SDT281 cover_Layout 1 8/27/12 9:47 AM Page 1 A BZMediaPublication A gile IN ALM The 2SIDE: S01 o 2 u r c e b o o k Mobile Backend-as-a-Service for device apps is here Software-based storage gives developers flexibility SEPTEMBER 2012(cid:129)ISSUE NO.281(cid:129)$9.95(cid:129)www.sdtimes.com ssis_sdt_jul12_8x10.875.ai 1 7/19/2012 9:57:14 AM SDT281 Full Page Ads 2-36_Layout 1 8/24/12 9:28 AM Page 2 Data Cleansing Tools for SQL Server Contact Verification Component Parse, validate, correct and geocode addresses, phone numbers, email addresses, and full names. SmartMover Component A(cid:2)ention Microso(cid:3) SQL Server MVPs – Add movers’ new addresses using USPS Call or email us at [email protected] and Canada Post Change of Address Data. to become a Melissa Data Valued Partner – Matchup Component a MDVP for SSIS! Identify duplicate or similar records for merge/purge efforts. • Free “non-commercial” license • Referral program for recurring revenue • Unlimited technical support SCAN TO WATCH A SHORT VIDEO For a Free Trial, Go to MelissaData.com/sdt Call 1-800-MELISSA (635-4772) SDT281 Full Page Ads 2-36_Layout 1 8/24/12 9:30 AM Page 3 LogiGear Adv3_Layout 1 8/23/12 9:39 AM Page 1 Speed and Collaboration The winning combination for large-scale test automation The modern module-based keyword test authoring platform that enables large Go to market with confidence teams to create, maintain, and execute enterprise-scale test automation with groundbreaking speed. Exponentially increase automation. Create one test for multiple platforms/versions. Supports: Microsoft®Windows (up to Windows 8), Find out more and Linux (Red Hat, Cent OS), Android™(2.x, 3.x, 4.x); Native Windows, Microsoft .NET WinForm, WPF, download a FREE trial Microsoft Silverlight, Java™Swing, Java RCP, Java OSGI, at www.testarchitect.com Flash/Flex, QT, Android SDK, Android WebView or call +1 800 322 0333 Test sophisticated functionality. Easily test complex custom controls, 3D graphics and objects. Accelerate test creation and maintenance. Action-based Test Language creates stable, reusable tests without coding or fragile recording. Scale with ease. Spreadsheet style UI and dynamic action keywords make teams more productive. Modern keyword test automation for Coded UI SDT281 page 5_Layout 1 8/24/12 4:14 PM Page 5 Contents ISSUE 281 • SEPTEMBER 2012 FROM THE EDITORS SPECIAL REPORT 10 Letters Keeping software delivery on track 12 C++ moves front and center 12 Living, breathing agile NEWS 14 Nokia dumps remaining Qt assets 17 Storage software expands dev options 20 Agile2012: Scaling, strategy 22 Planning software on display at Agile2012 24 Mobile Backend-as-a-Service arrives to support device apps page 37 26 Outsourcing narrows focus to task level FEATURES 30 Cybercrime: How to protect against it 34 Syncfusion adds Windows Azure support C++ update: Building blocks for the future COLUMNS 73 CODE WATCHby Larry O’Brien page 47 Opening inspirations 75 ANALYST VIEWby Diego Lo Giudice Before going agile, embrace change 77 GUEST VIEWby Simon Hopkins Shoot the programmer 78 INDUSTRY WATCHby David Rubinstein Need for speed? Take a look at DTO Coming soon: iOS 6, Jelly Bean and Windows Phone 8 page 67 page 53 Software Development Times (ISSN 1528-1965) is published 12 times per year by BZ Media LLC, 7 High St., Ste. 407, Huntington, NY 11743. Periodicals postage paid at Hunting ton, NY, and additional offices. SD Times is a registered trademark of BZ Media LLC. All contents © 2012 BZ Media LLC. All rights reserved. The price of a one-year subscription is US$179 for subscribers