Not as much as you think

Storing and registering code commits is easy, and most shops use code management tools like PVCS, Harvest, etc already. Small time devs don't, but would not agree to these terms without much increased fees. They're not interested in that type of application development.

Background checks are cheap. I do them for my tenants. most businesses already do this for employees. Even going further and getting C2 clearance certifications for each employee is only a few hundred bucks, and your devs are probably making $50-150K anually, so that's chump change.

Avoiding the most common, published mistakes? You should be doing that anyway. Yes, going through millions of lines of old code to find this is an issue, but new developments should be starting clean.

Devs who do "internal" work are likely doing that for external customers, and those customers can just as easily hold your internal devs to the same terms...

Development of this kind of code we're limiting here to applications that touch protected content, or open system level risks. macro's in word? We're relying on WORD to have a code base that itself prevents Macros from causing harm, so writing a bad macro should not be able to interfere with your system and this is not a concern, and does not require this effort. Further, we're talking about CONTRACTED development here. If you are being paid to write macros, you SHOULD be doing it right.

Writing good code, and doing good testing IS economical. it reduces tech support loads, eliminates dissatisfied customers, and avoids contract disputes and legal action when customers simple sue over "bad code" they commissioned to be written. If the contract does not have these specific terms, you can easily be sued, and if there are glaring errors, including these common industry accepted and published dangerous errors, you can easily be ruled incompetent, and that you produced a flawed product, and can be ordered to refun and pay legal fees, if not damages. Having these terms provides customer level of comfort, requires only minimal training for your devs, and no one said you have to include ALL the contract stipulations (like 3rd party code review).

True dat.

After a few years in the dev game, I've pretty much made all the mistakes in the book, including one potentially news-making SQL injection fail. Fortunately I'm capable of learning , so I reckon I'm at least half decent these days. I code defensively, check best practice, analyze for holes etc etc. All the stuff you're supposed to do.

Yet when I'm asked to estimate dev costs for a bid, including all of the above, why is that number invariably slashed in half when the bid goes to the potential client?

customer requests

I hear that, worse yet is when a client is made aware of vulnerabilities and declines to pay to fix them. I'm sure that I'm not the only programmer who's had the nightmare of inheriting a messy code base.

Bad code quality is a reflection of the trend for businesses to compete on price rather than quality. The problem is far more widespread than just software. Businesses can hire professionals who know what they're doing, or they can give the project to the cheapest developers to jerry-rig the thing together. There are plenty of us capable of doing the job right, but frankly until clients start to care about (and pay for) quality, our employment hinges on doing the work quick, dirty and cheap.

This is evidenced by the eagerness of western business to hand over critical business functions to offshore teams with whom they can neither communicate in real time nor communicate proficiently in the same language.

Indeed

The problem tends to be that the typical customer has a rather faint idea of what they actually want done (or what is possible/reasonable) at the time a contract is signed. Suggest paying for the work that is needed to figure this out and they are likely to go to someone who is prepared to overlook this. I suppose it is a fundamental flaw in how things work in practice: one can't really blame the customer for not being an expert as this is the very reason they come to you. Smart customers might (eventually learn to) make different contracts for experts looking after their interests and those doing the rest of the work, in which case the suggestion of contract provisions for liability for insecure code would be more realistic in practice.

what?

i know a LOT of coders. We employ about 600 of them, across 6 different development platforms in languages from COBOL to C to Java. A previous firm i worked for had about 10. I also worked for resellers and supported a number of coding shops.

Coders typically make well more than I do, and I'm not exactly underpaid... It's rare to find an "underpaid" coder.

Yes, some niche developers make poor wages, as do some guys in startup and small firms, and guys writing simply batch code. Most of those guys are also "starting" coders, who in 4-8 years will be making $60K+ given their experience. I started in IT making less than $20K a year too.

I also know very for coders who don't get vacation, and it's commonly held nowadays that lack of sleep make WORSE code. Well rested devs working 40 hours write more lines of complete code than thos who work 60+ hours... Most firms won't LET their coders work more than a set number of hours straight (though development emergencies sometimes override that in small firms).

"well trained?" we're not talking about complex math and rare algorithms here. We're talking about avoiding common, predictable mistakes. It's a simple few days of training, tops.

