* Posts by JoeySter

26 publicly visible posts • joined 31 May 2019

Former Oracle product manager says he was forced out for refusing to deceive customers. Now he's suing the biz


Should have happened sooner...

This is one of the oldest problems in the book, not just in sales. Don't oversell. Sometimes it can seem harmless. Your customer asks for a delivery of 50000 potatoes in a week. You only have 40000 on hand but you sell them 50000 then hope to buy the missing 10000 to fill the order once you have it.

It's a tough gig as well because you're not overselling can lose you the contract to those that do oversell. There often needs to be regulation, perhaps there is for some fields but for software it's more complicated. I've had discussions with this with people in the software development industry where a lot of what's being sold isn't not not implemented yet but airy fairy extra costs for meaningless software development ritual that tends to fall into the category of cargo cult.

This comes up with a lot of things but one of them is security. I remember someone arguing for a particular framework based approach in the name of security or rather reselling all the promises made by the framework. In reality the framework doesn't make much of a difference. Either a programmer can program securely or they can't. While a framework can at least sometimes eliminate some low hanging fruit, they can't guarantee security so that guarantee shouldn't be sold if its sole basis is on the framework rather than things such as testing, verification, expertise, etc. In many cases these things are so subtle and amorphous or ethereal that they're hard to pick up.

This is a caution that it can happen in both directions. Developers can oversell and sales can oversell. In some cases oversell is not entirely descriptive when the customer is lured by selling points that are meaningless though selling an opinion to the customer is at least one way to avoid traditional oversell as long as you can maintain the impression you're selling.

Software tends to be particular complicated. You don't sell a product that's already complete and defined. If you're selling something already out of the factory you have that in your hands already, it's generally immutable and you have to work within what you have.

Development is more complex. You can sell a house which may in fact not exist. You could have anything in your hands from nothing, to an empty plot, to an empty plot/builders/materials, to a half built house, etc. There's already scope to develop new features. It's very common for sales to do this, at least offer a few missing pieces that'll have to be developer.

For years now when working with sales people I try to get them to be reserved with how much they sell that's not currently supported by the product but also give some indication of what can and can't be done. Usually sales will go back and forth between teams in a sane set up to find out what they can offer. It may or may not require development work and within reason some amount of development work might be acceptable as long as there's already provisioning in place or it's achievable within the scope of expected delivery. Usually when you have people doing sales in development if it's a healthy arrangement people will often come to your cubicle and ask what they can offer. In some cases a product owner will act as an intermediate to prevent too much landing on the shoulders of developers.

This is of course why you have shifting methodologies attempting to solve the problem of it's really hard to calculate costs for developing and delivering software. Software taking longer than anticipated is notorious. It's not always for good reasons. Sometimes software should take a week and cost a certain amount but it gets fudged.

I see all kinds of problems with this all the time in commerce which tends to lean closer to chaos than to order.

It's quite possible for it to reach such an extreme that it raises serious ethical issues. Whether the legal avenue taken in this case is barking up the wrong tree or not I don't know but it's not something I could not imagine easily happening because it's a fairly standard business situation.

What I find difficult would be making it a criminal matter though I wouldn't rule it out. Some software contracts and businesses are more serious than others. I don't imagine you would get off lightly if caught lying to gain a government contract which then stumbled or failed due to foreseen circumstances.

In most cases under excessive pressure people cut corners and ignoring red lights though it's conceivable someone might eventually snap.

Christmas in tatters for Nottinghamshire tots after mayor tells them Santa's too busy


Wrong time of the year mate.

April's Fools was months ago. A politician telling the truth? Pull the other one. It's got bells on it.

Second time lucky: Sweden drops Julian Assange rape investigation


Re: Stating the obvious

The Swedish extradition case was a test case. If he couldn't win that then he wouldn't win a case to not be extradited to the USA. People would be shocked if they realised how the courts operate. I've read some of the court documents and there are instances in it, written in the judged own hand, explaining that he rule against Assange's legal defence based on a guess.

