When it comes to offshore software development teams, managing quality and risk creates value. But you also need experienced leadership and oversight for long-term success. Simply adding offshore bodies to a project rarely works, and has diminishing returns.
Here are some process tips for mitigating risk and getting the most value from an offshore team.
Some of the issues you'll encounter can be avoided by engaging with an onshore development partner. Here are some tips for keeping the app or service quality high and the risk low.
There's usually more to the story so if you have questions or comments about this post let us know!
Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!
Planning out a long-term strategy for your web project can really pay off. We were recently reminded of that when we were asked to create a mobile app (iOS and Android) for a web-based platform we designed and built several years ago. The platform is Coursabi, a learning platform that ensures growth at each milestone for everyone on your team. You can check it out at https://coursabi.com.
Desktop view of the Coursabi dashboard.
When we created the technical strategy we knew that a mobile app was a likely roadmap item. So we chose ASP.NET Blazor as the core platform technology. It allowed us to build a web app that felt like a single page app (SPA). And it gave us several hosting models: server, WASM (WebAssembly), and hybrid mobile. The most intriguing aspect of the Blazor Hybrid model is that unlike hybrid apps of the past, there is no web server running on the mobile device. Instead, all the C# code is compiled to native .NET code, and the web view (an embedded web browser) is only used to render the user interface. So the app runs as a native mobile app!
Various mobile (phone) views.
We knew that some features of the platform would have to be altered, since the mobile app has no web server. For example, Coursabi supports the SCORM format for external learning content. And due to security restrictions, they needed a host with a trusted root certificate. So moving that out of the platform and handling the routing changes were both necessary, but totally doable.
Another benefit of a mobile app version of the platform is that in many ways it also simplifies the security model, since the app is only running on the local device, whereas a hosted app needs to manage user state, among other concerns.
Tablet view is a hybrid of desktop and mobile.
If you have an ASP.NET-based web application, you can still leverage Blazor Hybrid to turn it into a mobile app. It just needs to first be migrated into a Blazor app. I'd also recommend reviewing your web app for opportunities to make it as mobile-friendly as possible. You don't want your mobile app to look or feel like a website. But those changes not only get you a great mobile app, they also improve how your app looks and feels in a mobile web browser. So you get twice the value.
There's usually more to the story so if you have questions or comments about this post let us know!
Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!
People building robots to build robots... what could go wrong?
If you're not already familiar with the term, vibe coding is a new way of coding that allows people to use AI to create software without needing to know how to program. In the best case it empowers people to be creative and build tools that help with work or play, as low- or no-code solutions have always done. In the worst case it gives the impression (or rather sets the expectation) that they can literally build anything, and that software developers are a thing of the past. As with most things in life the truth of the matter lies somewhere between these extremes.
Vibe coding can be a great way to learn programming (and just have fun). It could save you hours of research, though AI is notorious for confidently giving you the wrong answer.
In many ways vibe coding is a variation of a theme. For many years there have been services to help non-programmers create tools. Some of the more recent iterations are low- and no-code solutions using drag and drop and interactive prompts. An example of this is Zapier, which allows you to connect various services and platforms to create workflows, among other things. One way you could use it would be to create a workflow that syndicates a blog post to your social network accounts or emails subscribers. In these cases the technology, hosting platform, security, and protocols are abstracted away so users can focus on the what and not be concerned with the how.
Vibe coding differs in that it requires that you also have an understanding of the how. In the example of syndicating a blog post, you would need to have some understanding of how each connected service handles communication with third party services, how to configure access for each platform, how the app needs to be hosted, how to deploy the app, and how to ensure the app is secure. You also need to know how to set up, use, and maintain a development tool chain, though some services may generate/host projects or compile code for you.
AI is trained on code written by people in the past. The word "train" implies that it's learning how to code when in fact it's just indexing the data in a way that allows the AI to regurgitate answers derived from that information. As technology changes AI needs to ingest new code written by software developers in order to keep up.
So if your choice of using vibe coding is simply a way to learn programming (and just have fun) you should go for it!
Otherwise, below is a checklist of good reasons to use vibe coding to build something. Keep in mind that complexity and tolerance for adventure are always subjective.
If any of the previous points are an issue, here are some good reasons for using a low-/no-code hosted solution instead.
After a while you may realize that building something yourself wasn't the best choice.
This is merely scratching the surface. As a professional software developer I can tell you that the devil is in the details. One example is how important security is nowadays, and how challenging it can be to maintain a proper security posture even when you know how to code. Besides, with the right software development partner you'll end up with a better result, and stay within your timeline and budget.
A professional software development partner can handle all of the gaps and requirements you may have identified in the previous lists, including:
There's usually more to the story so if you have questions or comments about this post let us know!
Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!
.NET 9 was officially released during .NET Conf. This release feels like a LTS release; full of speed improvements and quality of life features and refinements, even if you only use it as a drop-in replacement for .NET 8.
It's about time… NIST has updated their password formatting recommendations to better align with modern use and the reality of how we use passwords. For example, the new rules bar the requirement that end users periodically change their passwords. This requirement came into being decades ago when password security was poorly understood, and it was common for people to choose common names, dictionary words, and other secrets that were easily guessed.
Qualys has a free tool named SSL Labs that anyone can use to check the security of their website TLS certificates and certificate hosting configuration. This is an frequently overlooked area of securing a website and we highly recommend using it on your own website. In fact, we use it on all our website projects to secure our client websites, and dog food it for fynydd.com (we score an A+ by the way).
