[LINK] The Ethics (!) of Dodgy Web Designers

Karl Auer kauer at biplane.com.au
Wed Apr 18 14:14:33 AEST 2007


On Wed, 2007-04-18 at 12:44 +1000, Rick Welykochy wrote:
> There is a stark difference between programming a modem's firmware and
> using it as a consumer.

Consumers use a microchip by programming it. Other consumers consume the
result - software - by using it. In neither case is it a prerequisite to
understand ones complement before having a go and maybe producing
something useful.

Roger tried to save me from myself by saying I'd confused users and
programmers. Not so, I was well aware of what I was saying. This is the
age where anyone can write software, write web pages, whatever. How well
they do it and the reasons why it may be done badly by some is of course
a subject for discussion, but the tools are there to let anyone, no
matter how incompetent, have a go and possibly produce something useful.
And that's good. We don't keep pens away from anyone but trained
authors, either.

> Same goes for a compiler. Use it to cimple all you want, but if you are
> a compiler maintainer, you do need to know your stuff.

Good Lord, not at all. The more you know the better your stuff will be,
theoretically, but if you've got the source and want to change it, go
right ahead! Incompetence is no barrier at all, and nor should it be.

> I think you are mixing two different levels of use here in your examples.

Nope. Quite deliberate. It is precisely the shift from "mere user" to
"user who can make and change stuff" that is important here.

> a transaction-based system without being a DB expert. I've seen far too
> fsckups when people who don't know their stuff (being it ACID or whatever)
> to conclude anything else.

It won't and it shouldn't stop people having a go. With any tools they
like. Get used to it and stop spouting about "people who don't know X
shouldn't be allowed to do Y". It's just ones and zeros, right?

> How many SQL-injection attacks have you heard about lately? They are
> caused by kiddies "using" a database in an incorrect fashion.

Or perhaps people using a defective tool? How come that attack is even
possible? Think about all the ways such attacks could be prevented -
only one of them is the complicated and error prone method "educate the
user".

> science why the kiddies and amateurs should just stay away from programming
> and implementation. Let them stay at the "user" level.

How totally elitist. "Get a degree or piss off", hey? Nice one.

> it. Conversely not enough is spent on analysis, design and testing.
> I say this from experience.

GIGO? Absolutely. But garbage is not useful. It will be weeded out the
hard way, maybe, but it will be weeded out. Who cares? Only you.
Everyone else moves on to something more useful.

> The literati in any field of endeavour will always cry foul when inexperienced
> and untrained individuals attempt to do the same level of quality work and
> fail, thereby bringing discredit and loathing to their profession.

Once again: Get used to it. No-one cares except the highly trained
professionals who see their big salaries disappearing because tools are
coming on line that anyone can use to produce the same level of
usefulness as what the professionals produce. Faster, cheaper, more
often and in a wide range of colours.

> Your thesis can easily be disproved by negating its converse. Suppose
> it is fine that punters with inadequate knowledge of "what's under the
> hood" are allowed attempt to implement quality systems, mission critical
> applications and security frameworks. Disaster ensues. Encryption is a
> very good example. Time and time again, those without the required mathematical
> and cryptographic background who invent new encryption schemes fail. Their
> peers discover flaws almost immediately.

Um, what thesis would that be? Your point is....?

To take issue with your straw man, however: The fields you mention have
higher standards of "usefulness" than others. Crap is swiftly recognised
and discarded, leaving the field open to those who really do know their
stuff. Not only that, but systems in those fields are usually tested
hard before actual deployment, meaning crap is generally discovered
early. And an amazing amount of crap is winnowed out exactly thus. Any
disaster that ensues is absolutely a management failure, not a failure
of the developer, however incompetent.

> I am hardly outraged. Simply passionate about my field of work and pissed
> off by incompetence.

Hm. "pissed off" sounds like a form of outrage to me, but maybe I'm
being overly pedantic. Stay passionate, do good work, and the world will
continue to beat a path to your door. Just don't embarrass yourself with
pronouncements like "anyone who doesn't know what ACID is should not be
allowed within striking distance of a database".

Regards, K.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)                   +61-2-64957160 (h)
http://www.biplane.com.au/~kauer/                  +61-428-957160 (mob)




More information about the Link mailing list