Joy in what’s working. Determination, precision and patience over what isn’t. Mission and humility. Respect for people above all.
Tag Archives: ethics
A plea to my fellow developers and our employers [Harm]
Revelations today about a security breach at Sony Pictures. If the claims are true, the company failed to take even minimal steps to protect the identities of their users. Passwords were stored in plain text.
There are many reasons why this happens: naive business sponsors, inexperienced or pliable developers, poorly thought out or narrowly defined requirements, lack of regard for user privacy, and simple schedule pressure that leads to mistakes and cut corners.
It is unacceptable to assume stored user information is not sensitive simply because your site doesn’t do anything sensitive with it.
People re-use passwords. They shouldn’t but they do. They may only be signing up with you for access to white papers but that username and password may crack facebook, paypal, capital one, or any number of other websites.
We can’t treat websites as something less than software, cram as many front facing features into them with as little time and investment as possible and expect a serviceable, safe, and usable consumer experience.
We can’t treat developers as disposable widgets that are there to “work hard” and “do what they’re told” and expect them to watch our back by behaving as ethical professionals and crafts people.
We can’t expose customers to this kind of risk and expect to retain them as customers.
The best way to encourage new and onerous legal obligations is to act irresponsibly because there is no current legal obligation to do otherwise.
There is a historical pattern. A new field starts generating significant wealth and the resulting products and services become widely adopted by society. As a result of that success, failure becomes more visible, more frequent, destroys more wealth and harms more people.
The industry, practitioners and the government step in to reduce the failure rate. The typical result is government licensing of practitioners and regulation of businesses, accreditation of training organizations, and professional bodies with codes of practice and certifications.
I’m not against any one of these things if they evolve gradually.
But if we create another “software crisis.” This time one that affects the safety of large swaths of society or the wealth creation their trust of the internet represents. Then these things will happen too rapidly, too thoughtlessly.
So, here’s my plea to product people and executive sponsors:
- Realize software is complex and websites are software.
- Hire experienced, thoughtful developers, encourage them to tell you the truth and LISTEN TO THEM.
- If you take risks to get something to market, take the time later to circle back and invest to bring that risk down.
- Don’t take risks that can harm your end users.
- Realize a website is not a onetime upfront spend but an ongoing commitment of time attention and resources.
- Realize if you intend to use a website for a short time or an experiment, follow through and dispose of it — or be prepared to invest significantly more in turning it into a long-term asset.
Here’s the plea to my fellow developers:
- Take the quality of our work seriously.
- Learn, learn, learn how to write good code.
- Take our end users seriously. DO NO HARM.
- Band together and demand the best of each other
Agile NYC Presentation Handout
Here is a draft handout from my presentation at “Agile NYC”, Instilling Agile Values for Creativity, Self-Improvement and Organizational Change – A Manager’s Perspective.
http://judykat.com/ken-judy/wp-content/uploads/public/papers/agile-values-outline.pdf
Power, dissent, and bullying in software developer communities
Grassroots developer communities form around shared values in dissent against institutions and norms that dehumanize their work and diminish their efforts. They attack these orthodoxies with humor, heretical thinking, and hard work.
This benefits society when developers defy those with greater power. It harms society when developers bully people with less power.
At the ThoughtWorks sponsored Agile East, Martin Fowler spoke to his post, SmutOnRails.
Part of the community was offended by a presentation at the GoGaRuCo (Golden Gate Ruby Conference). Others fought back saying that no offense was meant, the presenter apologized, and that the tone was in the spirit of the Rails community.
(T)he view of the rails leadership seems to be this: that the objections to the presentation are yet another attempt to foist empty corporate values on the thriving Rails ecosystem… (more)
This debate is not unique to the Rails community. It reminds me of concerns my friend, Luke Melia, raised over jokes and behavior at the first Austin Alt.NET. Martin Fowler links off to a similar controversy in the Flash community.
It is also not unique to developer communities but developers in particular need to be concerned about the outcome.
Women, African Americans and Hispanics are under-represented in IT and even more so in software development. In 2001-2002 74.4% of software developers were men. 78% of those men were white.
In 1986 the percentage of women in CS programs peaked at 37%. The percentage of women in computer science programs has gone down since then.
In 2001-2, only 28 percent of all undergraduate degrees in computer science went to women. By 2004-5, the number had declined to only 22 percent. — What Has Driven Women Out of Computer Science?, NY Times
There were 15,000 women in CS progreams in 1986. Riding natural cycles this number was not matched again until 2003. This latter number contains a higher percentage of non-resident aliens who will not necessarily contribute to the US workforce.
This despite higher percentages and numbers of women acquiring college educations than men. In 2007, 33% of women 25-29 held a four year degree or higher versus 26% of men. 55% of graduates with four year degrees or higher aged 25-29 were women.
Women are even receiving the majority of degrees in science and technology. They have shown steady progress in biology, chemistry, physics, mathematics and engineering.
Metrics can be misinterpreted but these quantitative measures support a stunningly obvious anecdotal observation. US software developers are a white male enclave.
This is a power imbalance and we developers are part of the problem.
Isolation is a key factor for a higher attrition rate among women and minorities, said Teresa Dahlberg, director of the Diversity in Information Technology Institute at UNC Charlotte. People tend to associate with “like communities,” where people have similar backgrounds and interests, she explained. — Computer science lacks women, minorities, SD Times
So when we behave in a way that marginalizes and intimidates talented women and minorities, we abuse power. We become bullies. We are oppressors.
“There is a good amount of research that shows that women are judged more harshly than men, for hiring, evaluations and promotions,” she added. “Virginia Valian [author of “Why So Slow? The Advancement of Women”] shows this for women in science, technology, engineering and math faculty jobs.” Virginia Valian is a professor at Hunter College. — SD Times
Part of the problem may be a perception that software development doesn’t contribute enough to society. To the degree this perception is true it is damning. To the degree it is just a perception we have work to do as advocates.
Our actions need to be judged not by our intentions but by the outcome.
Requisite variety within our teams remains an essential enabling condition for sustained innovation.
Access to technology is growing across all tiers of class, race and gender both in the US and overseas. Diverse teams can better address our market and build software better adapted to our end users.
A more diverse workforce provides the kind of social change that will help us create a more humane workplace for developers.
Finally, anything that limits the number of able US software developers hurts our ability to compete.
When developer communities marginalize women and minorities, we conspire to isolate ourselves from the larger society. We defeat our own attempts to change the power structures around us and improve our lot and our output.
On the Media – cruelty and vulnerability on the internet
Streams of two segments from the NPR show On the Media:
There’s a name for how cruel people can get given a little anonymity on the internet. It’s called “online disinhibition effect” and the resulting venom can ruin your day or worse, destroy your good name.
The basic architecture of the Internet hasn’t changed since it was conceived 40 years ago. But what was once the playground of wonks is now the main staging area for the global economy and open to an array of security vulnerabilities.