It wasn't a test case in the verdict but the process. It was a test case of can Assange face a fair trial and the answer to that is no. Reading the court documents, if the USA had an invalid extradition case against me and I was innocent, I could not say that it's a certain thing I would not be extradited and convicted anyway.

Reading the court documents, records of events and evidence in the Assange case I would not walk away from those trials with the belief that either the British or Swedish justice systems could be relied upon. I'd get out of dodge.

There were various irregularities in the proceedings against Assange that undermine trust and faith in the legal system. You don't have to take this from Assange. If you read that material yourself then you'll notice a number of instances where justice was not properly conducted and what appears to be an effort to get a guilty verdict no matter what.

The embassy situation was not expected. You would expect once Ecuador gave Assange asylum status that he would be allowed to travel to Ecuador. He was effectively held prisoner by British authorities.

The ruling in this article has some anomalies as well because the allegations made against Assange aren't meaningfully more credible. It's very subjective but if you read the testimonies and evidence yourself very carefully then I doubt you would come to the conclusion that they are greatly more credible. When it comes down to it, it's a coin flip case.


The current ruling elite absolutely hates him and believes him to be a master villain.

That was made clear with the home secretary's openly angry and hot headed statements condemning Assange.

These people believe he's a rapist in the worst possible meaning of the word and don't want to believe anything else and that's not the worst thing they believe about him by far.

Anything is possible and I suspect his prison treatment may very well be based on nothing more than the belief that he is an arch villain. In their minds he might as well be Osama Bin Laden.

'Ethical' hackers say: It's just hacker. To be one is no longer a bad thing


Re: Hackers v Crackers?

Cracker, code cracker. Usually a passive exercise. Hacker, is more active. It doesn't tend to relate to hack together as much in programming. IE, a hack job. Instead it tends to relate to hack into, similar to break into. As in to hack and slash. It does get confusing because on the programming side it's also relevant to hacking something up and also hacking on the keyboard to create something. The term has quite a broad meaning given it really just means to crudely chop or peck at something. Crack can be similarly confusing because you can crack something apart to get inside. Generally though they were used passively and actively. It's one thing to solve a puzzle and another to apply various skills and knowledge to gain or force entry into something.


The wheel turns...

Being a hacker wasn't much of a bad thing culturally baring context. Originally hackers weren't considered criminals but people with super computing powers that could be either good or bad. At least in media portrayals. In the real world of crime most hackers fell into the category of activists or people exploiting systems that shouldn't have been exploitable.

When I was a kid hacking was a defacto passtime online. Everyone did it to some degree, it was cool and an intellectually stimulating as well as enlightening exercise. Hacking was the national sport of the internet. Some people played Starcarft, some people played Runescape, but everyone hacked.

It's more in the modern era that it takes on a worse meaning more consistently because of the modern reach of technology. Historically hackers were hacking banks, governments, etc. They weren't hacking you or more specifically private individuals at scale. People in generally at global scale weren't traditionally targets of hacking.

Hacking has also taken a turn into being taken up by serious or organised crime and institutes people don't have a very high opinion of.

Oracle finally responds to wage discrimination claims… by suing US Department of Labor


This looks like a bad of bad versus bad.

We all know big companies will do things such as H1Bs and visas to get workers that would demand a lower wage. There's no direct discrimination there. There is a case of indirect discrimination which is questionable.

There are however stupid claims that make me think a lot of this is political correctness stupidity. People doing similar work with the same title won't necessarily be paid the same.

* Jennifer Rockhard is a junior brick layer. She gets paid 10 pence per brick laid. She works four hours a day and lays 750 bricks. She earns £75.

* Jonathan Cottonsoft is a junior brick layer. He gets paid 10 pence per brick laid. He works four hours a day and lays 1000 bricks. He earns £100.

In this situation Jennifer might scream it's not fair, she works the same hours, does the same kind of work and has the same title.

The social justice worshippers are saying you have to give Jennifer £25 to make up. Here you quickly get into a bizarre situation.

What if Jennifer is Paul? Why should sex make a difference?

What if John reduces his productivity to 500 bricks each shift? Now Jennifer loses here £25 and John gets paid £25 more to make up for Jennifer. Now what happens if Jennifer reduces her output to 250 bricks? Hell, what if she stacks no bricks? Does she still need to be paid £50?

