• Derp (unregistered)

    Comment Frist!

  • annoyed (unregistered)

    A winner is you.

    maybe not.

  • Cbuttius (cs)

    ...I think code reviews are a great idea to keep everyone else's very poor code out of the system.

    My code however is of a very high quality and doesn't need reviewing. And if you find it too complicated - well perhaps you're just not good enough a programmer...

    Actually code reviews are a good idea in general but I have found that if you have too rigorous a "committee" procedure then you just get a pile-up of stuff waiting to be reviewed, and if you put the best developers onto the committee (you would, wouldn't you?) you are wasting your resources if they spend too much time reviewing code when they'd be better employed writing it.

    Reviews are often best done before the code is written.

  • frits (cs)

    After reading that fist paragraph I thought they were going to man the checkpoints with some warlord's henchmen armed with AK-47s. In retrospect, I think that would have been a better way to go.

  • Brock (unregistered)

    Did anyone else read the conversation between Hank and Dean in their Venture Bros voices?

  • Gordon (unregistered)

    I actually don't think this is a terrible way to go about things. The meeting probably brought up some things in the developers mind that they didn't think about before. If you are confrontational about the omission, the only thing it does is make the egotistical developer think that he is right and drives it into his mind even deeper. On the other hand, if you allow them to save face, they go back to their desk and meditate on the concepts that you presented to them, perhaps even Google a couple that they didn't know about and ultimately resolve those problems in their final product. Programmers are good problem solvers that way.

  • renewest (cs)

    Sorry, my comment did not pass the review

  • mc (unregistered) in reply to Gordon
    Gordon:
    Programmers are good problem solvers that way.

    Competent programmers are good problem solvers that way.

    FTFY.

  • The Corrector (unregistered) in reply to mc
    mc:
    Gordon:
    Programmers are good problem solvers that way.

    Incontinent programmers are good problem solvers that way.

    FTFY.

    FTFY

  • Wolfman (unregistered)

    How on gods green earth do you make a review board with no teeth? They would probably be more effective if they just call everybody in and watched cartoons!

    CAPTCHA: Nulla - a femail pointer

  • Bince (unregistered) in reply to The Corrector
    The Corrector:
    mc:
    Gordon:
    Programmers are good problem solvers that way.

    Incontinent programmers are good at using adult diapers.

    FTFY.

    FTFY
    FTFY

  • Go Team Venture! (unregistered) in reply to Brock
    Brock:
    Did anyone else read the conversation between Hank and Dean in their Venture Bros voices?

    TRWTF is all this talk of Hank and Dean with no mention of Brock. amirite?

  • @Deprecated (cs)
    Hank:
    We'd have to manage accounts for all of our customers, and that'd just be cumbersome.... As far as I know, no one is planning to use it yet.

    Yes, managing those huge authorization databases of <empty set> can be a major hassle.

  • Sir Twist (cs)

    "No one would come?" What about "be at the meeting or be clearing out your desk?"

  • Matt Westwood (unregistered) in reply to Sir Twist
    Sir Twist:
    "No one would come?" What about "be at the meeting or be clearing out your desk?"

    ... or as my colleague would say: "That's what monster's for."

  • frits (cs) in reply to Go Team Venture!
    Go Team Venture!:
    Brock:
    Did anyone else read the conversation between Hank and Dean in their Venture Bros voices?

    TRWTF is all this talk of Hank and Dean with no mention of Brock. amirite?

    The only Brock I know has a massive phallus tatooed on his chest.

  • Matt Westwood (unregistered) in reply to frits
    frits:
    The only Brock I know has a massive phallus tatooed on his chest.

    Beats the other way around, I suppose. (Yo ho ho and a bottle of rum, indeed)

  • Cbuttius (cs) in reply to Derp
    Derp:
    Comment Frist!

    You might get away with that comment this time, given the title. Most of the time it would simply get deleted.