The SSL Labs tool will evaluate a ton of certificate hosting exploits like BEAST, POODLE (SSLv3), POODLE (TLS), Zombie POODLE, GOLDENDOODLE, Sleeping POODLE, and more.
It will also scan your server's TLS/SSL protocol support to ensure that you're using the latest version (TLS 1.2 at the time of this writing) and that your server has disabled legacy protocols to prevent protocol fallback attacks. In fact, if you're hosting with Microsoft Internet Information Service (IIS) we highly recommend installing the "Setup Microsoft Windows or IIS for SSL Perfect Forward Secrecy and TLS 1.2" PowerShell script to lock down your server TLS/SSL protocol support.
There's usually more to the story so if you have questions or comments about this post let us know!
Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!
Being a pragmatist when it comes to software development, I generally prefer simple solutions whenever possible. So when clients are faced with the challenge of determining which features to add to their products, as a starting point I usually recommend looking at user value versus cost to implement.
Given a progressive value scale from a “cup of coffee” at the low end and a “house” at the high end, we can easily see where the best choices lie.
Looking at the first row in this example, if a user values a feature at “house” and your cost to implement is a “cup of coffee” this feature addition becomes a no-brainer.
Likewise if a user values a feature at a “cup of coffee” but it will cost a “house” to build, it's certainly a feature to avoid implementing.
There may be some diamonds in the center blue area, but more information is usually required before we make those decisions.
There's usually more to the story so if you have questions or comments about this post let us know!
Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!
Apple's decision to make macOS look and feel more like iOS is aspirational, certainly. If users could seamlessly switch between operating systems and retain muscle memory it would be a big win. It's no wonder that Apple decided to do this with macOS 13 Ventura.
But in practice, Apple's zeal for consolidation has created some real problems for users. In many cases it feels like one step forward and two steps back. I can see how iOS power users may welcome most of the changes to macOS, but that position smacks of Stockholm Syndrome to me.
One of the best examples of this is the redesigned System Settings, which is a mess. I've given it months to “grow on me” and it has… like a fungal infection. The settings are (dis)organized into a single column of top-level categories in a seemingly random order. Devices running macOS have wide screens, so restricting the top-level categories to a single narrow column is an artificial limitation. And it can’t be remedied by resizing the System Settings window because only its height can be changed.
And the organization? macOS has a much deeper and more broad collection of settings than iOS. So as difficult as specific iOS settings can be to find on an iPhone, it’s near impossible on a Mac. And making it worse is the fact that some settings have been organized out of existence, spread out into disparate, counterintuitive categories. Want to tune all your power and sleep settings? You may have to explore a dozen settings categories to find them when they could have been put into an “Energy” category or something similar. Luckily there is a search feature. Without it I’m sure users would be surrounding the Apple Campus with pitchforks and torches.
Also part of this convergence initiative is the Apple decision to make physical keyboards work more like the iOS virtual keyboard, which changes contextually. The difference is that the iOS keyboard changes in appearance so you can infer what's expected. This means that, for example, sometimes you can use the delete key to remove characters to the right of your cursor, and sometimes you can't. It's like an infuriating game. And now when you press and hold an alphanumeric key it no longer repeats, in favor of a popup with extended characters (e.g. foreign characters with accents and ligatures). I suppose that’s handy for people who write in a foreign language. But you would assume that it would be an option, not a change to the original default key behavior. Your keyboard isn’t broken. Apple made it better YOU'RE WELCOME.
When asked, most people think that software development is coding; the physical act of programming apps and platforms for servers, computers, and mobile devices. This is not the case.
Software development is the process of solving problems through software. It's a creative process that is centered on discovery and adaptation which uses tactics like programming (coding) to accomplish its ends. Likewise, software development is not the act of reusing existing software for a new purpose. That's just copying bits.
So it is important for those involved in the software development process to understand and acknowledge the following key aspects.
Understanding the problem domain is the key to a successful software development process. And we know the least about a problem domain at the outset. So it doesn't make sense to plan everything out at the beginning. Software development is an exercise in learning. We learn more and more about the problem to be solved as we move through the process. And as the problem domain comes into focus we should be refining or redefining what we should be building as we learn.
Mistakes help us solve problems and are one way in which we learn. Embrace them. Plan for them.
Perfect plans are usually perfectly wrong. It is impossible to perfectly know the steps, mistakes, discoveries, interruptions, and goals for a project, nor the time impact of each, all in advance.
Great software doesn't just manifest in one go. It springs forth in a deficient state and evolves over time. This makes guessing about its future state with any accuracy a fools errand. It also means that creating precise specifications for those guesses can be a waste of time.
Accuracy and precision are not the same. Something can be very precise but horribly wrong. This has been shown by various studies, including those in the Microsoft Press book Rapid Development by Steve McConnell. According to the book it doesn't matter how diligent or thorough an estimate may be. The data shows that when compared to a more broad, high-level, or piecemeal approach based on past experience, the error bounds are largely the same.
We must understand the level of precision that makes sense. For example, it doesn't make sense to plan an entire project with the same precision as planning next week's work. Likewise, planning specific deliverables for dates far out into the future is also problematic. Small time horizons increase the accuracy of our guesses.
By deploying changes frequently, we allow the entire team to steer the direction of the project early and often. This agile approach will ensure that the final product performs as it should for its users.
There's usually more to the story so if you have questions or comments about this post let us know!
Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!
