It feels like the majority of the software industry has just completely given up on security, stability, performance.
-
It feels like the majority of the software industry has just completely given up on security, stability, performance. Or not even given up, rather that we just decided it wasn't important. There's nothing too sacred to be sacrificed for convenience or clicks.
-
I suppose there is a part of it which is the darker side to the democratization of software. It could have happened through the free software movement, but instead it really happened more through the lens of capitalism, with a race to the bottom to make the developer experience as seamless and easy as possible, to train up software engineers without these values so they can produce more cheap software.
-
Not to gatekeep -- there's obviously a lot of good that came of this transition -- but at the same time we lost something really important and I'm not sure we're ever going to get it back. We turned software engineering from a craft into a product.
-
For context, this moody headspace came from reading about a malicious vscode extension that, by forking an existing extension and spending five bucks on fake reviews and social engineering, immediately compromised dozens of high-profile companies and government institutions. The researchers found thousands of known-malicious vscode extensions with millions of combined installs.
-
And it occurred to me that this is symptomatic of years and years of failures of our cultural institutions to establish, maintain, and pass on our values.
-
All of it -- the handholding appeal of vscode and its extensions, the rot of the javascript ecosystem, the reckless unchecked dependence on unvetted software in critical applications, the institutionalization of this as a cultural norm, a willingness to invite Microsoft into our most intimate engineering spaces... there's just so many levels on which our culture has to have had failed in order for this situation to be possible. And I'm not sure we can ever recover.
-
@drewdevault do you happen to have a link to this article?
-
@drewdevault All of that costs $$$ while not necessarily increasing revenue, so they're left behind. When applied to other fields, the result is a Titan submersible imploding or a 737 Max nosediving into the ground. It's also the reason we have government regulations in many industries. One day, this lax approach will come to byte the IT industry in the ass and bring in regulations, and we will have no one to blame other than asshole CEOs and their multimillion salaries.