in the U.S., $189 in Canada, $229 elsewhere. POSTMASTER: Send address changes to SD Times, PO Box 2169, Skokie, IL 60076. SD Times subscriber services may be reached at [email protected] or by calling +1-847-763-9692. Get the best real-world Android developer training anywhere! AnDevCon™is a trademark of BZ Media LLC. Android™is a trademark of Google Inc. Google’s Android Robot is used under terms of the Creative Commons 3.0 Attribution License. A BZMediaEvent Attend December 4-7, 2012 San Francisco Bay Area n Learn from the top Android experts, including speakers straight from ! Choose from more n Attend sessions that cover app development, deployment, design, than 80 classes management, and more and workshops! n Network and connect with hundreds of experienced developers and engineers like yourself Download the full course n From Jelly Bean to Project Butter, catalog, chock-full AnDevCon IV has all the latest info! of class descriptions and speaker bios at Register by Sept. 21 www.AnDevCon.com! and SAVE $500! Follow us: twitter.com/AnDevCon The largest, most info-packed Android developer conference in the world! AnDevCon™is a trademark of BZ Media LLC. Android™is a trademark of Google Inc. Google’s Android Robot is used under terms of the Creative Commons 3.0 Attribution License. A BZMediaEvent Attend December 4-7, 2012 San Francisco Bay Area Choose from more than 80classes and workshops! Attend the “It is a great opportunity to learn a lot, and meet some of General Session: the smartest and brightest Android developers.” —Krishna Santhanam, R&D Engineer, Yaana Technologies What’s New “AnDevCon is a fantastic conference! There is no better in Android? place to experience the latest and greatest technologies and techniques in the field of Android development. If you with Romain Guy attend one conference this year, this one should be it!” and Chet Haase —Jay Dellinger, Senior Software Engineer, Manheim “AnDevCon is four jam-packed days with pure PLATINUM SPONSORS GOLD SPONSORS Android awesomeness. Do not miss it!” —Manfred Moser, Founder and Owner, simpligility technologies Register online at www.AnDevCon.com by Sept. 21 and SAVE $500! SILVER SPONSOR SDT281 page 8_Layout 1 8/24/12 10:13 AM Page 8 ® Instantly Search EDITORIAL EDITOR-IN-CHIEF David Rubinstein Terabytes of Text +1-631-421-4158 x105 • [email protected] SENIOR EDITOR Alex Handy• [email protected] • 25+ fielded and full-text search types ASSOCIATE EDITOR Suzanne Kattau• [email protected] • dtSearch’s own document COPY EDITOR Adam LoBelia• [email protected] filters support “Office,” PDF, SENIOR ART DIRECTOR Mara Leonardi HTML, XML, ZIP, emails (with COLUMNIST Larry O’Brien nested attachments), and many other file types CONTRIBUTING WRITERS Chris Barylick, Alyson Behr, Jennifer deJong Lent, Patrick Hynds, Lisa L. Morgan,Dave Smith, • Supports databases as well as Alexandra Weber Morales static and dynamic websites CONTRIBUTING ANALYSTS Rob Enderle, Mike Gilpin, Mike Gualtieri, • Highlights hits in all of the above Jeffrey Hammond, Al Hilwa . • APIs for NET, Java, C++, SQL, etc. EDITORIAL DIRECTOR Alan Zeichick +1-650-359-4763 • [email protected] • 64-bit and 32-bit; Win and Linux CUSTOMER SERVICE SUBSCRIPTIONS +1-847-763-9692 • [email protected] "lightning fast" ADVERTISING TRAFFIC Sabrina Adler Redmond Magazine +1-631-421-4158 x125 • [email protected] LIST SERVICES Josette Strianese "covers all data sources" +1-631-421-4158 x112 • [email protected] eWeek REPRINTS Stacy Burris +1-631-421-4158 x108 • [email protected] ACCOUNTING Viena Ludewig "results in less