What if the difference is taken from his pay check so he has to pay her £12.5?

If she is getting paid for his work is that not slavery?

There are reasons why full communism doesn't work. These are some of them. When people are asking for equal wages like this irrespective of specifics such as performance that's implementing full communism at least within the scope of your job title.

You can often sniff out communism. They're use the term paid where the proper term is earned.

While the article claims there's sufficient evidence against Oracle, this is untrue. There are statistics that don't really tell you anything. Men and women could be being paid the same. If it's a situation such as that of Cottonsoft V Rockhard where Rockhard is paid the same despite laying significantly less bricks then your pay ratios will be 50/50 even though you have a discriminatory pay complaint.

"The expert brought it to do the analysis, Professor David Neumark of UC Irvine, said that the probability of the discrepancy happening by chance was less than one in a billion."

This is not an expert in employment. This is an novice in coin flipping. Such flipping a coin a few thousand times is highly unlikely, less than one in a billion, to produce a result distant to 50/50 +- 1.

Of course we know the chances of a coin toss for a normal unloaded coin.

We don't know the chances between men and women. That makes his claim factually incorrect. The implication is that Oracle is doing something deliberately to bring this about which is false. Oracle may be doing nothing and instead the natural differences manifesting.

Although it a taboo to say it, it's not excluded from discrimination laws, yes, men might be doing better than women or working harder than women on the whole.

Statistics should *not* be the basic of discrimination suits. There is a reason for that. They're prejudicial. They're not based on actual individual circumstances. It might be a surprise to many but relying on statistics is sexist.

Oracle should review salaries to ensure consistency as a matter of duty and routine. To assume however that men are all being over paid rather than earning their extra pay is deeply prejudice and sexist.

People who do that should be struck off from employment altogether as they lack to cognitive acuity needed to be capable of not discriminating.

Brexit bad boy Arron Banks' Twitter account hacked: Private messages put online


Re: "Twitter [...] have broken GDPR rules"

The UK already had GDPR before the EU rules. Though we call it data protection act, GDPR has come in as a generic term.

Found on Mars: Alien insects... or whatever the hell this smudge is supposed to be, anyway


Re: Show me more

It's an interesting question of have they tried experimenting just shining a really bright light up at night and seeing if anything is reflected back.

Assange fails to delay extradition hearing as date set for February


Re: Not enough time?

If you haven't studied all of the raw data yourself then your opinion isn't worth much. You're not in his shoes and you almost certainly don't have even an iota of insight into the reality of his situation. You cannot gain a useful insight glimpsing at headlines or reading opinion pieces.

You have to examine the records yourself thoroughly and that's difficult given many aren't readily available nor easy to find. Then you can draw meaningful conclusions.

There are sufficient irregularities in both the Swedish, US, Ecuadorean and the British legal processes to justify Assange concluding he's unlikely to fair a fair trial. There's also more than enough to rule in political motivation. Every single country has jumped through hoops, bent the rules, abused grey areas and even directly violated legal protocol to get at Assange and anyone else associated with him or wikileaks.

Here is an example of an irregularity in the US legal system:

The charges state (paraphrased) that Assange entered into agreement with Manning to crack a password stored on a DoD system. If you then read the evidence which includes transcripts, that did not happen.

The password was not stored on a DoD system. It was a re-transmitted copy. This misleadingly suggests Assange's presence on the DoD system which never happened. The transcripts show that Manning asked someone, possibly Assange, if they could crack a hash of a password hashed in a windows format. The unknown person responded they have some setup that might make it possible. Manning then gave the hash, apparently a partial hash and the unknown party said they would hand it across to someone to look at. There was no agreement made, no trade and no purposes stated. It was not stated what system the hash was from. This was a very minor exchange among much more banter. The only other mention of it was when the unknown party asked if there was anymore information about the mystery hash that had been given over completely out of the blue. That was the end of it, it wasn't mentioned again in the available evidence.

It's a conspiracy to do something charge. That's not a conspiracy to do something charge. If they had the evidence of him doing something then it would not be a conspiracy charge.

