NIST Estimates Sloppy Coding Costs $60 Billion/Year

An anonymous reader submits: "Computerworld is reporting on a government study just released that software bugs are costing the U.S. economy an estimated $59.5 billion each year, with more than half of the cost borne by end users and the remainder by developers and vendors. Better testing could allegedly cut that by one-third."

uh, yeah

[Ty]

...and in other news, the sun is found to cause sunburn.

Re:uh, yeah

[JPriest]

This is another useless statistic. Poor engineering probably cost 20X that in auto repairs last year too. The cost of putting additional time into development, missing deadlines, additional testing, and hiring better/more programmers combined is probably way more than $60 Bil. Besides, if we could code flawless software in the first place we'd already be doing it. I think Microsoft has something like hundreds of years of man hours into windows 2000 for dubugging alone.

Re:uh, yeah

How can it be offtopic if it's about what the topic is?

Just wondering.

Re:uh, yeah

> AAA is reporting on a government study just released that government inefficiency is costing the U.S. economy an estimated $595.0 billion each year,

Nature of the Market

[shoeless_jim]

Why do we produce faster processors, because programmers are writing sloppier code. And so the viscious cycle begins.

where are these 'costs' going...?

[fireflew]

Kinda makes you wonder to whom these costs are actually profits... I got my money on Microsoft =D

Re:where are these 'costs' going...?

[Oily+Tuna]

The people are 'profiting', since the problem is wasted time in development and for end users, and additional tech support the money is actually going to normal people in the form of salaries.

Re:where are these 'costs' going...?

[reverius]

Then how is it costing "the U.S. economy $60 billion a year"? That implies that our economy is losing $60 billion somehow. The entire economy. As in, Argentina is getting that $60 billion in the form of economic aid?

I don't know, IANAE (economist). But it seems the way that the report was phrased directly contradicts your post.

Re:where are these 'costs' going...?

[ivan256]

Employees. No, really. You get paid for the time wasted using buggy software. The money from your salary ends up in your pocket either way. It's profit for you. That number isn't the true cost anyway. Everybody knows that in a given week we only do about 15 minutes of actual work. :) It's likely that the software bugs are interrupting officeplace recreation at least 75% of the time.

Instead of putting out a 300 page study on this crap, they should go do something useful. Put the same type of number on what speed traps cost the US economy, perhaps. Or stay home and stop charging us for rediculously obvious data.

Re:where are these 'costs' going...?

[rootofevil]

id pretty much say nobody, since sloppy code would just cause wasted time, and therefore wasted productivity.

think about the last time your system crashed at work - how much work did you get done in the next 5 minutes?

Re:where are these 'costs' going...?

[ceejayoz]

Some of it may be in terms of lost productivity (e.g. lost work when a program crashes, stuff like that).

Re:where are these 'costs' going...?

[Lips]

The money doesn't end up in our pocket actually. Nuf nuf employers expect you work 10 hour days to deliver "on time, on budget". Just look as all the people who post on here bragging that they aren't paid by the hour, but rather "to do a job". If employers did actually pay by the hour then software companies would be held accountable when their crap software causes cost overruns.

This would also effect management. They would be held accountable for mistakes they made which caused projects to run overtime, rather than covering it up forcing a team to work long hours. Don't get me wrong, I have no problem whatsoever working extra time when I am the cause of the problem or if I have a "bad coding day".

Re:where are these 'costs' going...?

Quite a bit. WIN98 loads very quickly :-P

Re:where are these 'costs' going...?

I get paid more "to do the job" than I would for an hourly wage under $65/h.

Re:where are these 'costs' going...?

Great, we can blame software problems for our laziness. Lost productivity? Blame software!

Re:where are these 'costs' going...?

[ivan256]

The money doesn't end up in our pocket actually. Nuf nuf employers expect you work 10 hour days to deliver "on time, on budget". Just look as all the people who post on here bragging that they aren't paid by the hour, but rather "to do a job".

In the case of those employees, there is no cost then, right?

Most employees are laborors, and punch a clock every morning to be paid hourly.

Free

Of course, sloppy coding by open source developers costs nothing.

It's job security!

[elsegundo]

We all want a piece of that 60 billion to fix the bugs!

Re:It's job security!

Well, what about bug in managers? How much it cost?

Obvious joke

[Violet+Null]

It originally only cost the economy $6 a year, but there was an unfortunate rounding error in the code that figured out the total cost...

Re:Obvious joke

[stuuf]

I think it cost $6 before windows Me came along

Re:Obvious joke

"Better testing could allegedly cut that by one-third."

I'll bet better coding could cut it by more than 1/3. Hell, I'll go out on a limb and predict it would cut by at least 4/3.

Costing the U.S. economy?

[anthony_dipierro]

Wouldn't bugs tend to increase the U.S. economy? Yes, someone has to pay, but that means someone is getting paid. So actually software bugs increase the GDP by $59.5 billion each year.

Re:Costing the U.S. economy?

[NixterAg]

You are correct. Also, if it weren't for viruses and hackers, all of those network jockeys would be selling pencils on the street.

It appears that maliciousness and incompetence make the world go round!

Re:Costing the U.S. economy?

[lionchild]

Some of what you're saying is true. However, not even half of the $60B is going towards fixing it. You have realize that the figure we're looking at likely includes the cost of lost productivity for the poor sole who found the bug, and now has to re-type their entire report, re-enter their entire manufacturing design, etc..

Re:Costing the U.S. economy?

[zulux]

Fixing mailbox bugs in Outlook alone cover my car payments.

Re:Costing the U.S. economy?

If more "soles" found more bugs, we wouldn't have as much of a problem. *squish* ;)

Sorry, couldn't resist.

Re:Costing the U.S. economy?

[ryants]

This is called the broken window fallacy.

Money payed to programmers to fix bugs is money that isn't being used more productively somewhere else.

Ce qu'on voit et ce qu'on ne voit pas

Re:Costing the U.S. economy?

[anthony_dipierro]

You have realize that the figure we're looking at likely includes the cost of lost productivity for the poor sole who found the bug, and now has to re-type their entire report, re-enter their entire manufacturing design, etc..

As opposed to sitting at his/her desk doing nothing? I'm not so sure that should be counted as a loss. Or would s/he be doing something else, in which case someone new has to fill in, causing increased employment and ultimately increasing the economy tenfold when you consider the trickle-down effect.

Re:Costing the U.S. economy?

[John+Hasler]

"So actually software bugs increase the GDP by $59.5 billion each year."

Why stop with software? Why not require every worker to do every task over two or three times? Just think what _that_ would do for the economy!

Re:Costing the U.S. economy?

[eric6]

That's a flawed argument

That's like saying vandalism helps the economy. say a kid throws a brick through the grocer's window. the grocer pays $100 to the windowmaker to fix it, and seeing money change hands, we think the kid helped the economy. However, if he hadn't thrown the brick, the grocer would have both a window and $100, which he would spend on something that actually did help the economy

Re:Costing the U.S. economy?

[anthony_dipierro]

Money payed to programmers to fix bugs is money that isn't being used more productively somewhere else.

This story wasn't talking about money being paid to programmers to fix bugs. But in any case, the U.S. economy is almost exclusively based on nonsense like this. My statement that software bugs help the economy by $60 billion is ludicrous, but so is the statement that it costs the economy $60 billion.

Re:Costing the U.S. economy?

[anthony_dipierro]

That's like saying vandalism helps the economy.

That's as true as saying it hurts it.

However, if he hadn't thrown the brick, the grocer would have both a window and $100, which he would spend on something that actually did help the economy

So at the very least then the GDP would break even. But what if instead of spending the $100, the grocer lowers prices in the store. Now you not only have $100 less going to the windowmaker (who would have used it to buy something), but you also have lower sales for the store. So you've cost the GDP twice (admittedly, you've also caused deflation, so the inflation-adjusted GDP hasn't changed).

My point is not the software bugs are a good thing. It's that the statement that they cost the economy $60 billion is meaningless.

Re:Costing the U.S. economy?

[ryants]

But in any case, the U.S. economy is almost exclusively based on nonsense like this.

No argument there. It's even worse up here in Canada.

My statement that software bugs help the economy by $60 billion is ludicrous, but so is the statement that it costs the economy $60 billion.

Prima facie the statement that it costs the economy $60 billion is not ludicrious. You may argue about the numbers and whatnot, but bugs in software are definitely a subtle form of the broken window fallacy, and that very definitely is a drag on the economy. Like I said, money paid to programmers to fix bugs (read: do the same job again only "better" this time) is money better spent elsewhere; money paid to support personal when things go wrong is again, money more productively used elsewhere; time (read: money) wasted waiting for Windows to reboot yet again is also a cost in terms of productivity.

So, as my run-on sentence demonstrates, there is a cost: the only argument really is over the numbers.

Re:Costing the U.S. economy?

[SirSlud]

Except the kid throwing the brick isnt a vandal in this case - its IT and software companies. And while, yes, "the broken window fallacy" applies, I'm under the impression that lots of people would actually support the superficial window-breaking of buggy software over altnatives in economic output; be it traditional goods or intellectual development in the social sciences, history, etc .. course, I guess people would want that money to go back into making more software and gee-wiz gadgets.

It's just a shame - I really don't think alot of people believe that that grocer should spend his 100$ on art and culture rather than a new security system to make sure the window can never be broken in the future. =)

Course, my point is more about allocation of resources, but I only meant to illustrate that if we valued the act of 'fixing windows' as some sort of religious activity or sacred tradition (or maybe there was value placed on having been a customer to a 'window fixer' .. like a status symbol), its not impossible to justify breaking windows unless one gets very macroscopic in ones analysis. :)

What about breast enhancements? They create jobs, spurn some kind of innovation, I'm sure ... but isn't that money that could go to more important things? Isn't the "broken window fallacy" just an example of how it is impposible to place an objective analysis of value of goods and services as they befit humanity? You could almost rename it the "I think my breasts are honestly too small" fallacy - that by judging something a problem, you are in effect reducing resources that could go towards something more people value greater ... and how does this couple with the 'capitalism is not a zero sum game' .. can you on one hand argue that that 100$ could have gone to something else without contradicting the pundits who claim there is, in effect, limitless resources so long as we keep being capitalists?

This isn't a bait, I'm just kinda thinking out loud here ..

Re:Costing the U.S. economy?

[ryants]

My point is not the software bugs are a good thing. It's that the statement that they cost the economy $60 billion is meaningless.

Please read the link I gave you in another comment before you comment further. You may also want to pick up this book too.

Re:Costing the U.S. economy?

[ryants]

What about breast enhancements? They create jobs, spurn some kind of innovation, I'm sure ... but isn't that money that could go to more important things?

The point is not how "important" things are. The point is that the grocer is down 1 window and $100: the $100 is going to replace something he already had. That's duplicity of effort, and is therefore ineffecient, and therefore a drag on the overall economy.

Re:Costing the U.S. economy?

Wouldn't bugs tend to increase the U.S. economy? Yes, someone has to pay, but that means someone is getting paid. So actually software bugs increase the GDP by $59.5 billion each year.

By this logic, if you heave a brick through your neighbor's window, you've upped GDP. I hope that by now you begin to see some problems with the idea. The flaw in your logic (just in case it ISN'T obvious yet) is that the $59.5(10^9) could have been spent on building new windows in new houses, instead of going to replace the windows your brick took out in the existing houses.My metaphors got a little bit mixed up here; MS and the rest of the software industry are making self-breaking windows and there aren't any bricks involved.

When someone does damage, you see the workman fixing it up. What you don't see is the OTHER work which didn't get done. If the neighbor didn't have to pay to fix his window, he could have bought shoes for his kids. If you hadn't broken the window, the neighbor would have window and shoes. Since you broke the window, he has window and barefoot kids.

The world as a whole is worse off when buggy software or vandalism destroys property or wastes our time. All this sort of vandalism does is shift resources from productive uses to unproductive.

Re:Costing the U.S. economy?

[anthony_dipierro]

Please read the link [progress.org] I gave you in another comment [slashdot.org] before you comment further.

I have. It does not at all refute what I am saying.

Re:Costing the U.S. economy?

[trailerparkcassanova]

Tobacco use costs the US $100billion/year yet it's economic "benefits" are considered too great.

OTH, I love listening to people bitch about the evils of Microsoft while they're smoking a cigarette.

Re:Costing the U.S. economy?

[astroboy]

Wouldn't bugs tend to increase the U.S. economy? Yes, someone has to pay, but that means someone is getting paid.

Well, sure, in the same sence that cleaning up after preventable forest fires and industrial accidents `increase the economy'. Stuff gets paid for; money flows.

The difference is that this money is spent to no productive end. In the case of buggy software, people are being paid to wait for their computers to reboot or to repair trashed database tables when their salary could have been paying for them to do stuff which is productive in itself -- helping their buisness produce more widgets, which consumers would buy, or other buisnesses would buy to help *them* produce gizmos. Thus, there's a net loss to the economy.

