Home page logo

bugtraq logo Bugtraq mailing list archives

Re: LAMP vs Microsoft
From: George Capehart <gwc () acm org>
Date: Sat, 15 Jul 2006 22:04:08 -0400

Bob Beck wrote:


      The simple fact is most of the MS/PHP/JAVA web development will be
being done by code monkeys, fresh out of school.. I'm pretty certain
they will "inbug" the same average number of bugs per line of code
they write no matter what platform it is. Development is often
outsourced to an external coding haus, written to a spec, without
complete info about what the whole final application is going to do.
Frequently they don't even reuse "mature" code from past releases
because you don't want to release it to the external people, or you're
too busy chasing platform-du-jour (Want a great example of this? I'm
betting Sun One, going from version 5 to version 6 is a good one)

This is truer than you know.  I've been writing code since 1974, and I
see the same mistakes being made over and over and over and over . . .
again.  Just as in wars, it seems that every generation is destined to
make the mistakes that their elders made.  There is no industry-wide
repository of "Lessons Learned."  Each generation is left to make the
same mistakes over and over.  If one were to do a root-cause analysis,
what would one find?  Programming courses teach grammar and syntax.
They do not teach "safe programming."  (Except Crispin and Dave, of
course . . .)  Programming managers are programmers who grew up and
decided they'd had enough of the 80-hour weeks and wanted to become
managers.  They don't know/care, either.  It's only when the "powers
that be" decide that it's better business to deliver bug-free, secure
code than shipping mostly-working code out the door that things will
change.  Wanna take a bet on how long that'll be?

Apologies.  Usually this rant appears on firewall wizards or dshield . .
. Just happened to be bugtraq this time

George Capehart

PGP KeyID:  0xDD7034EA

"Sometimes you're the windshield, sometimes you're the bug."
 -- Mark Knofler

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]