  • boog (unregistered) in reply to Gordon
    Gordon:
    I actually don't think this is a terrible way to go about things. The meeting probably brought up some things in the developers mind that they didn't think about before. If you are confrontational about the omission, the only thing it does is make the egotistical developer think that he is right and drives it into his mind even deeper. On the other hand, if you allow them to save face, they go back to their desk and meditate on the concepts that you presented to them, perhaps even Google a couple that they didn't know about and ultimately resolve those problems in their final product. Programmers are good problem solvers that way.
    You'd be absolutely right if Hank actually walked away from this meeting thinking there was anything he needed to resolve. It's pretty clear that, based on this much-abbreviated version of the story, that just wasn't the case.

    Pete says the meeting is a service to the developers. Pete's an idiot. What service did they provide? Sure, they didn't need to "kick the project back to the drawing board," but they certainly should have done a better job of educating Hank on the security issues of his idea. They should have at least told him "You have our approval (as if you need it), but your web service will be vulnerable to any common hacker on the web. SSL protects the messages, not the web service itself. Please, for the sake of the billing department, consider adding some method of authentication." If that's the most this committee could ever do about it, then they should have done that instead of letting Hank walk away proud of his idea.

    At least it sounds like Dean was on the right track; too bad he was stunned to silence by Hank's idiocy.

  • boog (unregistered)
    "Well, no," Hank said. "We just thought it'd be a good thing to provide. As far as I know, no one is planning to use it yet."
    Coincidentally, I leave the back-door of my house unlocked and wide open all the time, even at night and while I'm not home. It's okay, it's not like anyone's planning to use it.
  • Alex Pampandiculous (unregistered)

    Yesterday's article did not make it through the review process.

  • Random Jerk (unregistered)

    I have altered your billing data. Pray I don't alter it any further!

  • winner! (unregistered) in reply to Alex Pampandiculous
    Alex Pampandiculous:
    Yesterday's article did not make it through the review process.

    WIN! +1 Internets for you!

  • Anon (unregistered) in reply to Brock
    Brock:
    Did anyone else read the conversation between Hank and Dean in their Venture Bros voices?

    Yes, but they need to change Pete to Rusty.

    Go team Venture!

  • Jon (unregistered)

    Clearly the answer is to establish a review committee to review the work of the review committee...

  • A Contractor (unregistered)
    Remy Martin:
    After a few years in the company...
    I found TRWTFFY.
  • Ryan (unregistered) in reply to Cbuttius

    Yeah, reviews should be more of an occasional "random" thing where some of a team members recent code is pulled and analyzed by the DEV team, not some other outside "committee."

    This serves not only improve that programmer, but also helps teach other programmers in the review.

  • ***erisk (unregistered) in reply to Ryan
    Ryan:
    Yeah, reviews should be more of an occasional "random" thing where some of a team members recent code is pulled and analyzed by the DEV team, not some other outside "committee."

    This serves not only improve that programmer, but also helps teach other programmers in the review.

    I don't agree. If you have random quality adjustments you have nothing more than random patches of quality code (unless you use the above technique, which is more like a "witness" than a "review"). What reviews can do is enabled average or below-average developers to be productive and to increase their quality. This can definitely save the company money.

  • James (unregistered)

    click on the text "WHY ARE YOU WRITING THIS" and be amazed!

  • Carl (unregistered)
    "And the customers were asking for this?"

    "Well, no," Hank said. "We just thought it'd be a good thing to provide. As far as I know, no one is planning to use it yet."

    Believe it or not, this is where your clueless neighborhood PHB MBA can be put to use. You have to sneak the idea into their brain in some way where they think they thought of it, but if you can do that, get them to ask "How much is this going to cost?" and "How much additional business do you project this will bring us?"

    Then -- the math is so simple even an MBA can do it -- you divide Income=0 by Cost=$BIGNUM and discover that your Return on Investment is approximately minus 100 percent. At this point the MBA's eyes will start glowing red and everyone in the vicinity will get shot. Like I said, you have to activate this weapon with care, but if you do it right the company will be better off in the long run.