than a +1-631-421-4158 x110 • [email protected] second" InfoWorld OTHER QUESTIONS +1-631-421-4158 x112 • [email protected] hundreds more ADVERTISING SALES reviews and developer PUBLISHER David Lyman case studies at +1-978-465-2351 • [email protected] www.dtsearch.com WASHINGTON, MIDWEST, David Lyman MID-ATLANTIC, EUROPE +1-978-465-2351 • [email protected] WESTERN U.S. Paula F. Miller WESTERN CANADA, ASIA +1-925-831-3803 • [email protected] dtSearch products: NORTHEAST U.S. Jonathan Sawyer Desktop with Spider SOUTHEAST U.S. +1-603-924-4489 • [email protected] Network with Spider EASTERN CANADA Publish (portable media) PUBLISHING DIRECTOR Ted Bahr Web with Spider +1-631-421-4158 x101 • [email protected] . Engine for Win & NET Engine for Linux Document filters also available PRESIDENT Ted Bahr for separate licensing EXECUTIVE VICE PRESIDENT Alan Zeichick BZ MEDIA LLC Ask about fully-functional evaluations 7 High Street, Suite 407 The Smart Choice for Text Retrieval® since 1991 Huntington, NY 11743 TEL +1-631-421-4158 1-800-IT-FINDS FAX +1-631-421-4130 www.dtSearch.com www.bzmedia.com [email protected] SDT281 Full Page Ads 2-36_Layout 1 8/24/12 9:31 AM Page 9 (cid:58)(cid:96)(cid:90)(cid:91)(cid:76)(cid:84)(cid:90)(cid:3)(cid:80)(cid:85)(cid:3)(cid:45)(cid:86)(cid:74)(cid:92)(cid:90) (cid:40)(cid:94)(cid:72)(cid:89)(cid:75)(cid:3)(cid:94)(cid:80)(cid:85)(cid:85)(cid:80)(cid:85)(cid:78)(cid:3)(cid:84)(cid:86)(cid:75)(cid:76)(cid:83)(cid:80)(cid:85)(cid:78)(cid:3)(cid:13)(cid:3)(cid:75)(cid:76)(cid:90)(cid:80)(cid:78)(cid:85)(cid:3)(cid:91)(cid:86)(cid:86)(cid:83)(cid:90)(cid:3)(cid:77)(cid:86)(cid:89)(cid:3)(cid:58)(cid:86)(cid:77)(cid:91)(cid:94)(cid:72)(cid:89)(cid:76)(cid:19)(cid:3)(cid:41)(cid:92)(cid:90)(cid:80)(cid:85)(cid:76)(cid:90)(cid:90)(cid:3)(cid:13)(cid:3)(cid:58)(cid:96)(cid:90)(cid:91)(cid:76)(cid:84)(cid:90) (cid:49)(cid:83)(cid:72)(cid:73)(cid:80)(cid:3)(cid:40)(cid:86)(cid:77)(cid:90)(cid:73)(cid:82)(cid:3)(cid:40)(cid:73)(cid:90)(cid:73)(cid:80)(cid:83)(cid:84)(cid:81)(cid:73)(cid:82)(cid:88) (cid:3)(cid:3) (cid:42)(cid:86)(cid:83)(cid:83)(cid:72)(cid:73)(cid:86)(cid:89)(cid:72)(cid:91)(cid:80)(cid:93)(cid:76)(cid:3)(cid:84)(cid:86)(cid:75)(cid:76)(cid:83)(cid:80)(cid:85)(cid:78)(cid:3)(cid:13)(cid:3)(cid:75)(cid:76)(cid:90)(cid:80)(cid:78)(cid:85)(cid:3)(cid:76)(cid:85)(cid:93)(cid:80)(cid:89)(cid:86)(cid:85)(cid:84)(cid:76)(cid:85)(cid:91)(cid:3) (cid:40)(cid:85)(cid:72)(cid:83)(cid:96)(cid:97)(cid:76)(cid:19)(cid:3)(cid:75)(cid:76)(cid:90)(cid:80)(cid:78)(cid:85)(cid:3)(cid:13)(cid:3)(cid:73)(cid:92)(cid:80)(cid:83)(cid:75)(cid:3)(cid:94)(cid:80)(cid:91)(cid:79)(cid:3)(cid:76)(cid:95)(cid:74)(cid:76)(cid:87)(cid:91)(cid:80)(cid:86)(cid:85)(cid:72)(cid:83)(cid:3)(cid:88)(cid:92)(cid:72)(cid:83)(cid:80)(cid:91)(cid:96)(cid:3)(cid:13)(cid:3)(cid:76)(cid:77)(cid:196)(cid:74)(cid:80)(cid:76)(cid:85)(cid:74)(cid:96) (cid:60)(cid:52)(cid:51)®(cid:3)(cid:73)(cid:72)(cid:90)(cid:76)(cid:75)(cid:3)(cid:74)(cid:86)(cid:89)(cid:76)(cid:19)(cid:3)(cid:87)(cid:83)(cid:92)(cid:90)(cid:3)(cid:84)(cid:72)(cid:85)(cid:96)(cid:3)(cid:90)(cid:91)(cid:72)(cid:85)(cid:75)(cid:72)(cid:89)(cid:75)(cid:90)(cid:3)(cid:73)(cid:72)(cid:90)(cid:76)(cid:75)(cid:3)(cid:76)(cid:95)(cid:91)(cid:76)(cid:85)(cid:90)(cid:80)(cid:86)(cid:85)(cid:90) (cid:41)(cid:55)(cid:52)(cid:53)™(cid:19)(cid:3)(cid:58)(cid:96)(cid:90)(cid:52)(cid:51)(cid:19)(cid:3)(cid:58)(cid:86)(cid:72)(cid:52)(cid:51)™(cid:19)(cid:3)(cid:41)(cid:55)(cid:44)(cid:51)™(cid:3)(cid:13)(cid:3)(cid:84)(cid:72)(cid:85)(cid:96)(cid:3)(cid:86)(cid:91)(cid:79)(cid:76)(cid:89)(cid:90) Sparx