Follow Slashdot stories on Twitter


Forgot your password?
Bug Programming Security

October, November the Worst Months For Writing Buggy Code 136

chicksdaddy writes "Data from application testing firm Veracode suggests that the quality of application code submitted for auditing is pretty much constant throughout the year — except for the months of October and November, when the average density of vulnerabilities in the code jumps considerably. But why? Is it the pressure of deadlines? The stress of developers' lives (kids back to school, etc.)?"
This discussion has been archived. No new comments can be posted.

October, November the Worst Months For Writing Buggy Code

Comments Filter:
  • Re:A little late? (Score:5, Insightful)

    by Laz10 ( 708792 ) on Tuesday December 20, 2011 @06:17PM (#38441038)

    Looking back at my invoices, I can see that I usually work more hours those two months than any other months of the year.
    I also get depressed from lack of sunlight in the dark Scandinavian autumn days.

    On the other hand a total of one (and that was some trivial layout) bug was reported on the code I coded and shipped in that period this year.

    Maybe the bugs are only found later?
    That also suggests that the bugs found in October and November was introduced by the interns during the summer vacation?

  • Re:A little late? (Score:5, Insightful)

    by tlhIngan ( 30335 ) <> on Wednesday December 21, 2011 @03:38AM (#38445502)

    Or the group is tackling more complex things in those months.

    Easy - it's the holiday season.

    Or you have to realize that October is Ship Month(tm). If it's a physical product that goes in stores, it means the product is sitting in the factory waiting for the software to go on them (it takes many months to get stuff manufactured from component ordering and lead times to physical assembly, so it happens during software development). The code has to be shipped by end of October so the factory has November to program and ship the product to the distributors and then to retailers by December to be on the shelf.

    And that's if they're fast at doing so - most of the time, the product can't be assembled and shipped because all factories are busy, which means what goes on them is a test firmware that downloads the latest on bootup. (Ever notice how many things do a firmware update when you first turn them on? That's why). In which case the deal is to have it ready by shipment in November.

    If your product is software, but has a physical element (like a disc) then your timelines are still short as you have to ship *something* by October to the presses, and then you patch it during October/November while you wait for the discs to come back so you can ship for the holidays. And the goal is to have something

    If your product is purely Internet download, then you need to compete with approvals and all that but that means you have all through October and November to squash bugs. But with any fixed ship date, well, squahing one bug can introduce two more.

    It's because of the holiday seasons that people are furiously fixing and finishing software. No wonder that there's more bugs - people are doing more "quick fixes" that may not be properly tested in order to ship.

Nondeterminism means never having to say you are wrong.