2013 Challenges for Developers, Part III: Future Challenges

A number of insightful industry watchers got back to me right after the holidays with their thoughts on the challenges facing developers in 2013. (Most of them didn't even seem that hung over.) It was just too much wisdom to cram into two blog posts, so we're going with a Part III.

John R. Rymer, principal analyst at Forrester Research Inc., covers application development and delivery (and writes a killer blog). He agreed with his colleagues that mobile will continue to vex developers, as will the need to learn and employ multiple languages. However, he was surprised (as was I) that the arrival of Windows 8 didn't top more lists.

"[Windows 8] got off to a slow start, by all accounts, but Microsoft is all in on this one," he told me. "It's fair to say that one Microsoft platform era is ending and another is starting. What Microsoft is calling 'the new Windows platform' includes Windows 8 clients, the Windows Runtime API, and the Windows Azure cloud. .NET isn't going away, but it's a server environment, and the relationship among these technologies is really complicated. There's a lot to master there. And then there's the question of when to make the jump to that platform."

Rymer and fellow Forrester analyst Jeffrey S. Hammond published a report in August entitled "The Future of Microsoft: New Options, New Choices, New Risks" that's well worth reading.

Ovum principal analyst Michael Azoff foresees a "big headache" on the horizon for developers caused by fragmentation in app dev precipitated by their struggles with mobile development.

"Mobile of course is the issue," he said. "HTML5 is supposed to be the answer, but it's a bunch of technologies, continually evolving, and part of a spectrum of options when deciding to go native, hybrid or open."

For ZapThink President Jason Bloomberg, the mobile piece is all part of the broad-based trend toward new ways of thinking about distributed computing.

"From the enterprise perspective, mobile -- as well as the browser -- has always been thought of as the user interface endpoint," Bloomberg said. "The thinking goes: All the hardcore work of enterprise development is in the middle tier, and then you do the application tier and let the hippies do the coding on the interface, which you slap on for the end users. That's shifting as our devices become more and more sophisticated. A smartphone is more powerful than a supercomputer from 20 years ago. We have these supercomputers in our pockets, so they can be much more than just interface endpoints. They can actually be a provisionable cloud resource as well."

Another challenge ahead for developers in 2013, Bloomberg said, is sorting out cloudwashed products and services from the real thing. "Cloudwashing" refers to the practice of adding the word "cloud" to existing, essentially unchanged products or services.

"The 2013 cloud computing story is one of maturation," he said, "but also one of the vendors striking back with an increasing effort to cloudwash, as they realize that cloud computing done right would undermine their revenue streams and licensing models. What developers need to understand is that virtualization alone is not the same thing as cloud. That's the seed of confusion that's getting sewn right now. Vendors are saying, we're offering cloud, but they're really offering virtualization. The missing pieces are the automated provisioning configuration and the elastic nature of the cloud, where you can scale up and scale down in an automated fashion. Virtualization alone doesn't offer those parts of the story, and developers need to be aware of that."

Bloomberg has a book coming out later this year, "The Agile Architecture Revolution," from Wiley, John & Sons Inc. Given the quality of his coverage of service-oriented architecture (SOA) and cloud computing over the years, it should probably be on your reading list.

Unsurprisingly, security was on the mind of my favorite fiddle-playing security expert, Gary McGraw, CTO of Cigital Inc., and author/coauthor of many books, including the classic, "Software Security: Building Security In" (Addison-Wesley, 2006).

The top of McGraw's list of challenges for developers in the coming year: secure use of well-known frameworks.

"This is a big question for developers," McGraw said. "From a coding perspective, if you're used to using static analysis tools, they fail when it comes to frameworks, because the control flow goes right down this hole. And the tool goes, 'Oh well, the control flow is gone, so I quit.' Using frameworks securely should be a big issue for developers in 2013. And they should be asking exactly what the guys who are building frameworks are doing to make them secure."

McGraw also pointed to ongoing security issues around Java, which was plagued by exploited vulnerabilities last year.

"Watching all that, it felt like déjà vu all over again," McGraw said. "I looked at my watch and said, holy crap, it's 1997! What's going on is, various people who are in control of Java at a company whose name might start with Ora and end with cle, just haven't been paying attention. They pay a lot of lip service to security at that company, but when push comes to shove, they're not delivering. And when companies that, generally speaking, try to play nice like Apple (emphasis on generally) say they're going to ban Java from their platform, that ought to be a wake-up call."

McGraw will be presenting at this year's RSA security conference. The title of his talk: "The Bug Parade, Zombies, and the BSIMM." (The BSIMM, of course, refers to the Building Security in Maturity Model, the latest incarnation of which I covered back in November.)

Security was also on tech industry watcher Rob Enderle's mind (The Enderle Group), particularly when it comes to the use of open source in the mobile space. So much work is now "pointed at mobile devices," he said, and so many malware writers are employing the strategy of altering good applications, that app builders should reexamine their open source practices in 2013, and "take other measures to ensure someone doesn't hijack your product for illegal purposes."

Enderle also cited analytics as an increasingly critical industry focus and developer opportunity.

"Analytics is one of the big technology advancements this decade," he said, "and using this tool to better understand your existing and potential customer needs and frustrations --and your competitors' weaknesses -- should help assure more successful products and greater customer loyalty. This is also a huge opportunity to think about incorporating these analytics into software products and providing a feedback loop to customers that use them to help you better enhance the products you're creating."

For RedMonk's James Governor, the good news for developers in 2013 -- a wealth of choices -- is also the daunting news.

"Dealing with the abundance of tooling is increasingly an issue," Governor said in an e-mail. "Developers have more choices than ever to make -- whether in data stores, programming languages, management and monitoring, agile methods, approaches to DevOps -- there's innovative stuff happening everywhere."

To support his point, Governor quoted author Clay Shirky's book, "Here Comes Everybody" (Penguin Books, 2009): "We are living in the middle of the largest increase in expressive capability in the history of the human race ... The barrier between producers and consumers, professionals and amateurs, has been -- if not eliminated -- so drastically lowered that it is revolutionizing our society just as the printing press revolutionized medieval Europe."

"That's the world we find ourselves in," Governor said, "and what's particularly interesting is that developers are both the Catholic Church and the Protestants, the High Priests and the upstarts."

In another good news/bad news observation, Governor included software patents on his list of developer challenges for the coming year.

"Software patents continue to be disastrous for software developers," he said, "with trolling from both mega corps like Apple, and a motley band of ambulance chasing IP lawyers, being a huge problem. That said, recent U.S. court cases indicate a willingness of the judiciary to stop the madness. Weirdly, patent law may even be a bright spot in 2013."

Governor is another blogger who should be on your list.

Posted by John K. Waters on February 6, 2013