←back to thread

Students are failing AP tests because the College Board can’t handle HEIC images

(www.theverge.com)
669 points danso | 2 comments | 20 May 20 19:36 UTC | HN request time: 0.41s | source
Show context
_bxg1 ◴[21 May 20 16:54 UTC] No.23260967[source]
This is the latest in a string of incidents where critical software systems, facing new pressure due to the pandemic, are catastrophically failing their users. I think what's happened in the past is that most public-facing software systems either a) were not really critical (because people had the alternative of doing things in-person), or b) (as in the case of all the ancient COBOL systems underpinning the US gov) had been made reliable over the years through sheer brute force as opposed to principled engineering. But in the latter case, as we saw with New Jersey's unemployment system, that "reliability" was fragile and contingent on the current state of affairs, and had no hope of withstanding a sudden shift in usage patterns.

Now we have various organizations - governmental and otherwise - hastily setting up online versions of essential services and it seems like every single one of them breaks on arrival.

We need some sort of standard for software engineering quality. I don't think this is an academic question anymore. Real people's lives are being impacted every day now by shoddy software, and with the current crisis they often have no alternative. Software that you or I could probably have executed better, but that the people who were hired to do it either a) couldn't, or b) didn't bother. It's nearly impossible for non-technical decision makers in these orgs to evaluate the quality of the systems they've hired people to build. We need quality assurance at an institutional level.

If not governmental, maybe an organization around this could be made by developers themselves. Not the "certified for $technology" certifications we have now, but a certification of fundamental software engineering skills and principles. A certification you can lose if you do something colossally irresponsible. At the end of the day, this dilution of quality is having a negative impact on our job field, so it concerns all of us. It leads to technical debt, micro-management, excessively rigid deadlines and requirements, which we all have to deal with. All of these are either symptoms of or coping mechanisms for management's inability to evaluate engineering quality.

replies(15): >>23261019 #>>23261187 #>>23261210 #>>23261239 #>>23261289 #>>23261414 #>>23261666 #>>23261696 #>>23261835 #>>23261851 #>>23261876 #>>23262059 #>>23262102 #>>23262525 #>>23263763 #
1. jacques_chester ◴[21 May 20 17:54 UTC] No.23262059[source]
> If not governmental, maybe an organization around this could be made by developers themselves.

These exist. The ACM and IEEE CS are best-known, but there are also various national bodies (ACS in Australia, BCS in the UK etc).

> Not the "certified for $technology" certifications we have now, but a certification of fundamental software engineering skills and principles.

The IEEE Computer Society has such a thing, maintained in various forms since about 2002[0]. The ACM and IEEE CS also publish a software engineering curriculum that they are prepared to recognise[1]. They also have a jointly-published Code of Ethics[2].

I sincerely agree with you that our profession is mostly a disaster area. But one thing other professions have that we lack is (1) fairly worked-out fundamental theoretical bases, or at least long experience to draw on, and (2) legal enforcement of standards.

[0] https://www.computer.org/education/certifications

[1] https://www.acm.org/education/curricula-recommendations

[2] https://ethics.acm.org/code-of-ethics/software-engineering-c...

replies(1): >>23262344 #
2. majormajor ◴[21 May 20 18:06 UTC] No.23262344[source]
> But one thing other professions have that we lack is (1) fairly worked-out fundamental theoretical bases, or at least long experience to draw on, and (2) legal enforcement of standards.

A world with (2) without (1) would be pretty miserable.

Trying to do this today wouldn't be enforcement of standards, it would be "pray you got it right."

We could build standards for building more-robust software, but every piece of software would become vastly more expensive. We would need massive improvements in tools to avoid that.

And then there's the whole security angle... Is it a failing to have your software be impervious to attackers? To what degree? You wouldn't expect most bridges to withstand a determined attacker...