Depends. I’ve studied for my engineering title, I have standards and ethics. Requirements, specification, design, architecture, programming, testing, integration, delivery, everything is part of my job. If you are a programmer, you only do programming.
I’ve been a programmer my whole career, but some years ago my then-employer gave me the actual title of “visionary”. This caused me to immediately lose the respect of my coworkers, and after a few months it was obvious my employer was just preparing to get rid of me and replace me with H-1Bs.
But then it all circles back around. I have advanced degrees in (non software) engineering from actual top tier engineering schools and I should not be trusted to write production code. That’s what software engineers are for.
I disagree with that. I mean, I don’t know how good you are at writing software, so maybe you shouldn’t be allowed anywhere near production code. But, just because code is “production” doesn’t mean it should exclusively be the domain of people who are “software engineers”.
In my mind, software engineering involves implementing new algorithms that are from a computer science paper you just read, or architecting a big and complex system. Or, if there are lives on the line. I’d want people writing code for a new Space Shuttle to think of themselves as engineers, not just code monkeys.
But, a self-taught developer is fine to update production code for a web app as long as they write the correct tests and get it peer reviewed.
My doctor’s digital prescription service has been ransomwared. It’s been a few weeks, and they paid the millions of dollars in Bitcoin or whatever, but it’s still encrypted and my doctor had to write me a prescription on paper.
The fact that a digital prescription service could have that happen is madness to me. The fact that they don’t have offline backups for prescriptions is insane. Yes, they could have been in there for a while, encrypting everything, but if the company had tested its backups they’d have found out immediately.
All of these are things that wouldn’t have happened if computing professions were held to standards.
Ok, sure. What standards? For fields like Civil Engineering it’s pretty easy to come up with reasonable standards. But, if a software engineer is writing a generic key-value store, how do you evaluate whether that item meets the required standards?
There are things that a developer can and should check to make sure his code is secure, but my focus is mainly on the systems and those can definitely be held to standards. Things like checking dependencies for known exploits, enforcing 2FA and TLS on all connections, encrypting data at rest, and testing backups, among a lot of other stuff.
I’ve worked with hundreds of organizations across many different industries in my career and almost none of them do all or even most of those, even if they need to be compliant for things like HIPAA or SOX. I once worked with an aerospace company whose sysadmin/webmaster/network guy was literally the founder’s son, who got the job because he knew how to make a web page.
I have the words “software engineer” in my job title but I hate it.
We aren’t engineers, we’re a bunch of undisciplined hackers, engineers have standards and ethics.
Programmer is my preferred term, or software developer.
Code monkey is also acceptable.
Depends. I’ve studied for my engineering title, I have standards and ethics. Requirements, specification, design, architecture, programming, testing, integration, delivery, everything is part of my job. If you are a programmer, you only do programming.
Engineers put a lot of work into figuring out ways to sidestep their standards and ethics
I’ve been a programmer my whole career, but some years ago my then-employer gave me the actual title of “visionary”. This caused me to immediately lose the respect of my coworkers, and after a few months it was obvious my employer was just preparing to get rid of me and replace me with H-1Bs.
You answer to this guy now
But then it all circles back around. I have advanced degrees in (non software) engineering from actual top tier engineering schools and I should not be trusted to write production code. That’s what software engineers are for.
I disagree with that. I mean, I don’t know how good you are at writing software, so maybe you shouldn’t be allowed anywhere near production code. But, just because code is “production” doesn’t mean it should exclusively be the domain of people who are “software engineers”.
In my mind, software engineering involves implementing new algorithms that are from a computer science paper you just read, or architecting a big and complex system. Or, if there are lives on the line. I’d want people writing code for a new Space Shuttle to think of themselves as engineers, not just code monkeys.
But, a self-taught developer is fine to update production code for a web app as long as they write the correct tests and get it peer reviewed.
My doctor’s digital prescription service has been ransomwared. It’s been a few weeks, and they paid the millions of dollars in Bitcoin or whatever, but it’s still encrypted and my doctor had to write me a prescription on paper.
The fact that a digital prescription service could have that happen is madness to me. The fact that they don’t have offline backups for prescriptions is insane. Yes, they could have been in there for a while, encrypting everything, but if the company had tested its backups they’d have found out immediately.
All of these are things that wouldn’t have happened if computing professions were held to standards.
Ok, sure. What standards? For fields like Civil Engineering it’s pretty easy to come up with reasonable standards. But, if a software engineer is writing a generic key-value store, how do you evaluate whether that item meets the required standards?
There are things that a developer can and should check to make sure his code is secure, but my focus is mainly on the systems and those can definitely be held to standards. Things like checking dependencies for known exploits, enforcing 2FA and TLS on all connections, encrypting data at rest, and testing backups, among a lot of other stuff.
I’ve worked with hundreds of organizations across many different industries in my career and almost none of them do all or even most of those, even if they need to be compliant for things like HIPAA or SOX. I once worked with an aerospace company whose sysadmin/webmaster/network guy was literally the founder’s son, who got the job because he knew how to make a web page.