Re:Costing the U.S. economy?

[anthony_dipierro]

You may argue about the numbers and whatnot, but bugs in software are definitely a subtle form of the broken window fallacy, and that very definitely is a drag on the economy.

Software bugs are very different from breaking windows. When you break a window, the window was already there. When you create software with bugs, you are creating something new.

Re:Costing the U.S. economy?

[wrinkledshirt]

Perhaps, but one could speculate that this money would not go anywhere other than the shareholders' coffers...

There's an interesting article on zmag about how if the mainstream news talks about things being bad or good in the economy or whatnot, they're talking about it from the point of view of those at the top of corporations. This might be one of those cases.

Just speculatin' is all.

Re:Costing the U.S. economy?

[ryants]

When you create software with bugs, you are creating something new.

That's why I said subtle form :)

Yes, you are creating something new. But it is of poor quality. Now, normally people do not put up with poor quality crap, and the producers go out of business, and the economy is better for it.

In the world of software, however, for whatever reason, people are willing to pay for this crap. So you create something new but broken, so you have to go to it again (and again and again...) until it works properly. This is ineffeciency. This is the drag.

The absolutely mind boggling thing is that people actually are willing and do pay to have things done over and over and over until it is "right" in the software world. Go figure.

Re:Costing the U.S. economy?

[anthony_dipierro]

The difference is that this money is spent to no productive end.

I wonder how many billion slashdot costs the economy, then :).

I dunno, it's just playing games with numbers as far as I'm concerned. We could easily have a 10 hour work week if we stopped spending time working to no productive end. But of course our competitive nature would make that into 75% unemployment instead.

Re:Costing the U.S. economy?

[anthony_dipierro]

Now, normally people do not put up with poor quality crap, and the producers go out of business, and the economy is better for it.

Unless there is a monopoly market on that product.

In the world of software, however, for whatever reason, people are willing to pay for this crap.

Go figure, the government has granted a 95 year monopoly on software.

The absolutely mind boggling thing is that people actually are willing and do pay to have things done over and over and over until it is "right" in the software world. Go figure.

Well, I think this is somewhat true, because software is a monopoly product, so it's illegal to fix it yourself. But, I also think that there is a point where the cost to fix the next bug exceeds the value of fixing that bug. Because the market for software is skewed, and the laws of supply and demand do not work as intended, this point is rarely met. I'm not sure how exactly to go about fixing it, though, at least without abandoning software copyright.

Re:Costing the U.S. economy?

[ryants]

Go figure, the government has granted a 95 year monopoly on software.

This is a problem, but doesn't explain why people buy crappy software.

Anyways, I wonder how much this conversation cost the Canadian economy? :)

Re:Costing the U.S. economy?

[DJPsychoChild]

invalid analogy: the window maker did not do anything that caused the window to be broken. it was not faulty workmanship that broke the window. if it was his fault, the grocer would probably ask for a refund or a free window replacement, and the windowmaker (to protect his good reputation) would do it.

if I or an outside source broke my computer, your analogy would be more likely.

Re:Costing the U.S. economy?

[anthony_dipierro]

I said "Go figure, the government has granted a 95 year monopoly on software." to which you responded "This is a problem, but doesn't explain why people buy crappy software."

Monopoly power is exactly the reason that people "buy crappy software". If it were not illegal to charge people to fix the bugs in Windows, then people would fix the bugs in Windows, thereby making money for themselves.

Re:Costing the U.S. economy?

Wouldn't bugs tend to increase the U.S. economy?

No.

The resources spent to deal with the bugs are resources not spent on other productive work. Sure, people are getting paid to be MSCE's, but consider that if MS products actually worked, those same people could be could be employed in some other form of semi-skilled labor.

Re:Costing the U.S. economy?

[Skiboo]

This is called the broken window fallacy

I know that's talking about the kind of windows that are made of glass... but its very aptly named nonetheless.

Re:Costing the U.S. economy?

--I'm doing my part! I've paid for a smidgen of sharewarez in my life, and a smaller number of OS disks. Besides that, nada! And I won't either, until I start seeing NON betaware being sold. I am not going to purchase "beta" even if they claim it isn't. Nothankee.

I also pay for no music either, I stopped supporting "artists" when I realised that 99% of them aren't, so that goes for the record companies as well. I don't pay for professional sports gods tickets, nor watch it or patronize the advertisers. I WILL click on a link banner on the net if it might be something I am interested in, good or service. Once in awhile I purchase something off the web, too.

The big problem is too much credit the past decade in computerland (and society in general), not enough real money involved, people have almost universally thought of credit and "stocks" as being real money when it isn't, and everything got too expensive into the hyper ridiculous spoectrum, and salaries are way overboard, management, coders, sales weasels-you name it. People are getting tired of paying for "ego" and hype. Computers are cool but over 1/2 of the IT industry is currently selling snake_oil version 2.1

It's about time it got real.

Re:Costing the U.S. economy?

Heh, traffic costs about as much...

Re:Costing the U.S. economy?

[patchmaster]

You make it sound like software is the only business that produces inferior products, or at least does so for more than an economically brief moment. There are crappy products all over the place.

Have you eaten at McDonald's recently? Is that the best damn burger you've ever had or what? I don't know about you, but for me this falls into the "or what" category. But McDonald's is still selling millions of burgers every day. Why are people willing to pay for this less than stellar example of the burger arts? Because when you throw time and money into the equation -- not to mention Happy Meals -- McDonald's comes out a decent value.

Does Microsoft Excel have some serious flaws? (I don't really know because I don't use Excel much, but since it's software and we all know software is crap, I assume it must have at least a few.) Why do people still use it? Maybe because it's better than rooms full of mindless clerks sharpening pencils and filling out ledger books.

People use crappy software because it's still better than the alternative. I'm not trying to defend crappy software, but I do think a little perspective would be helpful. If NIST wanted to be fair, they should have also researched what it would have cost the economy if that buggy software didn't exist at all.

Re:Costing the U.S. economy?

Sept. 9. also increased the GDP....

Re:Costing the U.S. economy?

[outerbody]

world war two pulled us out of the great depression. there were a lot of "broken windows" in germany. its not a falicy, it should be called the broken window phenomenon.

And who's complaining?

[cybermace5]

A goverment agency complains that the software industry wastes sixty billion a year in bugs. So how many trillion did the government waste this year?

Re:And who's complaining?

[SirSlud]

Hey, so long as they dont turn a profit on that waste, waste away.

People with faults are tolerable, so long as they arnt getting richer off me while they are doing it.

Re:And who's complaining?

Perhaps I'm biased, since I used to work there, but NIST (the government agency that sponsored the study) certainly pumps more into the economy than they take out. This is a Department of Commerce agency, and their mission, in essence, is to support industry in ways that industry can't do by itself.

Partly this means inventing and maintaining standards and techniques for measurement (most famously the atomic clock at time.gov). NIST also developed standard test suites for compilers, and provides lots of free, high-quality scientific software, and so on.

WOW!

[littleRedFriend]

That's more than Bill Gates could personally finance.

Re:WOW!

[brsmith4]

I dunno, he would probably walk away with a couple billion still. Wasn't he worth like 63, 64 at one point?

Re:WOW!

[ceejayoz]

He was worth over a hundred bil back when the stock market was flying high with dotcom hysteria...

Re:WOW!

There's a difference between what Bill Gates is worth as a person, and the value of his stock portfolio.
Personally, I feel that he's a very small man with many overwhelming personal "issues", and all the money in the world can't change that.
...but that's just my opinion.

"Success is the prize for those who stand true to their ideas!" -- Josh S. Hinds

Great...

[DeltaSigma]

...now we get to hear all the ignorant (but believe they aren't) programmers claim that due to some alleged "method" their programming is perfectly bug free and runs more effecient than anyone. Seriously it's as though half the programmers here that supposedly have fantastic high-paying jobs are just making sure that unidentified people are still interested in hiring them even though it would be "stupid" for their parent company to let them go.

uh, yeah

[Anonymous+Cowrad]

...and in other news, you're a tard. Did the headline say "sloppy code == bad"?

This is an article about the impact of bad code, not bad code itself.

Math Routine

[sdjunky]

"Better testing could allegedly cut that by one-third"

My routines show that number to be 1003.02% that can be cut.

Economics

Testing costs money. It's a trade-off.

Glass is Half Empty?

[4of12]

Yes, we all need to make better efforts towards releasing better software that's been more thoroughly tested.

But, despite this sloppiness, the higher than historical growth in worker productivity in the U.S. over the past 10-15 years has been attributable in no small part to the adoption of software and the automation of business processes.

Re:Glass is Half Empty?

[seizer]

Is this growth really attributable to the addition of computers in the workplace? And have the rewards of this growth actually outweighed the massive IT spend?

Playing devil's advocate for a moment, why not read "The Trouble with Computers". 1996 publication date, but surprisingly interesting and relevant - read with an open mind!

Re:Glass is Half Empty?

[jgerman]

Don't you see even the teensiest bit of irony in questioning the impact of computers and talking about a book called "The Trouble with Computers", and providing a link to said book through Amazon. Just a little? ;)

Re:Glass is Half Empty?

[seizer]

oh, absolutely ironic, yes.

however, I'm an internet addict, and only providing that link through as an opposing point of view :-)

Re:Glass is Half Empty?

... the higher than historical growth in worker productivity in the U.S. over the past 10-15 years has been attributable in no small part to the adoption of software and the automation of business processes.

Or simply to bad measurement? I can tell you that the question of how to measure the effect of computers on productivity is NOT a settled issue.

Re:Glass is Half Empty?

[Alsee]

the "terminals" taking about 3-4 minutes to "warm up" in the morning... was "destroying productivity"

Did they ever consider paying someone an extra $5 a day to come in 5 minutes early and turn the machines on? lol!

-

Re:Glass is Half Empty?

[Corvaith]

Forget paying them extra.

I was employed for awhile at a company where, while you couldn't clock in until your official start time, it was mandatory to be there getting your computer started up 10-15 minutes before your start time. If you weren't actively doing whatever they defined as your 'job responsibilities' by your start time, you were late, no matter when you actually arrived. (And there were a lot of things that needed done that somehow never made it under the aegis of 'job responsibilities.)

Didn't like it? Well, you didn't have to work there. I didn't like it. I no longer work there.

Re:Glass is Half Empty?

[chrisos]

I have found over the years, that this is basic human nature.

No matter how good things are today compared to yesterday/last week/last month/last year/etc, human nature dictates that people bitch about now.

It does not matter what you give people, they want more, they want it now and they want to spend less for it.

I have spent years trying to give historical perspective to others and got nowhere.

No matter what the current situation, a human being can find something to be unhappy about.

Take the middle classes here in the UK. They get upset about house prices. I try to maintain the perspective that there are people starving in the world and places where reaching the age of 5 requires lots of luck! I don't care about house proces too much. I'm happy to have food, shelter, clothing and medical attention when I need it.

Right, time to stop being morose now :)

Re:Glass is Half Empty?

[Bongo]

Take the middle classes here in the UK. They get upset about house prices. I try to maintain the perspective that there are people starving in the world and places where reaching the age of 5 requires lots of luck! I don't care about house proces too much. I'm happy to have food, shelter, clothing and medical attention when I need it.

While I feel a "Offtopic" moderation heading my way, I just want to say that your chosen view is great. As you observe with your own eyes, no matter what people have, they can still (choose to) be discontent.

What you are doing, though, is being grateful for what you have. Clean water on demand, large warehouses full of food (supermarkets), sanitation, no-one bombing your house.

Having something does not make us happy unless we are actively grateful for having it. I lived in places like Zambia when I was a kid, where the supermarket shelves were "filled" with Coca-Cola bottles spaced at 1 meter intervals (there was nothing else to put on the shelves). Being in Europe still makes me like, hey, I can walk to the shop and they have stuff?? Wow!!

We have to remember to be grateful.

Re:Glass is Half Empty?

[Alsee]

I no longer work there.

Cool :)

They had better make sure that anything that needs to be done falls within someone's job responsibilities. Any manager who doesn't include the catch-all "and anything else you need to do in order to fulfill your other resonsiblities" is an absolute moron. I need a pencil, but sorry - sharpening pencils isn't my job responsibility.

-

In other news

[Mr.+Sketch]

Microsoft is posting a $59.5 billion increase in revenue for last year.

Ooops! That's a mistake!

Because of some sloppy coding at NIST, it's actually $600 billion, not $60 billion. Just misplaced that decimal. Sorry about that, won't happen again!

Duh

[Dr.+Bent]

This is not going to change until software companies become liable for damages when their software fails. Otherwise there is simply no economic incentive to hire competent programmers and do rigourous testing.

