Recent events have uncovered vulnerabilities in versions of SSL/TLS - protocols that many developers and engineers have historically taken for granted as reasonably secure unless certificates are leaked or encryption techniques become outdated. As these security flaws are made public, developers often discover ancillary issues as patches are installed, old protocols are invalidated, and new ones become mainstream. POODLE is a great example of this. It is standard practice for older protocols to be supported for a period of time and then disabled when new certs are issued. If engineers haven't scrutinized the current state of their machines and the applications that run on them, they could be in for a rude awakening.

Managing configuration is a conceptually simple problem that developers tend to overcomplicate. Compounding the problem is the fact that many of us maintain substantial codebases, often times implementing their own disparate configuration management schemes - some customized and home grown, others utilizing techniques and tools offered by development platforms themselves (e.g. .NET's build configuration-based Config Transforms).

Right now almost all of my work is within the Microsoft realm, and so I spend quite a bit of time in Windows. That being said, I've spent quite a bit of time working on other platforms and in other operating systems. One of the more significant projects I've been involved in recently was actually written in python and hosted on a flavor of linux. Consequently I did most of my development out of a Virtualbox VM running Ubuntu. One of the things that always impressed me with various linux distributions was the package management utilities that many come with (notably yum and apt-get).