Systems (cid:58)(cid:80)(cid:84)(cid:92)(cid:83)(cid:72)(cid:91)(cid:80)(cid:86)(cid:85)(cid:19)(cid:3)(cid:74)(cid:86)(cid:75)(cid:80)(cid:85)(cid:78)(cid:19)(cid:3)(cid:75)(cid:76)(cid:73)(cid:92)(cid:78)(cid:78)(cid:80)(cid:85)(cid:78)(cid:3)(cid:13)(cid:3)(cid:93)(cid:80)(cid:90)(cid:92)(cid:72)(cid:83)(cid:80)(cid:97)(cid:72)(cid:91)(cid:80)(cid:86)(cid:85)(cid:3)(cid:91)(cid:86)(cid:86)(cid:83)(cid:90)(cid:3) (cid:55)(cid:76)(cid:89)(cid:77)(cid:86)(cid:89)(cid:84)(cid:72)(cid:85)(cid:74)(cid:76)(cid:19)(cid:3)(cid:87)(cid:89)(cid:80)(cid:74)(cid:76)(cid:3)(cid:13)(cid:3)(cid:87)(cid:89)(cid:76)(cid:74)(cid:80)(cid:90)(cid:80)(cid:86)(cid:85) www.sparxsystems.com (cid:45)(cid:92)(cid:83)(cid:83)(cid:3)(cid:83)(cid:80)(cid:77)(cid:76)(cid:74)(cid:96)(cid:74)(cid:83)(cid:76)(cid:3)(cid:90)(cid:92)(cid:87)(cid:87)(cid:86)(cid:89)(cid:91)(cid:3)(cid:94)(cid:80)(cid:91)(cid:79)(cid:3)(cid:76)(cid:85)(cid:75)(cid:20)(cid:91)(cid:86)(cid:20)(cid:76)(cid:85)(cid:75)(cid:3)(cid:91)(cid:89)(cid:72)(cid:74)(cid:76)(cid:72)(cid:73)(cid:80)(cid:83)(cid:80)(cid:91)(cid:96) Join the community www.community.sparxsystems.com (cid:60)(cid:52)(cid:51)(cid:3)(cid:99)(cid:3)(cid:41)(cid:55)(cid:52)(cid:53)(cid:3)(cid:99)(cid:3)(cid:43)(cid:43)(cid:58)™(cid:3)(cid:99)(cid:3)(cid:41)(cid:55)(cid:44)(cid:51)(cid:3)(cid:99)(cid:3)(cid:58)(cid:96)(cid:90)(cid:52)(cid:51)(cid:3)(cid:99)(cid:3)(cid:59)(cid:54)(cid:46)(cid:40)(cid:45)®(cid:3)(cid:99)(cid:3)(cid:42)(cid:18)(cid:18)(cid:3)(cid:99)(cid:3)(cid:21)(cid:53)(cid:44)(cid:59)(cid:3)(cid:99)(cid:3)(cid:49)(cid:72)(cid:93)(cid:72)™(cid:3)(cid:99)(cid:3)(cid:40)(cid:58)(cid:55)(cid:3)(cid:99)(cid:3)(cid:55)(cid:47)(cid:55)(cid:3)(cid:99)(cid:3)(cid:43)(cid:76)(cid:83)(cid:87)(cid:79)(cid:80)(cid:3)(cid:99)(cid:3)(cid:58)(cid:86)(cid:72)(cid:52)(cid:51)™(cid:3)(cid:99)(cid:3)(cid:40)(cid:89)(cid:74)(cid:46)(cid:48)(cid:58)™(cid:3)(cid:99)(cid:3)(cid:58)(cid:54)(cid:52)(cid:45)™(cid:3)(cid:99)(cid:3)(cid:63)(cid:52)(cid:51)™(cid:3)(cid:99)(cid:3)(cid:63)(cid:58)(cid:43)(cid:3)(cid:99)(cid:3)(cid:63)(cid:52)(cid:48)®(cid:3)(cid:99)(cid:3)(cid:62)(cid:58)(cid:43)(cid:51)(cid:3)(cid:99)(cid:3)(cid:17)(cid:52)(cid:86)(cid:89)(cid:76) SDT281 page 10_Layout 1 8/24/12 3:26 PM Page 10 OPINION 10 SD Times September 2012 www.sdtimes.com FFEEEEDDBBAACCKK An assertion not else discovers that one machine in a tunity. Especially since 2001, we have network has served as a platform for as a society created—with no broad well designed network discovery, surveillance and agreement—a surveillance state that control, leaving an agent on each regards effective network defense as a I read, with some interest, Lisa’s article machine or just returning to each threat. So self-defense for many of us (“Development and design converge... machine as needed. Sometimes attack- may do more harm than good. but not completely,” July 2012, p. 38). ers come and go, leaving no trace, but In all cases, those looking to pwn As a software engineer with over 40 generally they stay on once the breach your box prefer that you do not detect years of “software design” experience, I is exploited. In fact, sometimes multi- their presence. Generally the attackers find it disconcerting the “graphical UI ple attackers occupy a machine, and succeed in not being found. Finding designer” community seems to be they may get into disagreements. their presence is not a simple thing, and coopting the phrase “design” (at least as I had such a situation, with malicious smug confidence that your system is Lisa seems to use it) as if