When you have a legal charge that within the same legal package the supporting evidence can be shown to unequivocally disprove the charge where the court signed off on it and it is now being used to try to extradite Assange then how can you possibly claim the legal process against Assange is entirely above board? You cannot say such a thing when we have absolute proof that charges are being cooked up against him. The press does not report these irregularities that are very easy to find.

This is the kind of thing that has been happening with other countries. I can cite a number of irregularities and I have not studied all of the material that broadly. His situation is not helped by that sometimes his lawyers are rubbish, though his limited access to better lawyers is no excuse for the irregularities elsewhere.

I could not imagine anyone in that situation having any faith in the legal processes of these countries. I wouldn't trust them. After reading what I've read I'd scarper. I wouldn't have anything to do with the courts even if I were innocent. I'd get away at the earliest opportunity.

While the irregularities in the legal process take a lot of study there are some obvious tells that his treatment is politically motivated.

The head of the Home Office gave a statement expressing that he believed Assange should face justice and then gave a political reason for it: Wikileaks. He also spoke with the presumption of guilt on all charges.

The president of Ecuador in a long video cited many reasons for kicking Assange out with the one that stuck out being being that he was upset about an article wikileaks wrote about the pope. Ecuador revoking his asylum status broke international conventions. They didn't have a legal reason to do it. They came up with excuses but nothing legally valid. They then immediately handed over his property to the US with the openly stated intention of helping them with their extradition case against him, the reason he was given asylum in the first place.

It's no coincidence that at the same time Ecuador got around $10B in foreign assistance. He was cashed in. Selling political refugees back to the countries that are after them is one of the worst ways in which you can violate international treaty on asylum. Ecuador should be classed as effectively non-signatory to those conventions.

He is a political prisoner, there's absolutely no doubt about it. The evidence comes straight from the horses mouth. Political leaders aren't shy about admitting they're after him because of his journalism. They'll do what politicians always do, "we're not after him because of his journalism, we're after him because of his [describes activity that turns out to be journalism]".

You'll start to change your tune when they go after other people standing up for your rights that you happen to agree with.

The mod firing squad: Stack Exchange embroiled in 'he said, she said, they said' row


Re: Is this just an English thing ?

It's not about being reasonable though. It's about domination. As in yes mistress, sorry master, etc. If you forget to use the correct titles you get whipped.

I am sure I'm dreaming all of this. It feels like an episode Sliders where you're thrown into a parallel what if worlds governed by some twisted morality.

Clutching at its Perl 6, developer community ponders language name with less baggage


Re: Why would anybody argue?

The choice is obvious... s/Perl//


Re: I suggest PerlA

It should be renames #@$%_++.


I vote to call it Per1.

SELECT code_execution FROM * USING SQLite: Eggheads lift the lid on DB security hijinks


Re: I wouldn't assume this isn't serious

Whether it's serious or not varies. For a lot of people it wont be. For those on shared platforms, it might be.

On a single platform, where multiple services are in play, you have to be careful of just how many security boundaries you put up.

You don't want a fend around everything, then another fence around each thing, then another fence around each thing with in that, etc. You sort of end up with a house looking like an onion and with thousands of tiny rooms and doors for each thing.

Containment can be too granular and in most systems, ultimately, everything has to be able to talk with everything else so it's hard top entirely prevent someone fully propagating the system.


Either way the pointer dereference should be fixed as that's most likely a bug. It's not just about security but integrity. There are occasional debates about trusting the data you lay down, though I wouldn't want file corruption to cause the application to crash that easily when it's such a write heavy process.

As far as privilege escalation goes, it wont effect a lot of people as basically is someone has access to the file system then you're already in trouble.

File permissions are a simple fix. A lot of such privilege escalations exist with just about anything that uses files, even when there isn't a bug allowing execution of arbitrary code.

Neuroscientist used brainhack. It's super effective! Oh, and disturbingly easy



The biggest problem with the growth of technology that if applied appropriately could completely subjugate freedom is that there's no absolute protection for free will at all.

