Last week I got to spend an evening reinstalling my wife’s laptop because she picked up some malware.  She received an email from a friend with a link to a YouTube video that prompted her to install a new codec.

Except the codec wasn’t really a codec.

The link wasn’t really to YouTube.

The email wasn’t really from her friend.

Here we are in 2010, 65 years after the advent of "program instructions as data" (von Neumann architecture) and the brilliant innovations that propelled computing forward now haunt us.  The power and complexity of computing is amplified by the connectivity of the Internet, creating an ecosystem ripe for exploitation through clever social engineering combined with some technical trickery.

And it’s not fair.  It’s not fair to the users who suffer, who lose data, whose systems are held hostage.  It’s not fair and the blame for calamities cannot be laid at the feet of careless or naive users.  Daily computing tasks should not require constant vigilance, let alone deep technical knowledge.

Many of us schooled in the last century hold on to notions of software that are simply unsafe for many of our users.  We insist on building software that must run in environments that are not inherently safe.  But there are trends afoot: the closed ecosystem of the iPhone and the iPad, the coming Windows Phone 7 closed ecosystem, and the increasing ubiquity of Internet applications.  Slowly but surely we are moving toward paradigms in which the average user will have much less to worry about because software is vetted and sandboxed.

As a developer I don’t want to be sandboxed in every situation.  I want to be able to make educated decisions about software and run it on my devices, but the default should be safe and secure.  It’s shameful that things are still so treacherous.

The term "computer science" is a laughable misnomer.  Outside of universities and operating system development, there isn’t a lot of computer science involved in the daily grind of computer programming.  There’s some, of course, but not enough that I would call myself a computer scientist.  Not by a long shot.

I’ve long thought that Donald Knuth had it right when he titled his books The Art of Computer Programming.

Creating software bears some resemblance to art as in the work of an artist.  It bears an even stronger resemblance to art as in the work of an artisan.  Software artisans use the tools and techniques of modern software development to create the wide variety of software that entertains us and runs our businesses.

Eric Sink had it right when he put Software Craftsman on his business card.

Sadly some of the most enthusiastic artisans in our field are disregarded out of hand as geeks and nerds when in fact they have creative and curious minds more commonly associated with artists like poets and sculptors.

I love the way Kate describes the art of software:

The number one response by my aunts/uncles/friends parents etc was “you’re programming? But you were always so creative as a child…” – people need to be told that this is a very creative field. I make business solutions out of ones and zeroes. I change people’s working lives, the entire 8 hours they spend at the office every working day, forever – using nothing but the skin on my fingertips.

- Kate Gregory

I worry that software development as a discipline is stunted by its false reputation of being science-y when in fact it appeals to people who are creative and innovative.  I’ve noticed that a disproportionate number of my colleagues in software development are musicians and/or fans or even creators of comic books, science fiction, fantasy fiction, and role-playing games.  Those types of pastimes are qualitatively different than watching reality TV or playing sports. *

The dirty secret of comp sci is that most us who trained as "computer scientists" do precious little that could ever be considered true computer science and certainly not science at all by many definitions of science.  We are artisans abiding by the platforms and boundaries defined by computer science to create truly amazing and useful things.  We are the glassmakers, sculptors, and blacksmiths of our time.

—-

Recommended reading: Knuth: Computer Programming as an Art

* Relax, I’m generalizing. Lots of programmers watch reality TV (though I judge them for that) and/or play sports.  Lots of programmers are not musicians (like, say, me). The set of all RPG players (A) overlaps the set of all computer programmers (B).  B is not a subset of A.

Think back to some nontrivial piece of code you wrote.  Now mentally crumple it up into a ball, douse it with gasoline, and light that sucker on fire.  That is what some future coder is going to want to do to your code.

(Take a moment to let it sink in that Future Coder might very well be Future You.)

OK, take a deep breath and exhale slowly.  Future Coder can’t hurt you unless your code is still in use after someone invents time travel.  And if Future Coder comes back to stop you from writing that code, Future Coder won’t have a job fixing your code in the future… (ah, the paradoxes of time travel).

Code has a past and a future.  When you inherit code or parachute into a project, you must embrace the legacy of the code.  Before you mentally skewer the coders who came before you, remember that you probably lack insight into the context in which previous coding decisions were made.  It is, of course, quite possible that the programmer before you was a complete idiot.  More likely, though, that programmer was working under some constraints that drove him/her toward the solution you now curse.

Although it is conceivable that you are the last ever maintainer of said code, you will likely pass on the responsibility to someone else eventually.  You have a moral obligation to your fellow developers to leave behind something maintainable.  Consistency and predictability in your code is a major part of maintainability.  That means if 30 data entry forms use strongly typed DataSet objects but you prefer NHibernate, you write the 31st data entry form using a strongly typed DataSet.  It is irresponsible to create Frankencode systems.  Your personal whims do not trump your responsibility to your fellow developer.

