top | item 10489986

(no title)

lambdapie | 10 years ago

I'm not a big fan of professional bodies or mandatory qualifications. I think these tend towards rent seeking, with these bodies existing mainly to justify their own existence. In the case of software engineering, I'm especially concerned about academics with little real world experience using valid security and privacy issues as an excuse to force their own view of how software engineering should be done on everyone else.

That said, my employer has standards for security and privacy that go well beyond industry norms, so if I was working elsewhere maybe I would feel the need for better standards across the industry.

In my experience, software engineers tend to be conscientious. Caring about the big picture is a big part of open source, hacker and nerd culture. But knowledge is hard to come by. I learnt from the experts, but I doubt most engineers would be able to build a simple CRUD app form scratch without major security holes.

It would be nice to see some best practices around security and privacy emerge without forcing everyone to write Ada or Coq or completely change their approach to writing software.

discuss

No comments yet.