Re: Working with incompetent adaists / unsafe typing war story

[Brian May <bam@snoopy.apana.org.au>]

>>>>> "Anonymous" == Anonymous Coward <anonymous@coward.org> writes:

    Anonymous> I'd like to start with a war story: <war story>

A big hurdle I find (not just in Ada software) is that the API Mr
Safety carefully designed and implemented is insufficient for the
requirements of the project. As a result, and due to demands from
management to get the project finished Yesterday, Mr Safety is forced
to expose a lot of the inner workings which he never intended.

The reason why the API was insufficient? Because Mr. Safety didn't
understand all of the requirements. The reason? Because management
considers the design phases of the very complicated software a
complete waste of time and money. Bugs will occur anyway. What is the
point? However, Mr. Safety wanted to try to do the right thing. So he
tried to do the design. Unfortunately he couldn't see into the future
for what would be required, as Management considers each modification
as a totally isolated project.

Not only that, but Mr. Safety wasn't given time to document the
API. As such other programmers tied themselves up in knots, either by
continuing to do things in obsolete ways, or by making changes to the
API that aren't required and break other things in horrible ways. This
can lead to conflicts between Mr. Safety and the other programmers in
doing things the "correct way" vs the "quickest way" with management
supporting the later. Not only that, but even Mr. Safety wasn't sure
how the API was meant to work, as he wrote it years ago and hasn't had
an opportunity to look at it since. During this time other developers
have gradually been changing it in ways which look totally
inappropriate and Mr. Safety doesn't understand.

At the end of the day, management gets code that appears to work, and
they are happy. Other code might be completely broken and need fixing,
but that is rule rather then the exception in such projects.

These issues occur regardless of language - admittedly this isn't Ada,
and isn't even I strongly typed language, but I think Ada wouldn't
help without significant culture change.


If on the other hand you built a house and then tried to design it in
a similar manner, I could imagine:

Customer: "Build me a house, and put it right there please."

Builder: "What are the requirements of this house? Is this your
property? How many bedrooms? How many bathrooms?"

Customer: "What is this? Don't waste time.  I want big rooms. Just
build me a house, and quickly too, so I don't have to pay you too
much."

[...]

Builder: "Your house is finished. If there are any problems, please
let me know".

Customer: "I like the very large lounge room with the big windows. How
do I get inside?"

Builder: "Just smash a hole in the Window like this, until you can fit
inside. Try not to cut yourself."

Customer: "Is this secure?"

Builder: "Off course it is. No intruder would dare try to enter at the front."

builder to himself: "...as long as the back door, with all the signs
'Emergency entrance here! No key required!', remain a secret."

[...]

Customer: "I need the toilet. Can you please show me the way?"

Builder: "Whoa! You didn't say you wanted a toilet! I only built a
lounge room. The toilet would require water connections, sewage
connections, another floor, council approvals, and will cost you
extra."

Customer: "I thought a toilet was standard. I also want a bathroom
too. A stranger I met on the street said a bathroom is always a good
idea. This is unacceptable. Don't waste time with the council
approvals, just finish my house!"

[...]

Builder: "Here is the extra story attached to the roof of your house
containing a bathroom and toilet. As an extra bonus I have also given
you a shower and a big Spa bath. You can get to it by climbing out the
main Window. The addition should be secure, I used plenty of duct
tape."

Customer: "Spare me the technical details. Is it finished or not?"

Builder: "It is finished."

Customer: "Can you make my new oven work when it gets delivered?"

Builder: "umph. There isn't a Kitchen."

Customer: "What is the kitchen anyway? I don't know what it means. I
purchased an oven, it a good one, because it was expensive, and the
Microsoft representative told me to get this one. Just get it
working. He said it would produce anything from roast meals to cakes
and biscuits with minimal effort."

Builder: "I think you want a Kitchen. Let me see... That would require
an additional story, additional plumbing, ..."

Customer: "Whatever, just do it."

[...]

Customer: "The oven doesn't work! The Microsoft person told me it was
your fault."

Builder: "You didn't tell me to connect it! Is it Electric or Gas?"

Customer: "I don't know the process. I just wanted you to make it work
when it gets delivered."

Builder: "It is not even delivered yet? No wonder it isn't working. Is
it Microwave, Electric or Gas?"

Customer: "How am I suppose to know? You tell me!"

Builder: "I could do this job faster if you told me. Besides,
connecting ovens really isn't in my job description..."

Customer: "This is beyond a joke. Who knows what on earth you are
talking about anyway."

[...]

Customer: "It is getting dark. How do I make it light?"

Builder: "What? You want lights? Do you want an electrician?"

Customer: "No! I don't even understand anything you just said. Just
make it light!"

[...]

Customer: "Where do I put my bed?"

Builder: "In the lounge room. In front of the big window that looks
out towards the big shopping centre. I surely hope you don't need
privacy?"

Customer: "No! Whats that?"

[...]

Customer: "Your house you built me was faulty. It was buggy and
crashed into the old house underneath. All I did was remove the duct
tape so I could re-program the bugs. It didn't meet any of my
requirements either. My oven doesn't work either - it just gets very
hot. I will send you a draft copy of my requirements later. I want a
full refund, and I want you to fix up the damage to the old house."

Builder (horrified): "You did what with the duct tape??? [...] What
old house underneath??? [...] There were no bugs when I left
it. Besides how do you re-program a bug??? Do you even know what you
are talking about?"

    Anonymous> Do you folks encounter this frequently?  And what's the
    Anonymous> solution?  Management can never appreciate the benefits
    Anonymous> of concepts like type safety.  Strong typing is
    Anonymous> incorrectly viewed as "academic" and counter to
    Anonymous> progress.

I have seen web pages dedicated to discussing why strong typing
systems are bad and slow implementation, and the world would be a much
better place if everyone used typeless scripting languages instead.

Then people ask how come so many web pages have obvious and known
security holes. There was a talk at the Linux conference (LCA2006),
New Zealand, in fact. The speaker wrote a program designed to check
websites against obvious attacks, such as not quoting user input
before displaying it back as HTML to the user, or displaying unquoted
user input (meaning HTTP post variables) in SQL error messages. He
found so many security problems in common websites around the Internet
he refuses to distribute the code for fear that attackers might use
it.

These things shouldn't happen!

Oh well, such is life...

I only hope that software written for mission critical applications is
better...
-- 
Brian May <bam@snoopy.apana.org.au>