Re:Duh

[Pinchy]

Untrue, untrue. Developers are already accountable for their software, its the open market.

Unless of course, you have monopoly power over a market.

Re:Duh

[Milican]

Umm... time to market makes a big difference. If you get a project and don't have enough time to do it then yes quality will suffer. This is true in any industry. I realize there is a shared fault with some programmers and some managers, but not all programmers nor all managers.

JOhn

Re:Duh

[scott1853]

I hope you're not serious. If I sold my software on a console like a game system that could not be modified or have anything else plugged into it then maybe I'd be more liable if the thing crashed. But I'd also have a warranty period just like car manufacturers do. They know how long their materials are going to last and make sure that they guarantee them for less than that.

Besides, software is not physical, it really doesn't "exist". There is no guarantee that those bits will be interpretted in the exact same way and order every single time.

Re:Duh

[x+mani+x]

Otherwise there is simply no economic incentive to hire competent programmers and do rigourous testing.

Unless you've illegally established a monopoly, hiring competent programmers and doing rigorous testing is absolutely essential to the completion of a software project within reasonable time and having it become an economical success. Good software doesn't write itself. Period.

Re:Duh

[Rombuu]

. Otherwise there is simply no economic incentive to hire competent programmers and do rigourous testing.

Yeah, other than the fact that if your code is a bug ridden piece of crap no one will buy it.

Re:Duh

[Beryllium+Sphere(tm)]

There's an economic incentive if your customers demand reliability.

Compilers are pretty reliable, probably because programmers would refuse to use any compiler as buggy as the typical shrink-wrapped application.

Re:Duh

[anthony_dipierro]

This is not going to change until software companies become liable for damages when their software fails.

At which point there will be no more software bugs, because there will be no more software.

Otherwise there is simply no economic incentive to hire competent programmers and do rigourous testing.

What about competitive advantage?

Re:Duh

[anthony_dipierro]

Of course, except that we all know there are no monopolies left in the software world.

Except the 95 year one granted by congress.

Re:Duh

[Fizzlewhiff]

Before you go and suggest companies be liable when software fails think about how that would impact the availability free software.

Microsoft isn't the only entity that produces non-defect free code.

Re:Duh

[Citizen+of+Earth]

This is not going to change until software companies become liable for damages when their software fails.

And all of the litigation, of course, would cost the econony $600-billion/year.

Re:Duh

Here's my liability idea:

Lets say a company finds a bug in say MS Word, and decides to sue MS Word... It would only make sense to do the equation:

(Benefit to company) - (MS Word Price + Cost of defect)

If it turns out that the company saved 10k using MS Word (as opposed to maybe using a typewriter, or some other program), and the cost of defect was 3 employee-day lost of retyping the documents, then the company should be paying Microsoft for even bringing up the suit).

Seriously. Most software is more useful than no software (even the buggy Microsoft software). Thus, you can't waste time with software, since overall, it still saves you time (otherwise why would you be using it in the first place?)

Liability? What better liability than if you just stop bying buggy software? Simply don't buy software you've had bad experiences with. That will do more to the software vendor than any liability threat.

Re:Duh

[Darby]

If it turns out that the company saved 10k using MS Word (as opposed to maybe using a typewriter, or some other program)

A typewriter maybe. If the company used a basic text editor then they would have saved 50K because of all the wasted time fucking around with fonts and bolding stuff. 99.9% (made up on the spot, but probably not too far off) of all word documents would be better done without all the crap. Add in the bandwidth costs of emailing a 60KB attachment for 100 bytes worth of text and the savings go way down. The biggest advantage is that you can save the digital copy for later, but again, ascii is much much better than an ever changing proprietary format.

Re:Duh

Exactly, every computer is different. Then you have software that is always changing and anything can be added. I bet you couldn't setup 2 computers from scratch in the eactly same way, and then install the software in the same order twice.

Re:Duh

[symbolic]

To be fair, compilers are much less fault tolerant than the average software app. You either do things 100% "it's" way, or your app doesn't get compiled. And, how long the upgrade cycle for the average compiler?

Re:Duh

[gorilla]

I'd disagree with this. Detecting invalid input and producing a correct error message IS fault tolerance. If the compiler was to take an invalid file and produce invalid object code, or the compiler crashed, then that would be poor fault tolerance.

Re:Duh

[symbolic]

Perhaps 'fault tolerance' wasn't an appropriate term. I was looking for a way to describe having to deal with a wide range of variables without grinding to a screeching halt.

Not just "sloppy coding"

[shoppa]

If anyone believes that the greatest costs are due to "sloppy coding", they're wrong.

Yes, sloppy coding has great costs, but blaming the coding for the state of software engineering is like blaming the rubber O-ring for the Space Shuttle disaster, when everyone knows that it was an organizational issue that prevented the knowledge of the critical temperature from getting out of engineering and into management. Most of the software industry (and I include system analysts, architects, and customers who don't know what they want and won't let us help them determine it) is responsible for:

1. Poor requirements specification (e.g. specifying the platform and/or the language in the requirements - a big mistake, especially when the language they specify results in code riddled with buffer overflows)
2. Poor requirements confirmation (e.g. Everything anyone asked for goes into the requirements with no review at all to determine if it's needed, technically possible, or self-contradictory)

It doesn't matter how well you code, if the contract requires the coder to deliver an unusable product then that'll be what's delivered.

Re:Not just "sloppy coding"

[SirSlud]

This is why software, by law, should explode like an atom bomb when a sigfault occurrs. ;)

.. if we were developing bridges, etc, you'd see alot more caution and listening on the part of management and achitects (nevermind that for *some* reason, more managers in the engineering biz are .. gasp, actually engineers!) if there were physical costs to buggy software, rather than (mostly) economic costs.

Anyhow, I'm glibly musing, but for the record, I totally agree with you.

Re:Not just "sloppy coding"

[cpeterso]

Always blame the low man on the totem pole. Managers could not possibly be responsible for a poorly-defined project that is shipped behind schedule. CYA, fellow coders!

Re:Not just "sloppy coding"

[bhurt]

I agree, but it's more than just requirements. It's unreasonable schedules, a lack- in many cases- of release management or even version control, and a consumer environment that allows, even encourages, software companies to focus on new features instead of getting the features they already have to work right.

Re:Not just "sloppy coding"

My understanding of the coding prossess is that it includes doing those things you list correctly.

I have not read the article though, so maybe they trim down the definition, but if you are not receiving good specs there is a break down in communication somewhere.

Re:Not just "sloppy coding"

I agree whole heartedly, but I would argue that sloppy programmers make up a very significant portion of that tab. A few weeks ago, one of my coworkers walks over to me and asks if I've ever heard of a "Procedure too large" error from VB. Confused I ask, "How large is your function?" He responds, "Oh, about 3500 Lines." I just about spewed Mountain Dew all over my keyboard.

When someone writes bad code, they create problems in the future that can affect design and implementation. Often one crude hack forces you to write another crude hack. You can't make feature X work properly because it would mean rewriting 20,000 lines of code. This forces you to alter your design to something which may be barely "good enough". Crude hack piled upon crude hack until one day, all your servers explode.

So far (only 4-5 months into my career), 40% are caused by bad error checking, 40% are caused by incorrectly using an undocumented function, 20% are specification issues. Of course, ideally most everything but the specification errors are fixed before a product leaves the door.

Re:Not just "sloppy coding"

[shoppa]

My understanding of the coding prossess is that it includes doing those things you list correctly.

That's not the conventional definition. Usually "software engineering" is the sum of (requirement analysis)+(design)+(coding)+(testing)+(maintenance ), with a factor of management thrown around the sum.

Certainly there are methodologies that do not seperate these activities as much (compare extreme programming or rapid prototyping with the waterfall method). I'm all for these new methodologies and dead set against waterfall/ "big bang" development, but I don't run the world, and I certainly do not believe that "coding" without any requirement analysis or design is a good thing. Making prototyping part of analysis and design is a good thing, OTOH.

To say that coding is the problem-solving process is a bit presumptuous too; a very valid analysis conclusion in the business world is to not solve the problem with a computer program.

Re:Not just "sloppy coding"

[Furry+Ice]

Apparently you're not a coder. There's always a breakdown in communication somewhere. Sometimes it just happens to be small enough that the project can actually be successful.

Re:Not just "sloppy coding"

[ClosedSource]

Are these percentages just for "paper bugs" (bugs that were found by examining the code but never encountered at run time). The reason I ask is that in order for bad error checking to result in an actual run-time problem, the bad data either has to come from a human or from a coding error. Assuming that not all of your 40% of bad error checking comes from a human there must be some percentage of errors that you haven't covered. Unless all of the bad data comes from "incorrectly using an undocumented function" or is a "specification issue". Just something you might want to consider.

One of the more interesting sources of bugs might be called "facts about the system you didn't know". For example, in the book "Digital Woes" by Lauren Ruth Wiener, the author describes how a British Rail signaling system (tracking system) was unable to track trains after they converted to disk brakes. It turns out the old clutch brakes had the side effect of scraping the wheels clean of wet leaves which allowed the sensors to work properly.

Re:Not just "sloppy coding"

Problem is that most of the time nobody knows what the *system* should do.

Project Idea: Some upper manager got an aol account, and signed up for a porn site. Quickly realizing that his company could do the same with their product, he tells his lower manager "I want something like this AOL I just signed up for, only for our products."

Idea Revised: After some planning, and requirements gathering (for nobody knows what), the idea is to build an e-commerse site to sell things online (that's why there are so many of them out there, since that's the logical conclution to anything "computer" - to build a site to sell things)

Development: Should we require our customers to type in their first name, last name, names of their children, and thir favorite song? Shold we bind it to our current CRM? Oh, and now that top manager wants us to design it in such a way so that we can sell the system to other similar companies. And we only have 2 weeks to deliver the whole working and QAed system?

After the Fact: Top manager: "It cost us 6 million dollars? And it can't even do what I asked for! All I wanted was a comments page where customers can leave anonymous comments about our products! It was soo obvious, you're all retards! Cancel all curren projects and fire all upper-middle managment and promote all the rest to their positions."

Re:Not just "sloppy coding"

[ralphbecket]

Poor requirements specification (e.g. specifying the platform and/or the language in the requirements - a big mistake, especially when the language they specify results in code riddled with buffer overflows)


Are you seriously suggesting that a customer is going to specify "nobody will ever type more than twenty characters into this field and we require you not to bloat the application by checking for overflow etc."?

Overflow bugs and so forth are all bloody amateur mistakes to make in any language (although if universities were not pretty much required to teach non-stop Java/C#/C++/VB/... we could actually teach you some serious languages that would make all the difference.)

The problem is buyer behaviour

The fact is people buy software based on its features, and more often than not the latest and greatest feature is a bigger selling point than stability and security for desktop apps.

As long as consumers use this criteria for making their purchase decisions supply and demand will favor the companies who crank out software quickly.

And we will continue to have to deal with bugs.

Re:The problem is buyer behaviour

[RatBastard]

But what choice do they have? You can't buy the older, more stable versions of ANYTHING anymore. As soon as the "New! Improved! Now Shaves Your Cat!" version of QuickPr0n Plus hits the shelves, the older, patched, and reasonably stabalized version of QuickPr0n Plus has been yanked and is no longer for sale.

How many people who got computers with WinME on them really wanted ME and hiow many simply had no choice?

This even holds true with Linux and other Oopen Source/Free software. Many times only the newest versions are available without hunting high and low for a forgotten mirror that has last year's model on it.

Re:The problem is buyer behaviour

---I totally agree! Like I got some older macs, I would LOVE to be able to purchase some older OS disks from apple to run on them, from which flavor they have now. all I can get from apple is osx (maybe 9 still dunno), but I want 7.6 and 8.6., the stablest and best versions according to everything I have learned for these two particular boxes. Ya, I can crusie ebay, but what for? It's stoopid, I want to use these boxen, and with OS software that was extremely optimised for them. I don't want someones old used crap, deal with trading with some anonymous fubar off the net, like why can't I get what I want from the source, even with a disclaimer it's "not supported" anymore, and perhaps at clearance prices?

Same with apps. I'd like to get a few older web editors, I don't WANT to drop a grand on new webbiedreamie weever with all the latest crap I DON'T want or need, but NO, it ain't for sale!

The whole industry is rife with beta ware. Planned obsolesence, not planned quality, perpetual beta ware -war for perpetual profits. I want some stuff that comes fixed, don't need patches everyother day. I HATE being forced to upgrade every few months-so I don't! The industry is making LESS money off me than they could, but they don't care!

The developers are paying to fix the bugs?

[dubstop]

more than half of the cost borne by end users and the remainder by developers and vendors

Last I checked, I was being paid to deal with this stuff. When my salary goes negative, I'll be retraining as a burger-and-fries-technician.