You might find that strange if you believe in things such as rights but the problem is all of those more and legal frameworks lack a solid foundation and can be overridden at will. Even if they has a foundation there's no stopping might makes right.

We this with AI. We have a big problem because at what point do they earn rights? You might say at the point they feel.

The problem is, no matter how advanced we make AI it's impossible to introduce feeling or prove that it exists. You can simulate human behaviour down to a tee but that's merely a simulation.

The problem with this is that if theirs no way to give AI rights then the same applies to humans which are no more than naturally occurring misbehaving AI.

If you consider how often politicians say that some kind of thinking is out dated and should have disappeared then you can consider that there is a very real desire to control the minds of the masses, a notion that's normalised, no one bats an eyelid when a politician says something like that but when everyone carries a mobile, then a headset, then a brain chip then we'd better make sure first what our governments intentions are.

UK cops blasted over 'disproportionate' slurp of years of data from crime victims' phones


There are two sides to this and it's important not to let either of those prevail. Those are...

* People making false claims of rape wanting to get away with it and see a successful prosecution as well as avoiding getting into trouble themselves. Unfortunately it happens, at a higher frequency than people realise and it's complex because the more you dismiss that the more you both enable and entice it. There's a lot of pressure at the moment as well to treat accusations of sexual offences as guilty until proven innocent or "you will be believed" which means that potentially the only way to get someone off the hook, even if there's insufficient evidence to be sure of an offence is a very aggressive investigation to find any inconsistencies with the accuser's story.

* Some police officers would love to go on a fishing trip through people's phones looking for any sign of criminal activity such as posting a meme on facebook, we don't have robust enough laws to protect people from the consequences of police having access so the only solution sometimes is access denied, at least without a contract setting out terms for data collection.

It would actually be better to make regs to keep it out of the hands of the cops and instead have the defence (qualified defence only) gaining access (though potentially through police utilities, IE, police can still potentially possess and guard the evidence but simply not access it themselves). The problem with that is that it still escalates things and takes a little setting up to make sure access by the defence is within the bounds of what's necessary to mount a defence.

The reason to give it to the defence exclusively (assumption prosecution has whatever) is simple, What they can actually do is already tightly restricted, that is, they can only mount a defence. It's not their position to prosecute, snoop or try to dig up crimes arbitrarily, only extract the material which is relevant to the defence. Retention period might be a bit tricky, though after the defence (trial) is done, there's technically no pressing reason to keep the data snapshot for a long period of time other than what the defence has extracted.

JavaScript tracking punks given a thrashing by good old-fashioned server log analytics


This isn't news. This is old skool. The reason people move on from these methods is because they're not the easiest or most reliable methods.

They are however often illegal if you do any more than analytics. There are millions of data breaches each day from tracking based on identifiers such as IP address.

For example, I live in a household that has internet. One modem with one IP address provides internet to many devices. I buy a tshirt at home on my desktop. My flatmate then goes to a website and sees adverts for the same brand of tshirt because he has the same IP address. That's a data breach.

UK privacy watchdog threatens British Airways with 747-sized fine for massive personal data blurt


It's not entirely clear what the breach actually was. It sounds like more of a client side attack than a breach of internal data. Something as simple as HTML/HTTP browser settings?

White House mulls just banning strong end-to-end crypto. Plus: More bad stuff in infosec land


Why not simply ban communication? Problem solved.

DeepNude deep-nuked: AI photo app stripped clothes from women to render them naked. Now, it's stripped from web


What I want to know is why it didn't work for rendering men.

We knew it was coming: Bureaucratic cockup triggers '6-month' delay of age verification block on porno in the UK


This ultimately shuts down half the internet in the UK. Any service that takes user content without pre-moderation has to block the UK or implement verification. This is of course deliberate. The UK government wants to be able to censor the internet and they can't prosecute people for blasphemy if they don't know who or where they are (for example the USA isn't going to extradite people to the UK for 1st amendment violations).

The only work around for this that I can see is to create an anonymous identification system or rather age verification, though I suspect all attempts will be made to block anyone from doing that. That would consist of a service you can verify with hosted on an Island nation somewhere which doesn't keep your data but that gives you back credentials and allows other services to verify given credentials against it, which can be generated for each site or which send you over to a login on the verification site then back.

