Get Visual Studio Express FREE

Post ImageThe official launch date for Visual Studio 2005 and SQL Server 2005 was yesterday – I’ve been waiting a long time! Congrats to the teams for getting everything shipped. And there’s good news for novice, hobbyist and student programmers too – you can get the Express tools for free:

We originally announced pricing of Visual Studio Express at US$49. We are now offering Visual Studio Express for free, as a limited-in-time promotional offer, until November 6, 2006. Note that we are also offering SQL Server 2005 Express Edition as a free download, and that this offer is not limited to the same promotional pricing period as Visual Studio Express.

If you’ve ever wanted to start playing around with .NET or ASP.NET or anything else that Visual Studio can help you do, this is a great opportunity. Download sizes range from 35-70 MB (excluding SQL Server 2005 Express) and you can choose your edition here. Happy coding!

Read: Visual Studio Express

Hold developers liable for flaws?

Post ImageThat’s what one so-called “expert” thinks should happen. While most people will agree that security is a major issue, not everyone agrees on what should be done to combat security problems. This suggestion has got to be the most creative and ridiculous one I’ve come across:

Software developers should be held personally accountable for the security of the code they write, said Howard Schmidt, a former White House cybersecurity adviser.

Speaking Tuesday at the SecureLondon 2005 conference, Schmidt, who is now CEO of R&H Security Consulting, also called for better training for software developers. He said he believes that many developers don’t have the skills needed to write secure code.

If we’re going to hold software developers liable for their code, why don’t we hold users liable for their mistakes and errors too? Heck, why stop there! We might as well hold the farmer who grew the potatoes used in McDonald’s french fries liable for making people fat! Seriously, Schmidt is just way off base with regards to the liability issue. Training is one thing, liability is quite another.

You just can’t look at a piece of code and say with absolute certainty that it’s secure, even if you have proper security training. First of all, the developer cannot anticipate all of the ways in which the code might be used, nor can he/she predict what future technologies might impact the code. Secondly, there is quite often more than one developer who touches a piece of code, so it may not be written with the same caution or mind for security each time. There’s just too much uncertainty. Software development is often called “Computing Science” but a large portion of it is more “art” than “science”.

Read: CNET