Maintenance developers do not get enough credit.  It is frustrating and often thankless work trying to wrap your brain around systems that have been tweaked by countless programmers to adapt to changing business needs.

The next time you curse someone else’s code, remember that somewhere out there another developer is cursing something you once coded.

<endRant />

Once upon a time I wrote a computer program that did not require data.  It was called helloworld.exe and it was awesome.  It was also a wee bit useless.  The essence of useful software is taking input, doing something with it, and spitting something out.

There is lots of data out there.  My first professional gig after university was consuming text files dumped out by a COBOL app.  (They were delicious.)  You can parse XML, munge HTML, manipulate images, or decipher networking protocols.  But despite the variety of possible data sources, we end up sticking a lot of our data in relational database systems.

And then we write a lot of code for moving data in and out of the database.  And then we complain about how much data access code we have to write and maintain.  In Survival Skills for Developers, the first item for your basic survival pack is a data access toolkit (homegrown or open source or commercial).  The reason is not to be trendy or to sound up-to-date at developer conferences.  The point is to make better use of your time by relying on frameworks and libraries to do some of the heavy lifting for you.

Do Not Be Afraid

In the .NET programming world, ADO.NET is the underlying data access technology.  Many data access patterns and frameworks have been built on top of ADO.NET and yet scores of developers still write ADO.NET data access code the way they learned nearly a decade ago.  What a waste.

There is no reason to be afraid of modern data access techniques.  You do not have to rewrite your existing codebase.  .NET programmers can still use classic ADO.NET when it’s expedient.  You can mix and match tools and frameworks.  I have a small project that I’m transitioning from SubSonic (used during prototyping) to NHibernate.  Currently the code features a mix of SubSonic and NHibernate as I transition and it works just fine.

Frankly I think developers who refuse to explore alternatives are being irresponsible.  I’m not holding up any specific frameworks, toolkits, or approaches as best.  I’m simply saying that a failure to be well informed about options is intellectual laziness and we cheat our employers, clients, and stakeholders when we insist on writing everything by hand every time we need a record from the database.  We would question the judgment of a house builder relying on all manual tools, yet we mindlessly churn out the same data access code over and over and over again.

Stop Freaking Out About Inconsequential Performance

A mental roadblock for many folks is a worry about performance going down the toilet by relying on something like an ORM (object-relational mapping) tool.  If there is one serious mental shortcoming amongst programmers, it is our obsessive need to prematurely optimize everything even when there are ample computing resources to deal with our less-than-completely-efficient code.

Stop freaking out.

The JVM and the .NET runtime have proven that letting the computer handle some tedious work is totally worth it even if it’s less efficient than what you could (theoretically) write by hand.

CPU time is cheap.  Programmer time ain’t.  Spend time optimizing code only when it becomes necessary.

Do You Really Need a Database?

Simple lists of objects can be similar to tables of records.  The relationships between objects can be similar to the relationships between tables.  Nevertheless, there is a mismatch between object oriented programming and relational data (perhaps you’ve heard of the object-relational impedance mismatch).  Depending on your situation, you might not really need a relational database.  Check out some of the technologies in the NoSQL side of the world for alternatives to relational database storage engines.

What’s Available?

There are a lot of options out there for working with relational data.  Check out Barry Gervin’s article All I Wanted was My Data for some options.

What are your suggestions?  Drop them in the comment box.

Remember the game Telephone?  You whisper something in your neighbour’s ear, he whispers to his neighbour, she whispers to her neighbour, and so on all the way down the line.  The last person announces the message she heard and everyone laughs when they discover how mangled the final message is from the original.

An eerily similar phenomenon occurs in software development as requirements flow from domain experts to business analysts to system designers (architects) to developers.  Each communication channel in the process introduces new opportunities for information to be distorted.

I was digging through some old papers this week and found a sketch I made nearly a decade ago on the back of a Dilbert comic.  I’ve prettied it up here as a reminder to all of us to always be watchful for potential distortions as requirements flow from users and stakeholders to the people who build and test the software:

The importance of good communication in the software development process cannot be overstated.

If you are passionate about building software and want to thrive in your career, hone your communication skills.  Ask questions.  Write things down.  Repeat back what you’ve heard to validate it.  Ask more questions if things don’t make sense.  Communicate, communicate, communicate.

In 2009 I had lunch with an executive with a lot of experience managing developers.  When I asked for his biggest piece of advice for professional developers outside of learning technology, his answer was to learn to communicate effectively.

(Image credits: malias, freedigitalphotos.net, Salvatore Vuono, Danilo Rizzuti, Maggie Smith)