In other news...

[Wrexen]

Poorly made cars cost the US $XX Billion/year, shoddy toilet seats cause millions in health insurance costs, and badly done yardwork costs millions in property value reductions.

Seriously though, why do people expect software to be perfect? It's designed by humans, made by humans, tested by humans, and used by humans. I'd be willing to bet that 85% of the people complaining about some bug in their software are the same people that opted to get the new version 3 months earlier and for 2/3 the cost than to get the "perfect" version that would have taken longer and cost more money.

The situation is a basic economic trade-off. Consumers are consistently choosing to save money when contracting for software without realizing that, hey, big surprise, the money you're not spending is the money that was going to fix all the bugs that are costing productivity now.

Software makers are only to blame in that they offer their customers the option to have buggy software sooner rather than tested software later. If these organizations would stop trying to cut corners and not squeeze every last drop of blood out of the developers in an effort to get the product out the door by the end of the week, maybe it wouldn't be crashing every half hour. When was the last time you heard about engineers taking shortcuts to make sure a construction project finished on time? It's unheard of in physical projects, but in software, consumers think they can get ahead by not waiting/paying for a completely finished product

Why does everybody pick on developers

[vanguard]

While this article isn't too bad I've been seeing an alarming amount of press regarding how bad software is. I read arguments comparing software to cars or roads.

<idiot>I built a wooden box to hold a kitchen trashcan last weekend. That box is completly bug-free. Why can't windows be like my wooden box?</idiot> Well, writing windows is harder.

The bottom line is that unless people are ready to wait longer for software and pay more for it you're going to get unpredicable levels of defects. Even if you are willing to wait, you're going to get defects anyway. Writing software is simply hard to do.

Re:Why does everybody pick on developers

[Zapper]

...That box is completly bug-free.

Well, that may depend on how often you take out the trash.
Now how can I fit in some reference to garbage collection?
........D'oh, too early in morning.

Re:Why does everybody pick on developers

[SlowMovingTarget]

Writing software is not difficult. Writing high-quality software _is_ difficult and requires experienced craftsmen (infer journalistic gender-neutrality, please).

So how then, can you get high-quality software quickly? Two ways:

1. Hire experienced experts. Experienced experts produce high-quality work quickly. They write code generators to do tedious work for them. They classify problems and hunt down and implement reusable solutions. Keep giving them raises and interesting problems. Granted, defects in the software will be of the extremely intractable variety (very subtle design flaws or bad/wrong requirements)
2. Reuse experienced expert knowledge and technique in the form of pattern-driven code generating tools. Hire journeyman developers to adapt the code the tool burps out and get on with life. Keep an expert or two around to extend or correct the patterns the tool uses for generation. You'll get applications that are far less pretty than the hand-crafted variety. On the other hand, the defects are known and predicatable. Tools (apologies for the shameles plug) for this sort of development are just now becoming available and practical. Granted, when handed a powerful implement fools often find a way to hurt themselves (thus instantiating the 8th corollary to Murphy's Law).

Either method has drawbacks. #1 produces the best software, #2 produces the cheapest software. #1 makes the "Agile" crowd happy while #2 is the sermon of "Software Engineers."

Why single-out developers for defective code? Because developers write defective code. No, all developers aren't clods with text editors. Developers who do write buggy code may even care about their craft (Pragmatic Programmer tip #1). But developers themselves are to blame for the defects in their work, even though outside factors contribute to problems. We must take responsibilty for our bugs, move on and fix them. Then find new ways of working that make it more difficult for software defects to make it into production evironments.

We cannot fix imperfect programmers. We can only mitigate the effects of their imperfection through mentoring, certification, education, and proper management. In other words, treat software development as a craft, a talent to be polished and perfected.

Writing software well means communicating well with a computer. Artful written communication is very difficult to reduce to an engineering discipline, yet the skill can be taught and practiced.

Ohh say 1/3...

[delphin42]

Better testing could allegedly cut that by one-third

What about the other 2/3? Is that wasted money that is completely unrecoverable?

I don't understand how this figure could have been generated other than pulling it out of thin air.

Re:Ohh say 1/3...

I don't understand how this figure could have been generated other than pulling it out of thin air.


Ummmm... maybe they pulled it out of somewhere else (now where's that link to goatse.cx when you need it)

Seriously, putting out quality software costs both time and money. the 2/3 is the cost of actually fixing the 1/3 (once again, actual numbers mysteriously provided from ... ummm ... somewhere)

Re:Ohh say 1/3...

[blancolioni]

I don't understand how this figure could have been generated other than pulling it out of thin air.

Well, why don't you read the fucking report then?

Missing figure?

[scott1853]

I skimmed through the article and I didn't see any place where it said how much it would cost to actually produce bug free code. I'm betting much more than the $60 billion arbitrary figure they came up with. And any additional cost in such a task would be passed on to the customer anyway, so they'd still foot the bill.

In any case, there's "good enough" software. If you lose 5 minutes to bugs per day, but overall the software saves you 2 hours a day vs. your previous way of performing the task, then you're coming out ahead anyways.

Re:Missing figure?

[Titusdot+Groan]

Hmmmm, almost every study I've seen shows that doing things right (proper requirements, design, testing, etc.) actually saves time. It's certainly been my own experience that projects following a good methodology have been cheaper than projects that didn't, interestingly enough the projects that didn't follow a methodology were always initially estimated to be inexpensive.

How many fewer versions of Office and Windows would there be if Microsoft was designing their software for reliability and usability instead finding a way to hack the browser into the OS to screw Netscape or modifying libraries to cause Lotus 123 and Wordperfect to misfunction? And would developing those versions be cheaper or more expensive?

Breakdown?

[ackthpt]

I wonder how compare the costs of software bugs left by the educated, to the costs of errors made by the less educated using it. Nice 309 page study, but seems like you could easily do one based upon the actual cost to the economy of workers taking a day to see Episode II and arrive at another pile of dollars. Useful?

If anyone's interested in the _real_ cost, wait until lawyers weigh in, as I expect they already have somewhere. I know Burroughs used to get sued on a regular basis before joining Sperry Univac and hiding behind a new name.

So let me get this straight

[b0z]

When presidents of companies that have ties to most of the politicians in the federal government horde money and rip off the people that work for them, costing billions, it's look at as an unfortunate mistake.

When overworked programmers make a few mistakes because they've been up all night working on something for an unreasonable deadline their manager demands, it's a horrible thing that the government feels it's necessary to look into?

I bet if there were some sort of programmers PAC that invited Dick Cheney out for a round of golf once and then a report like this one wouldn't have seen the light of day.

OMG

[Zen+Mastuh]

Wow. They have said the same thing about illegal drug usage and goofing off at work. I just hope that the politicians and the WSPTOTC (Won't Someone Please Think of the Children) don't create a crazy War on Sloppy Coders and start busting down doors, pointing automatic weapons at coders and shouting "You with the undocumented line of code! Hands off the KB or I shoot!" If I see a TV commercial where some guy with a pocket protector laments "I killed a judge with my sloppy coding", then I am moving to another planet.

This article it typical alarmist FUD. No mention of how much money is saved each year by coders. The sloppiness comes with the territory: unrealistic deadlines, sloppy documentation, buggy interfaces, clueless management, and a changing world. This world of perfection exists only in the minds of the pencil pushers at NIST. In the real world, coders sometimes make mistakes because they are...human.

Re:OMG

[JabberWokky]

Wow. They have said the same thing about illegal drug usage and goofing off at work.

I'd love to see all these amounts totalled up. I wonder if it would be greater than the GNP of the place the "statistics" are reputed to apply to.

--
Evan

Re:OMG

[Spyky]

shouting "You with the undocumented line of code! Hands off the KB or I shoot!"
...
This world of perfection exists only in the minds of the pencil pushers at NIST

I am currently working with some public code released by NIST. Very humourosly every line of code is commented. So at least they aren't hypocrites :-)

Spyky

Re:OMG

Excerpt:

if(foo == true) // If foo is true...
i++; // ...then increment i by one.

Re:OMG

[Luyseyal]

Hands off the KB!

that's awesome

-l

Re:OMG

[BrainInAJar]

What about when the costs overlap?

Like, is being drunk at work (Alcoholism: $1533 billion/year) while smoking pot (Drugs: $800 billion/year) concidered goofing off (Slashdot: $688 /year) ?

Re:OMG

[FuddChuckles]

If I see a TV commercial where some guy with a pocket protector laments "I killed a judge with my sloppy coding", then I am moving to another planet.

That's funny stuff right there.

Agreed, the article is alarmist and, in no small way, an exaggeration. I suspect that with enough economic modeling, we could come up with a $60B price tage for watching Martha Stewart:

Opportunity cost of not doing something worth a damn X
The cost of materials to build the lacquered, mother-of-pearl bird feeder X
17 failed attempts to build said bird feeder X
The number of idiots who actually try to build it (when they don't realize it was created on a bluescreen by ILM- much like Martha herself) X
Number of hours wasted asking someone for help at Home Depot who couldn't build a bird feeder if his uncle were Bob Villa X .......
= $60 Billion each show

You get the idea.

The point of the article (and arguably the only positive way to spin it) is to demonstrate that hurried programming *does* have its costs. What it ignores is that these costs are often more than returned by speedy innovation.

-FC

But customers don't WANT solid software!

I know it's dumb, but first-to-market still trumps quality procedures at all of the places I've worked at, or know of via former co-workers. There are rare exceptions, but it's always due to some nonconforming individual lucky enough to have enough power to force some minimal amount of quality upon a product.

Customers want a solution right away, management forces development to dump those cumbersome QA processes, the QA department gets slashed to the bone and/or filled with cheap new hires who haven't a clue about testing, and the drive is to HIT THOSE (arbitrary) DATES!

Cripes, no wonder the ones who know how to build quality software quickly and cheaply don't get to lead projects for long. These bugs are not a technical problem; they're a business problem. Most techies really want to write quality code, but aren't allowed to, due to these factors.

You can imagine why I might want to post this anonymously.

Profits? Hah!

[Shalome]

Profits? Hah.. try being salaried and spending many, many overtime hours attempting to route your network around an M$ bug, or repairing damage done by a M$-enabled worm...

More useless statistics

[joebp]

$60BN huh? How did they arrive at this figure? Travel to an alternate dimension where all software works perfectly and compare company's pocketbooks?

Please.

This is much like the rather PR-centric announcements from virus experts that ${VIRUS} caused $${LARGE_AMOUNT}. It's just an estimate, and without an example of an economy with perfect software, it's rather useless.

Yes, people need to strive to create more robust software, but throwing large numbers around tends to blur the issue, in my opinion.

It would be an interesting article if they proposed a system whereby companies are required to reimburse their customers if the software they buy turns out to be a buggy POS.

I could make a living buying second-hand copies of Windows ME and getting refunds from MS :)

Re:More useless statistics

[pdqlamb]

$60BN huh? How did they arrive at this figure? Travel to an alternate dimension where all software works perfectly and compare company's pocketbooks?

Naw, this comes from the same people who estimate the cost of hacker break-ins. You know, the ones who decide that since someone accessed an electronic copy of a $25 book, it cost the company $6 million.

This can't be true.

[brain-in-a-box]

Microsofts sales are definitely below 60 billion.

Unfairly harsh

[mactari]

Here's a quick quote:
[There are very few markets where "buyers are willing to accept products that they know are going to malfunction," said Gregory Tassey, the NIST senior economist who headed the study. "But software is at the extreme end, in terms of errors or bugs that are in the typical product when it is sold."]

Need I remind anyone of the Pinto? How about the recalls we've had recently with everything from tires to airbags? Even if the failures aren't that harsh, who hasn't heard a mechanic say, "Welp, the '89 model uses a Peugeot transmission. They're not exactly, um, the best." Having spent some time under a few vehicles, let me assure you the mechanics aren't always lying. :^)

So there's at least one market where one hardly hits perfection with version 1.0.

Of course software has bugs, of course bugs take time to fix or for a user to work around. The trick is that no software will ever be released bug free that does much more than print "Hello World!" to the console. It's not how much time bugs cost; bugs are a fact of life. The question is whether fixing those bugs would be worth the time it'd take to get them out. With a quick angry glance at the IIS team, often it isn't.

Re:Unfairly harsh

[afidel]

The automotive analogy is pretty good, as aside from software it is the only complex system that most people interact with day in and day out. It is however still flawed, in that a car, even with its thousands of parts is still orders of magnitude simpler than anything but DOS.

Re:Unfairly harsh

[image]

> who hasn't heard a mechanic say, "Welp, the '89 model uses a Peugeot transmission"?

I, for one, have never, ever, heard anyone say "Welp, the '89' model uses a Peugeot transmission."