Why are fervid Googlers making ad-blocker-breaking changes to Chrome? Because they created a monster – and are fighting to secure it


Re: Let's stop complaining about Chrome.

The whole reason half, perhaps more (depends whole you look at it), of extensions are made is because people can't implement various legitimate facilities (which may also be down to performance as well as features) with the security restrictions in place otherwise for web development.


The problem here is that extensions are *meant* to be pretty much unconstrained. While there might be areas for improvement, to allow extensions to do things working only within the limit of what they need, ultimately beyond that limiting them tends to limit their utility.

It's a bit of a joke because just to process of downloading an application such as chrome or any other has the same problem. It's not really avoidable. It's a bit like complaining that the bank manager has access to the vault. Workers at the canning factory can put what they like into the mix.

The problem has to be solved at the root. You'd think that might be possible with a centralised and regulated repository but apparently Google's ability to curate is limited. That's a problem in itself.

Refactoring whizz: Good software shouldn't cost the earth – it's actually cheaper to build


I don't particularly respect Fowler as a whizz or an authority. To me he's just another programmer sharing observations and opinions. Though unlike me, he appears to have ultimately devoted more of his career to writing about programming. I'm not someone that particularly pays attention to his writings. I don't know what his code is like and I've only seen bits and pieces of his work. I can't say what I've seen is terrible but it is a single perspective and one person's set of opinions.

I do however intimately know about the impact of his writings in scenarios relevant to what Fowler and those of his cohorts who follow the same philosophy propose here. I've had to inherit many a codebase "architected" by those who follow Fowler and have been given enough time or in this case rope to hang themselves. Whenever I see a monstrosity of a bloated OOP mess, a nightmare, there's a Fowler, a Gang of Four or similar book nearby. There are certain books that if you see them, they're a bad code smell, you can make a guess that the codebase is in a terrible state and you'll be right nine times out of ten. It'll be a specific kind of mess which might take many forms but inevitable comprises tangled layer upon layer of assorted abstractions. It's not that everything in these books is necessarily bad, it's a mix, though I'm not sure if the authors understand their audience, their audience's limitations and if it's even possible for any book to produce a positive effect.

The problem is that people such as Fowler, whether intentional or not, create resources that lend exceptionally well to facilitating process driven blind programming that doesn't actually produce quality software. Fowler is a master of prescribing rituals that people who like to follow rituals can easily adopt.

I can attest that in my experience writing code properly does result in greater productivity despite an initial lag as it has a much higher ceiling. The net result between the two can easily be an order of magnitude, sometimes exponential. Better code really does cost less. I've seen bad code now costing easily hundreds of thousands to millions over the course of a few years on programmers salaries alone. However, following Fowler has virtually no relevant bearing on whether code will be better or not. Nor will assessing whether code is "better" or not according to criteria that might be set out by Fowler either directly or indirectly be all that useful in ascertaining quality level. It's more likely to quickly depress software quality as people rush to implement things that aren't needed so to check all the boxes.

Conversely people that follow Fowler and his crowd tend to make things much much worse when given more time. Fowler provides a lot of things people can waste time doing. More time means more layers of indirection and code for the sake of code. Virtually all of said additions incur a guaranteed cost and non of them provide guaranteed benefit. I'd like to hope that Fowler is aware of this and cautious in his approach, though his advice here has plenty of potential to be a plea to provide budget for this kind of waste which is counter productive.

I might have a backlog like this...

* Users->Feature: Allow users to have more than one X.

* Government Agency->Compliance: Update data collection to include field X.

* QA->Lifecycle: Make mission critical area X is easier to test.

* Audit->Research: Investigate ways of detecting fake users.

* Research->System: Upgrade database to next major version to gain feature X.

* Benchmarks->Optimisation: Use precise indexes for use case X.

* Business->Feature: Allow billing on an annual basis.

While performing these, you might use a variety of different strategies and approaches as a side effect. Refactoring tasks might spawn from them.

A back log inspired by Fowler and friends might look like this:

* Fowler->Code Quality: Implement Specification Pattern.

