back to article Great news. Patch load drops 20% for the first time in 10 years. Bad news: Well, you've heard about coronavirus?

Over the first quarter of 2020, the number of security bugs disclosed by software makers fell 20 per cent though not for any of the right reasons, it seems. Analysts at Risk Based Security cited both internal data and public reports from vendors in putting the number of security vulnerabilities reported over the first three …

  1. Mike 137 Silver badge

    "... than any sudden improvements in the quality of code being written"

    Any improvements in the quality of code being written will never be sudden - if they happen at all it will result from a complete redefinition of "software professional" making the requirement for formal expertise coincide with those of other more established engineering disciplines.

    Software is the only engineering product that is accepted as created by entirely self-taught and unverified practitioners without recourse to ratified common standards. Not the case in civil engineering, not the case in electrical engineering - not even the case in plumbing or gas fitting. But as software gets ever more embedded in products otherwise engineered to more rigorous standards, these themselves get dragged down to its level. Witness several aviation incidents and near misses in the last few years.

    1. Teiwaz Silver badge

      Re: "... than any sudden improvements in the quality of code being written"

      Software is the only engineering product that is accepted as created by entirely self-taught and unverified practitioners without recourse to ratified common standards.

      Well, the courses I did all carried BCS accreditation....

      I'd have to assume aviation carries a very high engineering standard, and certainly not patched together from whatever 'some startup' could scrap off of Github. If those can go wrong, and they do, then either Engineers engineering can go wrong as much as anything else, or civilisation is growing sloppy, feckless and easily distracted by twitter tantrums...

      Oh, yes.

  2. Charlie Clark Silver badge

    Huh?

    How many software companies have been laying people off? Software companies have had it by far easier than everyone else. I know it's fashionable to blame everything on the pandemic, but it doesn't make much sense here.

    1. Richard 12 Silver badge
      Facepalm

      Re: Huh?

      Who's buying the software licences?

      Aside from games, almost all software is licensed business-to-business. If your customers are closed, they aren't buying your software.

      1. Charlie Clark Silver badge

        Re: Huh?

        Software isn't a comestible like food or fuel.

    2. diodesign (Written by Reg staff) Silver badge

      How many software companies have been laying people off?

      Ah, quite a few. In fact, a lot of tech cos have used the pandemic as an excuse to offload staff, blaming the economic uncertainty.

      There's also the drop in productivity as people work from home for the first time, and in stressful circumstances - not just world events, but also things like childcare.

      It appears to have had an effect on the number of bug advisories.

      C.

      1. Maximum Delfango
        Thumb Up

        Re: How many software companies have been laying people off?

        “... There's also the drop in productivity as people work from home for the first time..”

        Really? My productivity has gone through the roof. As have my hours, because I’m not commuting. Working from home is fantastic.

        1. A.P. Veening Silver badge

          Re: How many software companies have been laying people off?

          Meaning you are probably single and most definitely childless, with children home from closed schools productivity drops rather dramatically when working from home.

  3. Version 1.0 Silver badge
    Pint

    Patch deliveries down, malware deliveries up.

    Possibly these incidents are related - I had been thinking that the malware deliveries were increasing because the hackers were self-isolating at home. Like everything else these days it's a nice example of how you rarely know the true cause of any incidents until afterwards.

    It's Friday - icon for everyone.

  4. Sparkus

    Not to mention the 'effects' of three new code analysis and verification toolsets..................

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020