
through all normal tasks as bulleted how-to guides. Include a glossary
and screen shots. Don't bother writing mission statements and such
because no one reads them. Searchable online troubleshooting guides
have always seemed to be the most useful for my users.
4. Write and work around test cases that includes inane things, like
people unplugging USB drives in the middle of saving and the disk
filling up. Someone will be missing installation files, configuration,
proper access to the thing you assume everyone has access to, etc.
5. Don't wait for people to save configuration and don't make them load
it. Give them options like starting where they left off.
I'm sure there's more but that'll take you a long way.
I'm not sure about the usefulness of obfuscation: it's been proven
extensively that there is almost no security in obfuscation. Those who
want to reverse engineer always find a way. I prefer to patent and be
ready to defend my claim. Also, know your rights as a copyright holder;
anything original you do is copyrighted by you whether you explicitly
claim it or not.
HTH!
Stephan
pigeonrandle wrote:
Hi,
I have written several pieces of software and would like to hear any
thoughts anyone has on what measures i should take to ensure(!) its
stability and security at the hands of the *users*. I have obviously
put error handling in :O) but have heard of loads of other things i
could do like obfuscation and assembly signing.
All comments welcomed and appreciated in advance, so ... thanks!
James Randle.
I'd heard it was closer to 85.7%.
And is that a compound percentage, or will i be brain dead at, errrr,
53?
Cheers for your replies,
James.
On Oct 30, 5:47 pm, "PS" <ecneserpeg...@ hotmail.comwrot e:
"ssamuel" <ssam...@gmail. comwrote in messagenews:11* *************** *****@e64g2000c wd.googlegroups .com...
James,
Seems like that's always the case. Just remember that all-nighters
become 5% less productive per year of coder's age past age 23. :)Also remember that 82.7% of all statistics are made up on the spot.
PS
Stephan
pigeonrandle wrote:
Stephan,
Thanks for your reply. I already have a big list of things i still need
to do, and it seems to be getting bigger and BIGGER!
Thanks again,
James.
ssamuel wrote:
James,
A few of the things that I've found useful in releasing software to end
users:
1. Go through every line and look at the exception list in the
framework docs for any methods you call. Understand when each is
thrown, and catch every (and only) exception that you can do something
with. Assume anything not caught will give the user a nasty error.
Catching SecurityExcepti on on a disk write is more important than
FileNotFoundExc eption: good users tend to know where their files are
more often then they know that they don't have write permissions to the
department share.
2. Any time anything goes wrong, do the following: show the user a
polite message asking them to change their input (like sales, the
customer is always right; your software made the error, not them), and
write extensive debugging information some place where they'll be able
to get it to you.
3. Document everything public. If you're releasing a library, use the
built-in XML documentation that plugs into Intellisense. If you're
releasing non-library software, document from turning on the computer
through all normal tasks as bulleted how-to guides. Include a glossary
and screen shots. Don't bother writing mission statements and such
because no one reads them. Searchable online troubleshooting guides
have always seemed to be the most useful for my users.
4. Write and work around test cases that includes inane things, like
people unplugging USB drives in the middle of saving and the disk
filling up. Someone will be missing installation files, configuration,
proper access to the thing you assume everyone has access to, etc.
5. Don't wait for people to save configuration and don't make them load
it. Give them options like starting where they left off.
I'm sure there's more but that'll take you a long way.
I'm not sure about the usefulness of obfuscation: it's been proven
extensively that there is almost no security in obfuscation. Those who
want to reverse engineer always find a way. I prefer to patent and be
ready to defend my claim. Also, know your rights as a copyright holder;
anything original you do is copyrighted by you whether you explicitly
claim it or not.
HTH!
Stephan
pigeonrandle wrote:
Hi,
I have written several pieces of software and would like to hear any
thoughts anyone has on what measures i should take to ensure(!) its
stability and security at the hands of the *users*. I have obviously
put error handling in :O) but have heard of loads of other things i
could do like obfuscation and assembly signing.
All comments welcomed and appreciated in advance, so ... thanks!
James Randle.- Hide quoted text -- Show quoted text -
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Roy Smith |
last post by:
I've got a C library with about 50 calls in it that I want to wrap in
Python. I know I could use some tool like SWIG, but that will give me a
too-literal translation; I want to make some modifications along the way
to make the interface more Pythonic.
For example, all of these functions return an error code (typically just
errno passed...
|
by: Alex Dribin |
last post by:
Hi,
Are there ready solutions for auto-wrapping lines in ostream?
I am using ostream for output and want this output to be wrapped at some
position. Of course I can monitor stream pointer position and insert
end-of-lines periodically. Something better than that?
Alex
|
by: yawnmoth |
last post by:
word wrapping normally treats some spaces as line feeds, if there
hasn't been a line feed for quite a while. so while a string with
eighty consecutive a's might not word wrap, a space placed squarely in
the middle of that string will sorta word wrap. so why doesn't it
seem to work with !'s? here's a page that demonstrates how !'s don't...
|
by: mercurius_1 |
last post by:
I am having a problem with content being wrapped down the page in
Internet Explorer. This is the page in question, which I have
validated:
www.lynngoldstein.com
When the browser window is reduced in size to a more narrow dimension,
Internet Explorer forces the picture down the page, which is not at all
desirable. This same behavior does...
|
by: nimdez |
last post by:
Hi,
I am working on an existing code base in which a lot of data displayed
to the user is formatted in tables. Most tables are printed row-by-row
using printf() with "%s" print conversion specification for
each column (e.g. printf(%10s %25s %15s\n", pszCol1, pszCol2,
pszCol3)). My problem is that when a string is longer the column's
width,...
| |
by: dam_fool_2003 |
last post by:
My understanding about wrapping is that we add utilities to a lib
function for our specific use. So days ago in the c.l.c I saw a
function def as:
void *
xmalloc (size_t size)
{
register void *value = malloc (size);
if (value == 0)
error ("virtual memory exhausted");
|
by: Xah Lee |
last post by:
The Harm of hard-wrapping Lines
20050222
Computing Folks of the industry:
please spread the debunking of the truncating line business of the
fucking unix-loving fuckheads, as outlines here:
http://xahlee.org/UnixResource_dir/writ/truncate_line.html
|
by: Nathan |
last post by:
I am trying to prevent a horizontal list from wrapping. Each list item
is floated with "float: left".
Currently I use an ugly hack. I set the width of the list to a large
number which is guananteed greater than the total width of all items.
Is there a way to accomplish this without my hack? It would be handy
because I would like to read...
|
by: bp_jobemail |
last post by:
I'm trying to use PHP to wrap the output of an HTML form before it goes
into a precompiled C cgi script.
Essentially, the company that I work for uses a purchased precompiled c
program for their shopping cart. This C program stores order
information, and when an order is processed and approved, records the
transaction and sends a template...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...
| |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in...
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...
| |