  • wtf (unregistered) in reply to Carl
    Carl:
    Then -- the math is so simple even an MBA can do it -- you divide Income=0 by Cost=$BIGNUM and discover that your Return on Investment is approximately minus 100 percent. At this point the MBA's eyes will start glowing red and everyone in the vicinity will get shot. Like I said, you have to activate this weapon with care, but if you do it right the company will be better off in the long run.

    I don't get it. 0/BIGNUM = 0, no? But then, maybe you need to be an MBA for this sort of thing.

  • anon (unregistered) in reply to wtf
    wtf:
    Carl:
    Then -- the math is so simple even an MBA can do it -- you divide Income=0 by Cost=$BIGNUM and discover that your Return on Investment is approximately minus 100 percent. At this point the MBA's eyes will start glowing red and everyone in the vicinity will get shot. Like I said, you have to activate this weapon with care, but if you do it right the company will be better off in the long run.

    I don't get it. 0/BIGNUM = 0, no? But then, maybe you need to be an MBA for this sort of thing.

    Yeah, it's MBA math. Remember that "Diet Calculus for Business Majors" class that you laughed at in college when you were taking Real Math?

  • Matt (unregistered) in reply to Wolfman
    Wolfman:
    How on gods green earth do you make a review board with no teeth? They would probably be more effective if they just call everybody in and watched cartoons!

    Generally that's what you do when you want to look good by making the committee, but you don't want them to actually do anything.

    For proof of this, see civilian review boards. They are tasked with analyzing infractions committed by police against citizens. Just having these is a major hurdle. Of the few that exist, it's a whole other matter if they have any power such as ability to review police records, which is even rarer.

  • wtf (unregistered) in reply to anon
    anon:

    Yeah, it's MBA math. Remember that "Diet Calculus for Business Majors" class that you laughed at in college when you were taking Real Math?

    Oh... that's where they kept the part about "and then you take the large check and put it in your pocket", right?

    Damn, I knew I was missing something.

  • boog (cs) in reply to wtf
    wtf:
    Carl:
    Then -- the math is so simple even an MBA can do it -- you divide Income=0 by Cost=$BIGNUM and discover that your Return on Investment is approximately minus 100 percent. At this point the MBA's eyes will start glowing red and everyone in the vicinity will get shot. Like I said, you have to activate this weapon with care, but if you do it right the company will be better off in the long run.

    I don't get it. 0/BIGNUM = 0, no? But then, maybe you need to be an MBA for this sort of thing.

    Maybe it should be (income - cost) / cost?

    That'd be -100%.

  • boog (cs) in reply to anon
    anon:
    Yeah, it's MBA math. Remember that "Diet Algebra for Business Majors" class that you laughed at in college when you were taking Real Math?
    FTFY
  • Jay (unregistered) in reply to boog
    boog:
    "Well, no," Hank said. "We just thought it'd be a good thing to provide. As far as I know, no one is planning to use it yet."
    Coincidentally, I leave the back-door of my house unlocked and wide open all the time, even at night and while I'm not home. It's okay, it's not like anyone's planning to use it.

    Reminds me of an organization I used to work for where the philosophy basically was: We must have a secure deadbolt on the front door, plus a padlock, and the door must be made of 3-inch thick steel, and we'll have armed guards stationed at all times, with barbed wire and landmines around the perimeter.

    Then we'll leave the back door open because, hey, it's too much trouble going through all that security to get through the front door every day.