they were common criminals exploiting in one clean impedes discovery. Once somehow specially deserving of the case a standard US backdoor, and in entrenched, the toolkits prove difficult unadjectivized term “design.” They another the old Sony rootkit. They jos- to remove, even if you change equip- deserve their role, but the tone of the tled one another, and when I blocked ment. To hear experienced administra- whole article (e.g., “Developer involve- network traffic completely, I found the tors talking about wiping disks and rein- ment in Design” means “User interface U.S. government on my systems, having stalling systems as curative for these design”) implicitly offends me. UIs are forced its way in upon finding the front issues really saddens me. We have a lot important but not everything, and UI door locked, leaving the network vulner- of willful ignorance of the computer- design is not first among equals. Every able to anyone looking for adventure. security crisis. Unfortunately as well, engineer designs, in his discipline. Now the FBI, DHS, etc. want Congress the industry has willingly undermined Ira D. Baxter to legalize retroactively the horse poo network and machine and software safe- Semantic Designs these and other relevant agencies have ty with backdoors, among other ways. been doing for the last decade. None of us cannot afford compla- The illusion of With the U.S. government heavily cency on this, and we put more than security involved in hacking its citizenry, and our networks at risk where we descend with other parties (local law enforce- into complicity. Please allow me to amend the claim ment, media companies, computer Robert Callahan that “Sometimes we don’t even know manufacturers and vendors, industry United States that a successful attack occurred” lobbying groups, Web vigilantes, and, (“Zeichick’s Take: Preying on the weak- What do you think? yes, software developers, among oth- nesses,” sdt.bz/36877). The standard Letters to SD Times should include the ers) who feel they have “rights” regard- writer’s name, company affiliation and case for some years now has been that ing computing equipment they do not contact information. Letters become the we do not know when attacks have suc- own, some of the evil originates with property of BZ Media and may be edited. ceeded. We find out later, or someone misguided abusers of power or oppor- Send to [email protected]. ON THE WEB www.sdtimes.com >Of Jetsonian technologies >Hacker Hostels are the future of coding and the race to NFC It’s tough living and working in San Francisco as a program- Chris Barylick recently wrote about near mer, but some have come up with an ad hoc solution: “You field communication: “The idea of near may have heard a proposed solution to this problem being field communication seems like a pipe tossed around: The idea of ‘Hacker Hostels.’ It’s an idea that dream that’s about to come true in certainly has merit, but due to the people proposing it also upcoming editions of iOS, Android and being the ones without homes or the means to purchase Windows Phone, and can only get better homes, the idea has yet to take off.” Alex Handy seems to with time.” And already there are examples of this technolo- think this idea is better than it looks: “Coders need to be gy in use (Chris supplies a few). It may be early, but does this wired in. Broken concentration means broken code.” Are technology have staying power? You can read for yourself at conclaves of coders a good idea? You can read more at www.sdtimes.com/blog/2069. www.sdtimes.com/blog/2068.