* Blog->Code Quality: Implement Command Bus.

* CS 134->Code Quality: Implement Unit Testing.

* Conference->Code Quality: Implement Event Sourcing.

* Job Specs->Code Quality: Implement DDD.

* Social Chat->Code Quality: Implement Visitor Pattern.

* Best Practices->Code Quality: Implement REST fully.

When a Foullower is performing these, they might implement some features as a side effect. Code Quality (tm) tasks might spawn from them.

If you write a back log such as the one I originally wrote, don't expect it to solve the problem. All of the items from above will be aliased to those below, most likely respectively.

The code produced by such a follower of Fowler will present you with a riddle, wrapped in an enigma, housed in a mystery, planted in a puzzle, kept in a secret and all tied up into a knot. It might as well actually be encoded which often ironically arises from people following blind processes for the promise of readability.

I very commonly see code that only has to take a simple list from the database and return it to a client in a format such as JSON. If I implement this feature then I end up with very little code. Perhaps a dozen lines. If more than one object or method, almost certainly not exceeding half a dozen. We're probably talking around 50 lines, though do it a second time and that can drop to 10 lines. When it's code following rituals Fowler sets out, you can expect portions of it to be dispersed all through out the system. Dozens of hops, classes, methods, hundreds or even thousands of lines, etc. You'll probably find those things ill construed as ultimately effort will have been divided across such a system. It boggles the mind when people do things like convert a map to an object, send it through a maze then convert it back to a map again only to run a few if statements on a few fields and to rename or cast a few fields.

You can't entirely blame Fowler for this stuff, people can take his stuff and do what they want with it or leave it but you also might think he'd be more aware of this set of problems arising from process driven and fad driven development. Not many people are going to like this but the truth not many people building software know anything about building software either and Fowler isn't particularly effective at improving that despite his efforts. Fowler exploring other shops is good, there's a lot of variety and things to see in software engineering, though I think he needs to see more environments, where he'll surely see that more time than really needed is catastrophic. Though it might not be obvious unless actually working on such a codebase and realising half of it can be tossed. Give away time and money don't expect it to be spent wisely by default. Some programmers will do amazingly but most will squander it. You'll end up with Albanian bunkers.

I think there's also a cultural different. Many people including Fowler talk as if they've been spoiled in certain regards. It would be nice if that were the situation for all programming but the reality is, in the professional world that's by far not normal. Many programmers for not have financial security. Neither do their employers. It's not necessarily possible to pull an unlimited budget out of the air or support a rapid turnaround. The kind of thinking that might make sense for a cashcow such as IBM might not be appropriate for small to medium companies.

I always strive to write high quality software upfront but also take the time needed to bring the software up to a minimum standard almost to the point of no matter what. What I don't do however is excess. Fowler provides plenty of ammunition for those prone to excess. There's always a competing axiom which is the more you do the more you have to do. Whatever you do ought offer the best value. The strongest drivers of cost effectiveness tend to be basic yet abstract principles such as YAGNI, DRY, consistency and good organisation and most of all being dedicated to purpose, not the the gospel of software engineering.

Time is a secondary factor. Things have to be done to a certain level. If not then you lose the game, when you sacrifice the present for the future too much then you reach the point where you have no future. Two thirds of the projects I've inherited are cases where developers have done that then moved on at the point where it just becomes too much for them to handle, onto the next thing for a new start. Usually level two developers end up having to take over level two projects where level one programmers have not only done as much as they can but have driven themselves into a deadend. Individual skill factors in far more than other factors or checklist items.

For me, in these circumstances, ironically code quality is absolutely crucial for a success. Elite teams taking "only an hour" to push a release? Asides from that not being qualified that's not by any means spectacular. This to me suggests a large discrepancy between people where it comes to experiences, expectations and standards It shouldn't be considered "elite" when a system facilitates development to production in under an hour. That's standard. If something takes an hour then there are usually special circumstances involved or it's just terribly constructed. I think to have a set of experiences where that's something to marvel only means he should get out even more to see what's happening in other shops.

Personally, I don't do it by the book and I won't buy the book.