Re:Unfairly harsh

[sbwoodside]

no software will ever be released bug free that does much more than print "Hello World!" to the console.

hypothesis - every line of code contains at least one bug
induction - you can remove the bug by removing the line of code
conclusion - bug-free code must have 0 lines

Re:Unfairly harsh

[A_Non_Moose]

The trick is that no software will ever be released bug free that does much more than print "Hello World!" to the console

Spoken like someone who has never tried Modula 3.

Only language I know of that segfaulted on a Hello World program...straight from the book.

Or a MS Visual C++ programmer lamenting on a Hello World program taking 6+Meg...

Heh.

linux!

[kirkb]

That's why I support linux -- where sloppy coding is free (and Free).

Yes, but...

...how much money does having buggy software in place save companies? Surely it lets business do things they wouldn't/couldn't do before? If you take that into consideration, some of these megacorporations 'losing' millions to buggy software wouldn't have existed in the first place. Catch 22.

Simple economics...

[ComputerSlicer23]

Okay, did you know that they can make airplanes and cars lots, lots safer. It just so happens that for an airplane company to make it safer would cost about 2Mil per seat, however, the average cost of a lawsuit for a plane crash is less then 2Mil, so the financial marginal benefit of creating a safer plane is not there. It is better to make it less safe, and just pay the families of airplane crash victems. Simple economics.

For similar logic, the testing and procedures to develop less buggie code is probably not in the interest of the software writing companies. Microsoft is completely capable of writing bug free software. Trust me, if Bill Gates said look boys we write bug free software, it could happen. However, the would release new copies of Windows every 10 years, they would have possible 10 new features, and nothing inovative.

This $60B loss will continue to happen, until the users pass the loss onto the vendor so they have to eat it all. The other problem is that $60B is an accounting number, and doesn't account for all the savings because they left the bugs in. It is entirely possible that removing the bugs during the cheapest phase (design), would have cost more then $60B dollars.

Re:Simple economics...

[kpetruse]

How do you make planes safer, exactly? Most crashes are due to pilot error, despite many safeguards put in place. The only crashes that occur these days (at least in the western world) are due to previously unknown faults.

Cars, now that's a different story.

Re:Simple economics...

[sowen42]

Reliable code delivered on time and with a reasonable budget is not only possible, it's common. When was the last time you saw a console video game crash? And trust me, debugging on that platform is a REAL challenge. But once it's burnt, it's burnt, and you can't sell bug fixes disguised as "upgrades" any longer. So when the market demands it, it can be done.

The fact of the matter is, however that most people accept buggy software, because most people work on a buggy, slow, bloated platform. (Guess whose?) No matter how good the caboose is, it ain't goin' anywhere if the engine it's hitched to is busted. So there's no market demand for stable code, because no one thinks it's possible. We have m$ to thank for that.

This will persist so long as it's impossible to buy a PC without paying the Microsoft tax. And with W. in office, you can forget about the justice department fixing that problem.

-S.

Blame the end-user?

[brendanoconnor]

Yeah, that makes sense. How can the user be to blame here? The every day user sees the computer as a tool that should be working and secure(actually they probably don't think twice about the security part). How can it be the users fault that there is a file attached to another file that could be a virus? I would say that if anyone is to blame for the $60 billion lose would be virus writers and sloppy coders, not the end users.

Also this was mentioned in another cost, if it cost $60 billion someone has to be collecting $60 billion, do they not?

Thank You.

Comment removed

[account_deleted]

Comment removed based on user account deletion

:P

[prmths]

what ever happened to the 4k assembly competitions...
now that was a challenge... make the coolest full graphic demo in 4k compliled.. ;)
i'm still amazed at what those guys could do with a 386/16 and a 4k program...
i remember one specifically that used some vga timing tricks to double VGA resolution -- and render some really sweet 3d graphics.. (fully lighted, textured, etc)
some of these things even had sound....

and another that used similar timing tricks with page swapping to get 4k colors out of EGA with some simple sinusoidal scrollers, blue ->black BG fade at the bottom..

you just dont see stuff like that anymore ;)

I know it's all non-open source and non-portable to other platforms... but that wasnt the point...
some even required a specific VGA card and/or sound card ... and if you had 'em... DAMN!
hell.. you never even see cool stuff like smooth scrolling in text mode

It's a pity that society encourages sloppy and inefficient code.. but... what can we do about it?

how about this: have your source publicly available so that you're encouraged to write code that is efficient, portable, and easily readable...

oh... wait...
;)

Re::P

[Lozzer]

I wish you could have seen the ZX81 demo that did colour and sound. Which doesn't sound impressive until you realise it was a black an white machine with no sound chip.

Re::P

[kpetruse]

That was damn amazing.

But not as good as the Chuckie Egg style game that was hi-res. THAT was astonishing. The problem is these days computers are too damn powerful, and they never get pushed to their limits with solid, clever and innovative coding.

Every programmer should be forced to learn assembly before getting onto C++, Java, VB etc. That would promote decent coding and get rid of 99% of the bad programmers out there.

Not real money

[moorg]

Sloppy coding is the unscientific way to point the finger. More than likely its not the code thats sloppy, its the release dates set by Marketing and Sales, feature list that are promoted before development begins, and poor testing by people more concerned about "this font isn't bold" rather than testing the core product. *sigh*

Re:Not real money

[T3chnomonk]

Amen brother. Most programmers would produce good code given a set of requirements that don't change daily and given a reasonable amount of time to complete the given task.

I place much of the blame on the management level individual that is supposed to direct and management development - this individual is the interface to the rest of the company and its his/her responsiblity to inform and educate his peers and superiors.

Developers implementing insanity can't help but let a little chaos loose.

Re:Not real money

[moorg]

Given a set a requirements developers can make almost anything. The problem lies when you have to change a _fundamental_ part of a project because of new "desires".

If a car was built using a fuel injected system, management wouldnt go the to makers and say "you know what we need in this version, sun powered air conditioning!". They would have to wait for next years model.

HMMM...

[_ph1ux_]

I wonder if its just a coincidence that sloppy coding costs 60B/yr and MS total revenue fora year is the same figure....

Nonsensical posts

Ok, so the study has determined how much is lost to bugs and who foots the bills. Interesting.

But the concept that by better testing you can reduce this amount is nonsensical unless you know how much the additional testing would cost.

If you spend 50 billion a year on additional testing in the US to reduce the cost of bugs from 54 billion down to 30 billion... you get no savings.

But there's two ways to look at this

[seanscottrogers]

Sure, it may "cost" 60B a year, but this is in a market where consumers are accustomed to flaky products. A look at any Microsoft product's success reveals a patience for buggy code, and even a desire to purchase upgraded product versions. In many cases companies actually profit off of new and improved products. We actually sell more copies off the shelf because the previous versions have so many problems. So bug on!

Just wait for the followups

[drew_kime]

I give it until the end of the week before we start seeing opinion pieces, some disguised as "independant think-tank studies," suggesting how to fix this. And I'll just bet the best-funded pieces are all going to suggest formal (ie: commercial) structures, not some silly little "standards" that just anyone can follow.

So who decided

[beleg777]

So who decides what the US economy is? More and more, I get the impression that when reports and studies talk about the "US economy" they actually mean "the big businesses with lobbyists."

Passing the buck.

[Linuxathome]

I don't think that I'm far off by saying that a large proportion of bugs go unfixed because vendors can easily avert having to address the problem by saying that it's a result of someone else's piece of software on the system. And when the problem is finally pinpointed, the changes needed to rectify the situation probably lies on one specific company (it shall remain nameless, but we all know what company this is--it is the company with the largest desktop OS user base), and they sit on it for ages before something is remedied, if at all. How many times have we heard on slashdot, "I sent them info about such-and-such bug and even a potential solution! And received no word in reply, nor indication that a patch would be made available."

Imagine if the software industry's mode of business shifted from one of "buying a product" to one of "purchasing a SERVICE." For me, I'd rather pay for a service to ensure that I have all the tools necessary to do my job right, without worrying about instability, than to have a product with all the supposed bells-and-whistles that I can use without problems only 50% of the time.

bugs

[brsmith4]

If it werent for crappy coding and bugs, many of us would be out of a job. Just remember that the next time you have to apply a service pack to yer exchange server or run an IIS update to protect from the latest worm. Those bugs keep IT on the payroll. (yes, yes, I notice that I mentioned IIS... shame on me. :)

Still a useful number

[xant]

You can still do a useful comparison between productivity when using the "ideal" software and productivity using the "current" software.

The complete analysis of hours of work per day would look like this:

Without software: 8:00
With bug-free software: 6:00
With existing software: 6:05

The benefit of having the software is obvious, but the cost of the bugs is real.

Re:Still a useful number

[afidel]

The complete analysis of hours of work per day would look like this:

Without software: 8:00
With bug-free software: 6:00
With existing software: 6:05

The benefit of having the software is obvious, but the cost of the bugs is real.

Yes, but what if the cost of fixing the bug is more, even in agregate than the cost lost to it? Then having the bug is a net savings to the economy over fixing it. People don't want bug free software, if they did every project would look like a NASA software development project, and even those have errors!

Re:Still a useful number

[scott1853]

Well, unless a software package specifically declares it will save you 2 hours per day without any fine print at the bottom saying the user must know how to use the software then it can't really be a cost.

If you buy a system and find out the first week it takes 2 hours less to do payroll than it used to, and you expect that figure to remain constant that's fairly unrealistic. Software is really a tool in the business sense. A carpenter wouldn't expect a hammer to last forever. So businesses should expect some downtime for tool maintenance. They do so with servers. Just because the bits and bytes don't change within the EXE file doesn't mean the bits and bytes in RAM remain constant.

OTOH

[Lucas+Membrane]

Other costs that America finds affordable:

Football pools -- $241 billion/year

Alcoholism -- $1533 billion/year

Drugs -- $800 billion/year

Coffee breaks -- $526 billion/year

Bathroom time -- $715 billion/year

Krispy Kreme Donuts -- $445 billion/year

Software company lawyers -- $440 billion/year

Neckties -- $211 billion/year

Slashdot -- $688 /year

Related Study

[drc500free]

Computerworld is reporting on a government study just released that developers spending their time reading slashdot rather than fixing software bugs is costing the U.S. economy an estimated $59.6 billion each year...

Offset Piracy?

[cloudscout]

So does this $60 billion offset the amount of money that the software industry claims they lose to software pirates?

How much money do software pirates lose by using illegal copies of sloppily coded software?

Re:Offset Piracy?

[happyclam]

Sloppy code costs $60 billion a year. Viruses cost billions a year. Piracy costs billions (and hundreds of thousands of jobs) a year. Unauthorized loafing (i.e. surfing the web and photocopying your butt) costs billions a year. Lost productivity due to slashdot reading/posting costs billions a year.

I've always been curious: Who pays these costs, and even more important... how do I get to be one of the ones collecting all these billions every year?

Re:Offset Piracy?

[fishbowl]

>I've always been curious: Who pays these costs,
>and even more important... how do I get to be
>one of the ones collecting all these billions
>every year?

Until and unless someone has the guts to claim these losses against Federal taxes, I'm going to
consider them without merit.

Re:Offset Piracy?

[Cynikal]

hmm.. a very good point, now if you combine the wages of the programmers, cost of advertizing, losses due to bugs and piracy, it seems like the software industry has an anual income profit of negative 3 billion... which if im not misstaken, puts them just ahead of the music industry in gross income.. am i right?

Sloppy coding makes bill gates a multi-billionaire

[Oriumpor]

News at 11.

Compensation plan changes

[robkill]

$60 BN? Time to cut back on the "bug bounty's" then. (envisioning Wally from Dilbert: "I'm gonna code me a minivan today!") 8^)

Much of testing is tied to requirements.

[bubbha]

I suspect that many if not most of the problems with software today are that the requirements that drive the designs that drive the implementation suck. If testing is the answer then we should realize that test plans are constructed from functional requirements documents. If you don't know what your building, then how can you test it?

Costs the Economy???

[rMortyH]

So, the money went from the economy, to the...

To....

You see this kind of headline everywhere!

Well all I know is some of it went to me, because I either help people with buggy software, or help them with its alternative that would never have caught on unless the first stuff was crap.

I think crappy software generates $60 billion a year in business.

If computers worked, I would starve.

$60 billion or $59.5 billion?

In other news, rounding for attention-grabbing headlines cost $0.5 billion.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Autocoding leads to less bugs

[3seas]

This really should have started out as a cottage industry, as so much else has in the computer industry. But Autocoding really is the solution direction to such software problems.

Re:Autocoding leads to less bugs

Autocoding leads to *fewer* bugs.

M$

[jzarzosa]

software bugs are costing the U.S. economy an estimated $59.5 billion each year

Funny... M$ products account for $59.4 billion of that total number.