  • moz (unregistered) in reply to boog
    boog:
    They should have at least told him "You have our approval (as if you need it), but your web service will be vulnerable to any common hacker on the web.
    They could have done that. They could instead have asked him how the system will know which stock figures to adjust if the users don't have accounts on his bit of the system. Or how the users will enter their data accurately without any easy way to find the things they've actually bought or to check whether or not they'd already told you that they used an eighth yesterday.
  • boog (cs) in reply to moz
    moz:
    boog:
    They should have at least told him "You have our approval (as if you need it), but your web service will be vulnerable to any common hacker on the web.
    They could have done that. They could instead have asked him how the system will know which stock figures to adjust if the users don't have accounts on his bit of the system. Or how the users will enter their data accurately without any easy way to find the things they've actually bought or to check whether or not they'd already told you that they used an eighth yesterday.
    Sure, why not? The whole point of the committee (if Pete seems to think it's a "service to developers") should be to provide feedback. It looks to me like Dean was the only one who was trying to do that. And it looks like Hank didn't quite get it.
  • boog (cs) in reply to Jay
    Jay:
    boog:
    "Well, no," Hank said. "We just thought it'd be a good thing to provide. As far as I know, no one is planning to use it yet."
    Coincidentally, I leave the back-door of my house unlocked and wide open all the time, even at night and while I'm not home. It's okay, it's not like anyone's planning to use it.

    Reminds me of an organization I used to work for where the philosophy basically was: We must have a secure deadbolt on the front door, plus a padlock, and the door must be made of 3-inch thick steel, and we'll have armed guards stationed at all times, with barbed wire and landmines around the perimeter.

    Then we'll leave the back door open because, hey, it's too much trouble going through all that security to get through the front door every day.

    Why not open the windows too? Certainly having more and more easy entry points isn't a security risk. After all, no one is planning to use them.

  • RJNerd (unregistered)

    I am reminded of a sign I saw at MakerFaire. It was on the barrier around a pulse jet powered "carnival" ride.

    "SAFETY THIRD"

  • ÃÆâ€℠(unregistered)

    What's up with Remy Porter's infatuation with rainbows and unicorns?

  • boog (unregistered) in reply to renewest
    renewest:
    Sorry, my comment did not pass the review
    Yours did, but it seems there are several that did not.
  • dubbreak (cs) in reply to boog
    boog:
    renewest:
    Sorry, my comment did not pass the review
    Yours did, but it seems there are several that did not.
    There were 92 comments.. now there are ~43.
  • Pyrexkidd (unregistered) in reply to Bince
    Bince:
    The Corrector:
    mc:
    Gordon:
    Programmers are good problem solvers that way.

    Incontinent programmers are good at using adult diapers to solve problems.

    FTFY.

    FTFY
    FTFY
    FTFY

    CAPTCHA transverbero -- the transformation of Niel Young's 1982 album into electronica.

  • uuang (unregistered)

    wat happened!

  • boog (cs) in reply to uuang
    uuang:
    wat happened!
    I imagine Hank went forward as planned with implementing his open-to-the-world, anonymous-hacker-friendly web service, sprinting through all of the established checkpoints and eventually moving it to production without any hindrance from Dean, Pete, or the rest of the governance committee.
  • nope (unregistered)

    My old department used to take hte exact opposite approach. So much time doing meaningless crap that it was amazing people remembered various programming languages because there could be litereal gaps of years between code development phases for any one person.

  • MarkJ (cs)
    article:
    ...but the server team will promote their code whether or not they actually passed the checkpoints.
    Sounds like a big disconnect between the development team and the people managing them. I've never worked anywhere that let me just do what I want!
  • neminem (unregistered) in reply to frits
    frits:
    Go Team Venture!:
    Brock:
    Did anyone else read the conversation between Hank and Dean in their Venture Bros voices?

    TRWTF is all this talk of Hank and Dean with no mention of Brock. amirite?

    The only Brock I know has a massive phallus tatooed on his chest.

    Weird. The only Brock I know, was the gym leader of one of the first gyms you discovered, and specialized in rock-type pokemon.

Leave a comment on “Security Frist!”

Log In or post as a guest

Replying to comment #:

« Return to Article