Re: [SystemSafety] OpenSSL Bug

From: Les Chambers < >
Date: Mon, 14 Apr 2014 12:07:24 +1000


Tom
RE your comment : "Creating a fora for software professionals to report on breakdowns in software engineering processes would be difficult but would seem to be worth pursuing."

Such a forum exists here:
http://www.chambers.com.au/forum/post_summary.php?frm=1

As you will see, plenty of people want to view, but few are motivated to contribute.
Is this due to lack of English expression skills or just plain apathy | disinterest | brain calcification. It's hard to tell. It's always struck me as sad that the active participation you find in fantastic sites such as http://stackoverflow.com/ is not replicated in software and Systems engineering forums. I guess it's mainly due to the reality that stack overflow solves immediate problems: my program doesn't work, I can't understand that error message and so on. SE problems are more abstract and have longer term solutions and involve people above the pay grade of your average developer. This list is one notable exception. What can I say? .... maintain the rage.
Les

-----Original Message-----
From: systemsafety-bounces_at_xxxxxx [mailto:systemsafety-bounces_at_xxxxxx Tom Ferrell
Sent: Friday, April 11, 2014 7:24 AM
To: systemsafety_at_xxxxxx Subject: Re: [SystemSafety] OpenSSL Bug

I was onboard with the last post right up until the very last sentence:

" In fact, a consultant friend of mine recommends we don't even call them "defects". He says, "Call them what they really are: programmer malpractice".

For a great deal of software where all that matters is time to market, such a view might have some traction. However, I would argue that seldom is a single programmer to blame, but rather a management structure who cares only about schedule and cost, and a broader industry that rewards time to market with massive ROI. In many cases, this ROI would trump all but the biggest legal settlements. I do agree that initiatives like the SWEBOK help as to certification programs for software professionals in general. These do not, however, get to the heart of the cultural problems and what seems to be an ever increasing erosion of basic engineering ethics. Overall this community needs to do a better job of communicating the societal impact of poor practices throughout the software engineering discipline.

On a different, but related note: the aerospace community has a long history of allowing people to come forward with problems so that they can be solved. This framework depends heavily on a system of anonymity and non-retribution. Creating a fora for software professionals to report on breakdowns in software engineering processes would be difficult but would seem to be worth pursuing.



The System Safety Mailing List
systemsafety_at_xxxxxx

The System Safety Mailing List
systemsafety_at_xxxxxx Received on Mon Apr 14 2014 - 04:07:43 CEST

This archive was generated by hypermail 2.3.0 : Sun Feb 17 2019 - 20:17:06 CET