Cost to comcumer GT $30 Billion

[Static242]

Everyone wants to blame M$ on this one but don't forget the IRS computer snafu. If they screw up your returns chance are the work does not get redone. They just bill you with the threat of audit to back up their sorry code!

Comment removed

[account_deleted]

Comment removed based on user account deletion

Or we could just Open Source govt code

[WillSeattle]

Save 90 to 95 percent on the costs, and have fewer bugs in the first place, plus own the code outright - either BSD (owned by the feds) or GPL or one of the variants.

Re:Or we could just Open Source govt code

[Junks+Jerzey]

Save 90 to 95 percent on the costs, and have fewer bugs in the first place, plus own the code outright - either BSD (owned by the feds) or GPL or one of the variants.

So you don't think Open Source code can be sloppy? You've never looked at the gcc sources, for example. Ugh.

Re:Or we could just Open Source govt code

[WillSeattle]

never said it couldn't be sloppy, just that it will end up having fewer bugs.

sloppy code != buggy code

IIS...

I herby invoke the slashdot revised Goodwin's law of 2002!

"Sloppy code" vs. market realities

[Infonaut]

It's rather obvious that the dominant paradigm in software development today is that of Microsoft. Their mantra has always been:

1) Get to market first, at all costs

2) Continue to add features, based on customer feedback

3) When the product gets good enough (after 4 or 5 major revisions) tout its reliability and stability

More about Microsoft's philosophy here: Microsoft Secrets. It's an old book, but still provides valuable insights into why the world of commercial software development has become more and more insane over the years.

Developers operate in an environment driven almost completely by market forces. Of course this begs the question - how much money would the economy loose if software were not driven by marketing and sales, and developers actually were given enough time to create virtually bug-free programs?

Re:"Sloppy code" vs. market realities

[Katravax]

Their mantra has always been:
1) Get to market first, at all costs

You're kidding, right? Did you just get into computers a year or two ago or something? Microsoft is hardly a first-to-market company:
NT? (OS/2 and Netware)
Word? (WordPerfect and Wordstar)
Excel? (Lotus 1,2,3)
FrontPage? (bought it from Vermeer, or bought Vermeer, I forget)
IE? (used pd code in first few revs)
PowerPoint? (Harvard Graphics)
Access? (wrote some, bought some)

For just about every MS product you can think of, they were second or third to market, not first. They have no need to be first to market.

2) Continue to add features, based on customer feedback

MS roadmaps out massive feature lists in advance, and implements and releases in cycles. It's not like they wait to see what customers are going to ask for. I attended a MS hoo-rah prior to the release of Office 95. Many of the features they listed like voice control and mapping, weren't included until much later releases. I'm not saying they don't implement based on customer feedback, but it's not like they don't think something through before an initial release.

3) When the product gets good enough (after 4 or 5 major revisions) tout its reliability and stability

No argument here. You're absolutely wrong on your first point, though.

Re:"Sloppy code" vs. market realities

[Darth_Burrito]

"Sloppy code" vs. market realities

I've seen a lot of sloppy code that could have been written much better in less than or equal the amount of time it took the author to write the sloppy code. If people would just stop and think about what they are about to write, things would go lots better.

Lack of modularization: I see procedures that are thousands of lines long when they could probably have been written faster with fewer lines if the author simply decomposed it into lesser funcitons.

Lack of Basic Documentation: Writing basic documentation for functions/procedures speeds up everyone's work and helps you clear up inconsistencies in your own design before you write code so it probably saves you time as well.

Naming variables in a logical manner: How much more time does it take to name something loop_counter than to name the same variable bob34?

More often than not, I see people site time to market as explanation for their buggy/sloppy code when they could have written it much neater in the same amount of time had they been better programmers. To me, time to market is definitely a strong factor, but so is programming discipline. Doing things quickly does not give someone a license to do things badly.

Re:"Sloppy code" vs. market realities

[Citizen+of+Earth]

IE? (used pd code in first few revs)

I thought Microsoft cheated SpyGlass out of it, which itself pilfered it from PD.

Re:"Sloppy code" vs. market realities

In your list, you forgot a couple of entries:
MS Windoze (pre-95): Flagrantly copied from Apple.
MSDOS: Bought from a company where is had been called QDOS (Quick and Dirty OS, see Jargon File), and was I believe a CP/M clone.

Re:"Sloppy code" vs. market realities

Being first to market would HURT Microsoft:

a) If it was first to market, they couldn't have copied the idea off anyone else (implies actual innovation, very unlikely)

b) Their initial offerings are always crap. Over time they do actually tend to improve things (witness that XP can stay alive longer than 49.7 days fresh out of the box!), but if they were the first to market, their product would be the focus of a lot of attention, and it would get a lot of negative press when it failed spectacularly.

It seems to me Microsoft knew what they were doing when they released their OS... get thousands of programmers to PAY YOU for the priviledge of handing you ideas to steal.

Re: "Sloppy code" vs. market realities

[Black+Parrot]

> Developers operate in an environment driven almost completely by market forces.

Of course, this report is just one of many symptoms that the public is getting sick of cr4ppy software. Development may always be driven by market forces, but the nature of those forces seems to be changing. Hopefully in a few years the dominant market force will be "get it right or get out of the business".

Re:"Sloppy code" vs. market realities

[Katravax]

You're right, I left a bunch of others out too. I was just going off the top of my head. There were similar products on the market prior to IIS (several companies), SQL Server (Oracle and Sybase), MS Mail/Exchange (cc:Mail, WordPerfect Office - the mail package, not the word processor), and several others.

Some of us remember the marketing where they were trying to convince us to give Word a chance in our WP setups, and they were pitching NT to replace aging mainframes! They then settled on a smaller target -- Netware, though Novell had total market share at the time :) The smartest thing MS did on that was to give us the Netware migration tool (codename Visine -- get it?).

Re:"Sloppy code" vs. market realities

[Katravax]

Ah, I think you're right! I'd forgotten about that.. I remembered seeing the credits to NCSA, but I think you're right about Spyglass... which also snagged Mosaic code.

Re:"Sloppy code" vs. market realities

> (codename Visine -- get it?)

Uh, actually, no...

Care to explain that one?

Re: "Sloppy code" vs. market realities

[Katravax]

*That* is Microsoft's true power -- to force other companies to respond to their actions, rather than to attempt innovation.

Re:"Sloppy code" vs. market realities

[Katravax]

Visine -- gets the red out.

Novell was known as "Big Red."

Re:"Sloppy code" vs. market realities

[Katravax]

I agree completely. I don't think they've ever been about innovation, though they do like to throw the word around. I do beleive they try to offer value for the money, and frankly, Excel is one of the finest applications of *any* kind I've ever used, and I still love NT 4.0 (though I admit that's a personal problem).

Re:"Sloppy code" vs. market realities

you right they are not first to marktet which means that they will actually make ever more sloppy code so that they do not seam to so much behind.

Re:"Sloppy code" vs. market realities

[kpetruse]

All true, but Exchange is a very different beast to all the other mail packages. Hate to say it, but it's actually rather good and can be considered MS's killer app in the corporate world. Try using Outlook/Exchange then Lotus Notes and you'll see what I mean.

But to reiterate the earlier point, MS never has been and never needs to be an out-and-out innovator. It usually buys in the software it needs - what's the shame in that? When it does write new things itself it generally ballses it up the first time, until they get it right. Anyone who used the first version of Plug and Play in Win 95 and then used it in 98 will know what I mean here.

(Oh, and Apple "stole" the idea of using Windows and a mouse from Xerox, so they aren't quite as innovative as people think. The underlying OS is very different too.)

We know where the source of the crappy coding is..

[Third+Normal+Form]

Here was the main culprit, responsible for $59 billion of the $60 billion.

with great power...

Coders need to realize that with great power comes great responsibiltity.
When I pay to have sex with a prostitute its like I'm paying to urintate on a little girl.

sloopy code/ submisionsn

[elsegundo]

Costas DOTSLASH usdsers 6 0 billions mouse clics per yearly

Re:sloopy code/ submisionsn

> Costas DOTSLASH usdsers 6 0 billions mouse clics per yearly

Derrrr, english language good! Me help grammar!

Hmm... no.

[J23SE]

IHRTSY (I haven't read the story yet;)), but I assume that these bugs are costing the economy by slowing down business, not making someone pay directly... and if you slow down business, GDP actually goes down.

Here's a gdenken for ya: Imagine if software bugs were so horrid that they prevented the use of software completely, and business just. Just because they'd have to pay software companies more to get updated versions does not mean that all the business lost due to the bugs would be compensated for.

As a game developer...

[Dixie_Flatline]

How much money do MY bugs cost? Do fatal bugs in my code actually RETURN productivity to the workforce? Do bugs in my code actually make money for the US economy?

Re: As a game developer...

[Black+Parrot]

> How much money do MY bugs cost? Do fatal bugs in my code actually RETURN productivity to the workforce? Do bugs in my code actually make money for the US economy?

No, because when your game blows up right when I kick down the door to beat Werdna's 455, I have to generate a new character and start over at Level 1.

What was supposed to merely while away a slow morning becomes a day-long project, and that is what hurts the economy.

Before people go blasting MS

[rutledjw]

let's not forget that the vast majority of coding is for customer-specific business apps. (Source: Cathedral and the Bazzarr) The vast majority of bad code is produced by you and me. Although MS may contribute...

In the frequently encountered sw development environment good coders are typically placed into a situation where we have to cut corners to meet deadlines. A faulty design or architecture has to be forced in due to time and/or money constraints. How many people here have had to develop to poor &| missing requirements? How did those projects work out?

Another issue, IMHO, is the proliferation of "look, you don't have to think anymore" IDEs. I am currently working maintenance on an "enterprise" project (the only thing enterprise is the price tag) which was built using Java-J2EE (enterprise ready) and deployed on enterprise hardware and app/db servers. Yet our throughput is abominable and we have huge memory issues.

The people who originally wrote this mutated plague 'o the land clearly had NEVER written a Java app in their lives and were writing code more-or-less out of the book (I was hired on when we started maintenance). However, it was written using a very powerful IDE which did a lot of code generation and allowed people with below-average IQs to become Java programmers... If they had tried to write this thing using a text editor, they would have been exposed and thrown out much earlier.

The power of thought and understanding cannot be underestimated. I am leery of any tool that seperates the user from the underworkings of any system, be it OS, language, DB or other. In the end, these tools allow people who have little understanding to create something that barely works.

Just because it will 'javac' doesn't mean it works for sh!t...

/rant. But it feels good to get that out

Re:Before people go blasting MS

[Citizen+of+Earth]

was built using Java-J2EE (enterprise ready) and deployed on enterprise hardware and app/db servers. Yet our throughput is abominable and we have huge memory issues.

What, you think that Sun developed Java because they are interested in moving software ?

Testing?

[nettarzan]

No amount of testing can salvage a sloppy design and coding. You need a team of skilled and trained engineers who are dedicated rather than people who just look forward to Friday and who should really been in someother field. Not someone who is in for making money. I guess the problem lies on the so called project managers imbeciles most of whom should be really doing some telemarketing stuff. The silver bullet to highly successful projects is - dynamic leadership, environment and dedicated, highly trained and skilled engineers. All other talk about testing is just rambling...
My 2 cents

Use time wasted for something else perhaps?

[cute-boy]

Business and governement spends a lot of time naval gazing and thinking about how crap the programs we use are, and wondering how much momey this is costing us.

Computer tools are amazing, when you think about their complexity. Learn to to live with their quirks, and when delayed (i.e. waiting for Winodws to reboot),do something else that is also productive instead.

RG

Solution is to sack 1/3 of all programmers.

[Ned_kelly]

Sack a third of all programmers and productivity would improve. There are many people in this industry who are mentally incapable of ever being competent programmers. They can't cut maintainable code and their bug ridden spaggetti mess just causes problems.

My experience from 10 years of contract coding is that the top third of programmers do 90% of the work, the next third do 30% of the work, and the bottom third do -20%. Sack them and productivity would improve.

Toh-May-Toh, Toh-Mah-Toh

[akiy]

You may call it "sloppy coding."

I'm going to call it "job security."

Number is meaningless without context...

[kcbrown]

For instance, how much money is actually spent on software development and acquisition per year right now? If it's, say, $120 billion, then that $60 billion figure is a very high number, an additional 50% that's spent on top of the acquisition and development costs. But if $6 trillion per year is spent on software (not likely, of course), then that $60 billion per year represents only 1% of the money actually spent on software.

Then, of course, you have to account for the price of quality. It is possible to write extremely high quality software: the guys who write software for the space shuttle do so, for instance. But such robust software costs a fortune and (perhaps more importantly) takes a great deal of time to develop.

In reality, we have nobody to blame but ourselves for the poor quality of software (open source software aside, though it's not immune from poor quality). If people in general were willing to pay for greater reliability for software, those who provide better quality would be doing better than those who don't, and other software houses would take notice of this and start to produce better quality software themselves.