Management IS held responsible. If the devs push out bad code, and the company looses money, do you not think the investors will be looking at management for reasons why? management can't often read the code themselves, so all they can do is put in place people who can, and set up PROCESS for review. If that process fails, is it really some exec's fault, directly? No, it's a senior developer's problem. Commissioning code means "write something that does this" and has NOTHING to do with the internals of that code. it's not micromanagement.

@Michael C

Sounds like you work in a progressive, and frankly very nice company.

I envy you.

@What?

I think you misheard what management was asking for.

Most firms won't PAY their coders to work more than 40 hours a week, but will never the less encourage them to work 60+ hours in order to justify not off shoring their jobs.

@Lou Gosselin

Nail on the head there. Not just programmers, any IT folk...and probably just folk in general. Our buddy Michael C works at a pretty nice place I think. Unless my anecdotal evidence of talking to all the IT folk I know around the world about their jobs is totally off base, his gig is definitely the exception, not the rule.

I'm a network admin, and sure enough I am required to put [number shamefully well above 40] hours a week on average, 24/7 on call, no vacation pay for my own support cell phone, etc. etc. etc. Only get paid for 40 hours a week though, no overtime, no banked hours, nada. I’m consistently told that I choose to work overtime, and that because it’s my choice, the company can’t be held accountable. That may be true from one perspective, but the reality is I am not assigned hours to work, merely responsibilities, projects and deadlines. Heaven help me if anything is late or ends up broke. (No way you can keep this ship sailing on 40 hours a week and the shoestring budget we’ve got round here, letmetellyou.)

To be fair, there are some perks: the stock standard health/dental package. They do chip in $150 a month for parking, so I guess that’s generous. They let the IT types have their own coffee pot, (we pay for all supplies,) and a futon in the office for the nights we don’t make it home. Way I hear it though, coffee pot and futon won’t be allowed after the office move, and parking is up in the air too.

Still it’s the best job going in these parts for IT folk; might just be why I’m trying to get out of IT.

Re: TRAIN US

If you want a job, sit back and carry on bleating as you are. If you want a career, get off your arse and train yourself, it can easily be done on your employers time. Hands off training is a complete waste of time and money, it's only useful purpose is to make employees feel they are valued.

Re: On the employer's time?

>personally I'd rather it was mentor based and on-site

Fair enough, I forgot about that as I was thinking training courses, you are correct, this is the best way to learn but I wouldn't strictly call it training.

However, with regards to employer's time, I doubt anyone puts in 100% of an eight hour day, not even close. There are always lulls. I'm not suggesting these shouldn't be filled with reading websites nor contributing to forums, these are both time honoured work related activities, merely that some of that time could be better employed to improve oneself. There are myriad ways that you could include a small personal training project into a working day.

One other thing, if you value yourself, don't do unpaid work.

Nice to see...

...the "world owes me a living" brigade out in force.

I've always said there are two types of people in the world, those who do and those who moan about them. Please carry on moaning while I get on with things.

@Chris W

You say there are two types of people in this world: two types of people in the world, those who do and those who moan about them. Only two types of people, eh? Seems I might break your little black-and-white view of the universe.

I work for a living, 12-18 hours a day. I have a roof over my head for now, (and I am grateful,) and even a few shiny knickknacks and toys. I've worked hard for everything I have, but I still live paycheque to paycheque and put in enough hours at work to actually require a cot in my office. I would consider myself as someone who “does,” and isn’t afraid to put the time and effort in required to get things done. Yet, I still complain about the state of the world, so where does that put me in your view?

I don’t treat my staff like dirt, and I don’t ask anything of them I wouldn’t be willing to do myself. I give them the opportunity to make mistakes and I defend them vigorously around budget time. I fight for their raises, and better working conditions, I even manage to find time to volunteer at a couple of worthy causes outside the office, and make my varied donations.

When I look at the “management” folk, either higher up in my organisation or in other organisations around the world, I am sickened. (“Consultants” have a similar effect.) With some notable exceptions, they are greedy, self-centered little $expletives who will cheerfully ruin the lives of thousands of people for a small quarterly bonus. These folk certainly don’t lead by example; asking way more of those they lead than they are remotely willing to give in turn. They are constantly seeking the cheapest candidates who will work under the worst possible working conditions just to save a few bent coppers.