Rather the opposite has happened, of course. And it's not just limited to software, either. Look at the goods sold at such places as Wal-Mart: such goods are often of inferior quality to other similar goods, but they often sell better regardless.

When are we finally going to figure out that people want what's barely good enough for the cheapest price possible? Quality only matters when it's low enough that the product in question falls into the "not good enough" category. Warpage of the market by monopolies aside, the market has decided that the quality of software available is good enough. Otherwise, that software wouldn't sell.

Things might be different if people were thoughtful enough and had enough knowledge to determine the total cost of ownership, or to even care about such a thing. But they're not, probably due in large part to the dumbing down of the U.S. population.

And on the page....

[cant_get_a_good_nick]

A microsoft ad. Coincidence, irony, poetic justice... You decide.

Sloppy ice cream cone eating

[bperkins]

Say the avaeage american eats 25 ice cream cones a yaer (one every other week). That's 6.25 billion a year. Now lets suppose that 25% of ice cream cone eaters are sloppy ice cream cone eaters, and create some sort of a mess.

Let's further suppose that it takes one minute to clean up the ice cream cone mess, and that costs about $15 per hour including benifits, suprivisors, etc.

That means the US loses 312 million per year due to ice cream cone messes! Surly we can reduce this cost with public awareness ads.

That's

whatever

[cr@ckwhore]

Honestly, I bet "better testing" probably would cost the US economy more than $59b.

1. Longer time to market = longer ROI
2. Additional costs of testing = higher package price

Given that we exist in a free market society, I'm willing to bet that free market principles are in effect and $59b in software bugs is a good balance.

All of them are in Adobe Pagemaker!

I just lost 2 hours work to a spontaneously corrupting Adobe Pagemaker document. Everytime this happens, I add another Adobe employee to the list of those that will be lined up against the wall. So far, they're going to need to hire more people, because I'm going to F***ing strangle everyone in the company.

59.5 Billion in losses

[The_Shadows]

And, what, $59 billion in sloppy code is from Microsoft?

Irrational Project Constraints

[Syncerus]

Statements like the above are very misleading. On most of the major projects I have worked with over the last five years, time to project launch was always the
number one consideration. In every case, I was ground relentlessly by senior management on a continuous basis about time-to-launch. If I stated that a project would take eight months to complete, the next question from senior management would be on ways to release the product in six months.

The following day, I would get grilled on how to release the product in five months, or maybe four months.

I experienced these same conditions while working for a number of different employers; when I pushed back on the release dates, a reason always appeared why our company would collapse in wreakage if the project were not released by the nearer deadline.

I and the programmers that I have worked with finished some projects on time; others we did not. We worked in deliberate languages (C, C++, Java) and RAD languages (Perl, Python). The specifics of the project changed, but the mentality of an uninformed management never changes.

I am very proud of what we achieved, bugs and all. I think that we did a hell of a job under very difficult circumstances.

The statement that software bugs cost American industry $60 Billion makes me laugh when I hear it. For the most part, the bugs are caused by management refusal
to spend the time and money it takes to write bug free software.

The overwhelming majority of bugs can be easily eliminated by good developers if the following elements are in place:

Good Functional Specifications
Explicit Coding Standards
Unit Testing of Code Modules
Peer Review
Sane Project Deadlines

There's not much else to it. That, and the desire to do good work will fix 90% of the so-called problem.

Lesson to learn....

[shr3k]

Another man's trash is another man's treasure.

59 billion in losses to users

[Berserker]

Why that's about one third the software companies losses due to pirates. No wonder we don't feel sorry for the big software companies.

Re:We know where the source of the crappy coding i

[RedWolves2]

Yeah right and that is why it took four years to launch Mozzila. I am sure it took four years and there were no buggy lines of code. Had to cost some good chuck of money.

Testing Schmesting!

[pmz]

I'm bothered that this article focused so much on testing, when the real solution lies so much further up the development "pipeline".

Testing is very important, but it really is of limited use when the software has chronic design problems. If the nature of the software lends itself to hack-n-patch type fixes that build up into a painful thicket of code, then no real progress is made through testing.

Testing is intended to shake out the last few bugs in a well-thought out system, and the users delight in using the final product....<wakes up>...oh, I must have dozed off there...where was I?...oh...<hack-hack-hack punch-punch compile damn-it! hack-hack...>

A Cranky Perspective

[John+Whitley]

What-ever. If we're going to issue over something, then let's talk about the short- and long-term ramifications of externalized costs due to industrial pollution, automobiles, environmental mismanagement, bad/corrupt urban planning, and similar factors that have been with us for far, far longer than the measly few decades software developers have been doing their worst. No matter how bad your office productivity suite is, it probably won't give you asthma or lung cancer.

sloppy coding = support $$$$$

[silversurf]

One thing to consider (not the only one of course) is that anyone who's worked for a manufacturer/software company knows that a massive source of revenue is support. In fact some companies rely on those support dollars beyond what they're getting for new purchases. especially those products which are big ticket (e.g. Avid, Discrete Logic, Oracle, SAP) which cost over $100k+ to buy into and then %15 (or some percentage) of the cost per year for support. Just so you can get someone on the phone to explain that that's "known issue" and "we're working on that for the next release", etc. etc.

The problem is that the support model helps drive revenue and if a company made perfect code, poof, support dollars start to dissappear. Besides, most companies can't produce a marketing flyer that's error free, let alone made bug free code. Plus, when you build a complex app, how on earth can you imagine every possible user interaction that can go in to it? Given enough tries someone will figure out how to break it in some unimaginable way you never thought of because there's more of them using it and less of you testing it.

just my thoughts,

-s

Software engineering doesn't exist yet

[sbwoodside]

This is just ridiculous. Software "enginering" doesn't exist ... it's just an idea in people's heads. Software right now is a craft. You have a bunch of skilled artisans (programmers) writing code, but the whole program is in their head, the people represent the software, and the quality of the code is directly a result of the quality of the programmer, and the managements ability to understand this process and keep the programmers going in the right direction and talking to each other.

Only in the most ridiculous cases do people practise "software engineering" (like at NASA) because it's too hard the way they do it now (mathematical proofs).

And I speak as a software program manager and I have a good degree ... and I think my degree is good because I was exposed to some of the best software craftspersons. There's no rules and definitely no big black book of programming.

Simon

Maybe that's because you skimmed it

[GuyMannDude]

I skimmed through the article and I didn't see any place where it said how much it would cost to actually produce bug free code. I'm betting much more than the $60 billion arbitrary figure they came up with.

(emphasis mine)

I'm sorry but I have to take exception to your tone. Simply skimming a news blurb does not give you the right to trash the NIST study or label their conclusions as "arbitrary." Until you've made an effort to digest whatever analysis is contained in the 309 page study (and there is a link to the PDF file so don't say you can't do so) you really shouldn't be shitting on someone else's work. I don't think I'm being harsh by taking you to task over this. That news bulletin is an advertisement of sorts for the study. You can't possibly expect to get a full understanding of their analysis from a news blurb, for chrissake.

I'm sorry but one of my pet peeves is armchair philosophers who seem to think that they can best the experts without actually doing any work.

GMD

Re:Maybe that's because you skimmed it

[scott1853]

You can't really say I'm wrong either unless you read the whole 309 page study. The point is that these studies are ALWAYS innacurate. It's all just a guess using small samples of the population and extending those values out to cover the entire population. It's going to be about as accurate as those claims on how much the Code Red virus cost.

I'm sorry, but one of my pet peeves is armchair analysts that are willing to knock down any comments that show any skepticism about written material and assume such material must be treated as though it is correct until proven wrong by a college professor or industry giant.

Re:Maybe that's because you skimmed it

[greenreaper]

Who says he didn't read it? And does it even matter? The point is that you didn't, so you don't have the right to trash it. The group compiling the report probably spent man-years compiling it. How long did you spend before discarding it?

Re:Maybe that's because you skimmed it

[Aceticon]

Never say never (or always or nobody or everybody ...)

Re:Maybe that's because you skimmed it

[scott1853]

I didn't have to read the whole bible to discard it an nonsense. You can go ahead and be one of the sheep if you want but I'll continue using my own brain regardless of what you think of my conclusions.

Re:Maybe that's because you skimmed it

[scott1853]

You're right, "usually" or "alleged" would have been more politically correct. But that's ok, I was responding to a personal attack anyways.

Re:Maybe that's because you skimmed it

[Aceticon]

It's actually not a politically correct thing - it's more a discussion ability thing:

- Saying never (or always or nobody or everybody) marks your sentence as being probably untrue.

1) Pure physics - everything is possible.
2) When it comes to human related subjects there is usually an exception.

When someone uses one of the include/exclude everything words in an argument i immediatly think they have no proof whatsoever (given that such generalizations are almost unproovable) and thus no reason. Using one of those words usually means someone is "creating castles out of thin air".

So what

[vsprintf]

Even if true, the amount is a pittance compared to the costs of bad management. Dotcoms and Enron anyone?

Guess Who Gets Cut First...

[Greyfox]

When the companies start slashing staff because the stock went down a couple of percent. The testers. It seems like the testing team is always the first to go.

Stupid Schedules/Marketing deptartment!

As a former quality assurance engineer, I assure you that a good portion of buggy code which makes it to the customer does so only because the product "must be released on time" so that profit$ can be posted in a specific quarter to meet expectations.

Give the developers and testers 3 more months, and version 1.0 will be 1.0, not 1.0 alpha. Sure, version 1.1 should could be good, if new features weren't also expected...

well, that's obviously an underestimate

[msouth]

I've been paid a fair amount over the last few years to write sloppy code--I'm sure the number is a lot bigger than that...

Slashdot due for name change

To Statsdot maybe...

quick followup

[wrinkledshirt]

Funny enough, but the same article is on progress.org.

Cost of sloppy business processes

[alienmole]

If one adds up the cost incurred by employees who do unnecessary work that could be done more efficiently, managers who assign unnecessary or counterproductive work because they don't truly understand what they're trying to achieve, etc., it would easily come to ten times the quoted figure.

The real problem is that most humans don't know what they're doing or why they're doing it half the time, and these studies simply point out some of the implications of that...

Re:Cost of sloppy business processes

[Tony-A]

The real problem is that most humans don't know what they're doing or why they're doing it half the time, and these studies simply point out some of the implications of that...

Like the visible part of an iceberg.

And

[phpdeb]

Cigarette smoking costs $10000000 a year
The war on drugs $2000000000 a year
NASA to crash things into Mars $300000000 a year
Who cares, shit costs money. It takes money to make money. Big deal.

How much is saved by using computers over typing everything on type writer and storing everything on sheets of paper and microfilm.

Sure better testing should be employed by a lot of software developers, but the market is really what drives this sort of thing.

Will someone pay $3000 a licence for this app because it was tested really good and is really solid or will they buy the not so well tested competitor's version of $1000 a licence?

If people want better software they are going to have to pay for it. Someone has to pay for testers and shit.

It's called capitalism.

Doesn't cost me that much

[AintTooProudToBeg]

Sloppy coding earns me approx. $31.75/hr!

Not everyone loses.

[erroneus]

**WARNING** Microsoft bashing!!

It has been brought up many times that having bug-free software is not in Microsoft's best interest. It's the bugs, subsequent versions of the same software and dropped support for old versions that keep the company raking in the dough.

I'm not sure I have to go into great detail to explain how that works, but clearly, there is a business model in the works here and not just sloppy coding.

What about the costs needed for better testing?

What about the costs needed for better testing?

Back of the envelope calculation

[washirv]

US Population: approx 0.25Bn
Cost of Windows XP: $200
Total cost: $50Bn
Yeah sounds about right

In other news...

[Burdell]

useless government studies cost $120 billion a year.

$60 billion... cut by a third... carry the one...

[Dirtside]

I can tell how this would go. If bugs cost us $60 billion a year, and better testing would result in one-third fewer bugs, who wants to bet that this extra testing would cost about $20 billion? :)

Usual Stuff

just another story with BS statistics. Where did the data come from, the national census? if not it's either highly extrapolated or just BS.

cool thanks for modding +5 Predictable

Lack of Plan/Lack of Enforcing Plan

[ackthpt]

1. Poor requirements specification (e.g. specifying the platform and/or the language in the requirements - a big mistake, especially when the language they specify results in code riddled with buffer overflows)

Generally a lack of standards or enforcement, though one of the great hazzards is idealistic inexperienced (or worse, experienced) people with grand visions of the perfect tool followed by shock, dismay, even anger when users fail to share the author's enthusiasm. Time lost on poor communication is added cost to projects/products.

Experience has taught me enough to ask what the user is actually going to do with it and see past just their "want", because what they need is often considerably different (and usually much simpler.)