I am perfectly aware that the world isn’t so black and white as all that. People fall along a spectrum. On one end folk so charitable and self sacrificing they can’t look after their own selves. On the other end people who are so self-obsessed they can cause the deaths of millions for meagre personal benefit with a smile and a flip comment about “survival of the fittest.” What I rail against is a society that holds those close to the latter end of that spectrum up as role models, as though short-sightedness and selfishness were exemplary behaviour.

The world doesn’t owe me a living, but by $deity it could use a conscience.

@Trevor

From reading your posts it seems like you are allowing people to treat you like, as you say, $expletive. 12/18 hour days, being paid only for 40 hours, 24/7 on call using your own phone and whatever etc, etc... is. Quite honestly I can't believe that you have staff, however if you do and that's the best conditions you get for yourself then I dread to think how you can get anything better for them and how they can look up to you as a role model. You seem to have done little more than a lot of moaning under the guise of how wonderful you are.

@Chriw W

I oversee a small department, be the company doesn't belong to me. I won’t ask my staff to work any more hours than I do, and I do my absolute damndest to make sure *they* at least get to make up their overtime elsewhere. (Legally there is no requirement for sick days, for example. I ensure they are not recorded, and am flexible about staff leaving early, etc.) I do my best to make sure they don’t have to bear the brunt of crappy upstream decisions. They better rested they are, and the better their spirits, the more efficient they will be.

I’d also like to point out for the record that I never said that I was wonderful in any way. I consider myself an "average guy,” no more or less selfish or giving than the folk around me. My complaint is that it’s those who tend to be the self-focused greedy $expletives who end up in charge. (Says all sorts of lovely things about our society, don’t you think?) The average working man, at least around these parts, tends to be a good sort.

As to "allowing people to treat me like $expletive," there aren't a lot of options around here. As much as I might gripe, it really is one of the best deals going for IT guys in these parts. (The guys that get gigs with the municipalities are all unionised and thus working there is pretty sweet...but job openings are rare and exceptionally competitive.)

There just isn’t a lot of work to be had. The power isn’t in the hands of the workers, it’s in the hands of the businessmen. There are far more IT people here than there are jobs, and frankly that seems to hold true for almost every industry I can name. I live in a metro with a little over a million people. There’s another metro to the south with about the same. There’s nothing else for 800km in any other direction. Ever major company (and even some municipalities) have been outsourcing to India or the Philippines. The only real work available is with the smaller shops, and as soon as they get big enough, they outsource.

You can cast aspersions on me all you want, but I still maintain that treating (and paying) people well should be the cornerstone of our society, not rabid self-interest, greed and idolising those who step on the backs of others to achieve their wealth. I'm sorry if that rubs your ideals the wrong way.

What seems to be the problem

is that your way of doing something about being treated badly is cry and tell everyone how they are wrong. All of your posts assume that you are "normal". Well, wake up, your not. Your letting yourself get treated like crap.

You think everyone is outsourcing, but the fact is that it is still a very small number of companys. It sounds more like you just don't have the spine to go and look for a new job, or the stills to move in to another area.

Beelzeebu@hotmail.com

Daer Chris,

Do you work for CSC by any chance?

All the best,

William Ernest Henley - Invictus

It matters not how strait the gate,

How charged with punishments the scroll,

I am the master of my fate:

I am the captain of my soul.

@Beelzebub

Dear Beelzebub,

I don't know why you ask but just in case you think some other poor sod might be me then I'll answer. No, I don't work for CSC, not now nor ever.

>If you, AC, or Chris W, or anyone else have a great job with no worries in life I wonder how you got there.

I can probably speak for both of us when I say that the answer is we don't take $expletive from anyone.

Many thousands of people have crossed seas and continents, in many cases paying what to them are huge sums of money to less than savoury characters. They put themselves and quite often their family in debt and risk their lives using less than safe methods of transport. Many of them have died in their attempt to make a better life for themselves, others, knowing this still follow. Yet you won't make an 800km journey which to these people would seem like a ride on a cloud. One other thing, you can always return in safety from that 800km, for the others it is a one way trip into the unknown. Any one of these people have got more get up and go in their little finger than you have in your entire body. I honestly hope for your sake that Trevor Pott is not your real name because any future employer that can link you to your comments will throw your application straight in the bin.

"I am the master of my fate."

You honestly believe that?

Awwww…how quaint. Explains a lot.

Relevant.

http://xkcd.com/705/

@Chris & Trevor

Seek couples therapy. It'll do the both of you a world of good.