I'll generally create prototypes to show users to get feedback on look, ergonomics, and usability. Early communication and feedback are essential to a smooth project and a good product. I'll never know all the answers, so giving users a shot early on saves us both of us headaches down the road. Few things are more painful to a coder than having to completely re-engineer an application when it's about 90% done.

2. Poor requirements confirmation (e.g. Everything anyone asked for goes into the requirements with no review at all to determine if it's needed, technically possible, or self-contradictory)

This reminds me of so many times meeting with a user to discuss a few changes to an existing application, to find they don't even use it, or use it properly because it was dumped on them or never updated to follow their needs. At some point many just give up on asking for fixes and find another way, particularly when the IT channel has been unresponsive for a long time. Extra time doing work arounds, or cleaning up the mess of users doing short cuts probably doesn't figure into the study, but I've spent enough time and cycles trying to clean up or form links between messy data.

Sloppy Coding, Gaming, and OSes

[TibbonZero]

Everyone knows that today you need more Harddrive space than ever. That is a fact.

However, I think that alot of that harddrive space is wasted on sloppy coding. At one point, hard drive space was so expensive, that you couldn't afford to have sloppy and inefficnat programs. 8mb of memory was standard, you didn't have 512mb to mess with and leak to. Look at your OS even. Windows 95 fit onto 30mb or so. You could sqeeze it even more if you started deleting things that weren't needed (paint, wordpad, etc...)
Now, look at your WinME or WinXP install. I just did a clean install of XP Pro, and it's taking up 1,082,413,755 bytes (about a gig). Yea, that's a bit much.
Ok, I will give it to you, WinXP Pro has more features and functionality than 95, however is it 34x the features and functionality? Is my computer 34x better, or have 34x more applications and programs that I use? No!!!

I think that this code has been bloated to hell. At one point running DOS/Win3.1 and even NT 3.51, I knew what 90% of the files on my computer were, when they were put there, and what they were for. Now, who knows what 'adsmw.dll' does? (Ok, I know one of you guys probably know, but...)

Also, they haven't optimzed anything, or made anything faster. Win95 could run on a 486 great. WinXP choaks on a 300PII with 64mb. Again, we have gotten more features, but for a system to run smoothly do we need 10-20 times the processing power to make it run well? I think that's absurd. Again, we have came far, but dont' tell me that it couldn't be faster with current hardware.

Linux isn't free from this either. Again we have more features now, but look at the requirements of Redhat 5.2 to 7.3, they have gone up ALOT. And now its THREE CDS!!! That's even beating MSFT. We have alot of programs on linux, but come on, that's crazy. No you don't need all that stuff, but the size of the "Standard" install has gone up dramatically.

Now on to games. Let's take Ultima Online. I remember in the Alpha test and Beta test, a 486 DX/4 was more that enough. I ran it on a Pentium 90, it worked great. Now the system requirements are what? Pentium 233 with 64mb ram? It doesn't sound like much (the engine is pretty dated.), but they haven't gotten ANY new things in it that would have really increased processor usage. No new graphics in the 2d version, no sounds really, just bad programming.

Has anyone looked into the Demo Scene lately? I want them to program my OS and games for me!! They program stuff on 64k that most games can't do in 64MB!!!

I think that most of the time now, the programmers are seeing these fast 2.4ghz systems and thinking "Who needs to optimze their loops on a system that fast"? And "Let's use Long Doubles for everything, even if it's only a bool, more consistant that way..". I personally hope that they start seeing that they can run faster if they program better...

Re:Sloppy Coding, Gaming, and OSes

Because all operating systems are written by programmers, I assume that any operating system is much smarter than me. Thus, any good operating system should try to outsmart me by restricting my options at every turn. Linux, like all versions of Unix, is lousy at restricting my options because at the command line virtually any operation can be performed with ease. (For example, 'rm -rf /win' could 'delete an entire mounted directory, with no popup window warnings whatsoever.)

I'm proud to say that there is no such danger in XP. Windows pop up when I want to make a change, and then more pop up to ask if I'm sure I want the change. Thankfully, Windows XP looks after my computer's well-being by occasionally switching configuration settings from the way I want them to what the OS programmers think they might probably ought to be. Boy, I'm just impressed with how smart they are. Once I learned to live with whatever the default settings are on any new hardware I install, I can't say the number of hours I have saved.

I use that spare time to reboot my Windows XP machine multiple times a day. Technical support personnel recommend that I do it regularly-- kind of like brushing my teeth. To help remind me of this necessity, windows pop up to tell me to reboot whenever I make a configuration change. By now my machine is minty fresh, I figure.

There is no such useful rebooting in a Linux system. It is as reliable as the sunrise, with uptimes in weeks, months and years. Virtually no configuration change requires a reboot, to boot. Imagine all that plaque in the computer. Gross!

In XP I am prevented from making dangerous fundamental configuration changes unless I use a special "registry editor". I have found it so useful to have this separate editor that I hope in future versions they go all the way and supply a separate editor for each file on the disk-- in that way windows could pop up at every keystroke to warn me that changing any line in the file I am editing could cause the system to not run properly. If this were only the case, people would finally learn that it is best to just stick with the mouse and they would be freed of the need to constantly move their hands back to the keyboard. (If one stops to think about it, the mouse is a much better device to use than the keyboard. Ever hear of someone getting carpal tunnel syndrome from a mouse? No. It's comfortable and ergonomic. Like Morse code devices. That's how long distance communication started, after all.)

Linux, by contrast, requires no special editor to change configuration files. The fact that there is no "registry" in Linux allows the abomination of using any text editor whatsoever to do the configuration. Can you believe that configuration files are usually stored clear text? Talk about dangerous!

I am also happy to report that I have experienced no truth to the rumor that Windows disks become corrupt after improper shutdowns. Indeed, I have been forced to improperly shutdown the machine innumerable times after it locks up, and I have no apparent problems to report regarding the disk. No such claim can be made for Linux. They say something about lack of data points. Excuses are all I ever seem to hear from the Linux crowd.

By sheer size alone, Windows XP beats Linux hands down. It is so much bigger, it is _obvious_ that it is better. Why would you want a small OS with the large disks and RAM sizes we have these days? For this reason alone, I heartily recommend Windows as a way to maximize resource utilization. Your CPU and disk will constantly be pegged to the limit, the way god intended. The Linux kernel and drivers accounts for only about 750KB. Why, even the Microsoft Win16 subsystem uses more space than that.

It is no surprise that Windows XP costs $300 on the retail market and Linux doesn't cost anything. People know what they want, and they want Windows XP. Because Linux is free, that means it's basically worthless. The same goes for all the development tools, remotable GUIs, and applications, which all cost money for Windows (i.e., are worth something) and free for Linux (worthless!).

Installing software is very easy in Windows XP. I usually slip in CDs without even reading instructions or warnings, and just double click on whatever window pops up. There is no need to read anything or touch the keyboard. (Did I mention that I hate that thing?) Well, OK, I have learned the hard way the machine locks up if I don't take the time to close all other applications.

Linux, by contrast, requires typing on the keyboard to get anything to install at all. And you always have to know the NAME of program you want to install. For example, in Slackware, you have to type "pkgtool" to install a program. Linux needs to get with the 21st century!

Windows XP follows the DOS convention of putting \r\n at the end of every line of a text file. While this is only a mild concern because of the relative rarity of text files on Windows machines these days-- thank god--it helps to differentiate between the text files and the other files. Sadly, Linux makes no distinction between text and other files.

If I legitimately purchase Windows XP, I can call Microsoft customer support to get help with my problems. After a short hold time of an hour or so, they always help me. Ever since I told them that I was dual booting to Linux, they were able to flag my account and now each time I call even the entry level support personnel I am connected to say that Linux is the source of my problems. Everyone seems to agree that Linux is no good. The more I listen, the more I'm impressed with the knowledge of the support staff there.

By contrast, in Linux, all I have is stockpiles of resources and documentation that I would actually have to read in order to understand. Sure, I could obtain Linux support from a commercial organization, but they would probably just tell me I have to use a text editor to fix up my system.

In the end, I have no need for that old computer donkey Unix. I don't need to run big Unix tasks, after all. I refuse to become one of those a bug-eyed computer users, that's for sure. As soon as I can keep Windows XP from crashing for long enough, I'm going to delete my Linux partition, i.e., the equivalent of moving it to the recycle bin, saying that I'm sure, emptying the recycle bin, and again saying that I'm sure I want to empty it.

TibbonZero wrote:

Everyone knows that today you need more Harddrive space than ever. That is a fact.

However, I think that alot of that harddrive space is wasted on sloppy coding. At one point, hard drive space was so expensive, that you couldn't afford to have sloppy and inefficnat programs. 8mb of memory was standard, you didn't have 512mb to mess with and leak to. Look at your OS even. Windows 95 fit onto 30mb or so. You could sqeeze it even more if you started deleting things that weren't needed (paint, wordpad, etc...)
Now, look at your WinME or WinXP install. I just did a clean install of XP Pro, and it's taking up 1,082,413,755 bytes (about a gig). Yea, that's a bit much.
Ok, I will give it to you, WinXP Pro has more features and functionality than 95, however is it 34x the features and functionality? Is my computer 34x better, or have 34x more applications and programs that I use? No!!!

I think that this code has been bloated to hell. At one point running DOS/Win3.1 and even NT 3.51, I knew what 90% of the files on my computer were, when they were put there, and what they were for. Now, who knows what 'adsmw.dll' does? (Ok, I know one of you guys probably know, but...)

Also, they haven't optimzed anything, or made anything faster. Win95 could run on a 486 great. WinXP choaks on a 300PII with 64mb. Again, we have gotten more features, but for a system to run smoothly do we need 10-20 times the processing power to make it run well? I think that's absurd. Again, we have came far, but dont' tell me that it couldn't be faster with current hardware.

Linux isn't free from this either. Again we have more features now, but look at the requirements of Redhat 5.2 to 7.3, they have gone up ALOT. And now its THREE CDS!!! That's even beating MSFT. We have alot of programs on linux, but come on, that's crazy. No you don't need all that stuff, but the size of the "Standard" install has gone up dramatically.

Now on to games. Let's take Ultima Online. I remember in the Alpha test and Beta test, a 486 DX/4 was more that enough. I ran it on a Pentium 90, it worked great. Now the system requirements are what? Pentium 233 with 64mb ram? It doesn't sound like much (the engine is pretty dated.), but they haven't gotten ANY new things in it that would have really increased processor usage. No new graphics in the 2d version, no sounds really, just bad programming.

Has anyone looked into the Demo Scene lately? I want them to program my OS and games for me!! They program stuff on 64k that most games can't do in 64MB!!!

I think that most of the time now, the programmers are seeing these fast 2.4ghz systems and thinking "Who needs to optimze their loops on a system that fast"? And "Let's use Long Doubles for everything, even if it's only a bool, more consistant that way..". I personally hope that they start seeing that they can run faster if they program better...

Re:Sloppy Coding, Gaming, and OSes

[accessdeniednsp]

******WARNING: LINUX DEFENSE!!!!************

Just a meager, heads-up:
Slackware-8.x full-install sits nicely on 1 CD and it all fits nicely inside 800meg. The only modern-day OS that can match that would be one of the BSD family members.

/WARNING.

But in agreement, yes, the base RedHat and "other" distro installations are getting insane. I saw a SuSE install that made me cringe. So that's why I use Slackware; It makes me l33t. I can't be l33t with RedHat (if you don't RPM everything you fux0r the whole system when you try to add packages later. How bloody retarded...)

Computers suck. I wanna be a plumber.

Re:Sloppy Coding, Gaming, and OSes

[TibbonZero]

Funny, and sarcastic, but I wasn't again Linux in this post... I like linux, I was just saying that Linux has gotten bigger too, well not on Slackware, but the other distros have...

It more the bad code

[ToasterTester]

The problem started when Engineer was no longer in charge of schedules, Marketing type were. Then things really bottomed out when Finance start setting schedules according to when they needed to have the revenue in the books. All this shorten QA schedules, then development schedules, then staff sizes. Put the necessary time back into schedules and software bugs will shrink.

hmmmm

[xgunnerx]

Better testing could allegedly cut that by one-third Not likely. Testing of the software isnt that big of an issue. "Most" bugs that are found by customers are already present in the bug tracking databases of the people that developed the software. It's the will of the Product/Program managers to decide wether to spend the dev/qa time to fix the issues. Arent STM dates a bitch?

Re:hmmmm

[happyclam]

Testing of the software isnt that big of an issue. "Most" bugs that are found by customers are already present in the bug tracking databases of the people that developed the software.

Not necessarily true. The most recent startup I worked for (and got laid off from) had a policy of "ship it at soon as it has a heartbeat, and we'll clean it up during customization."

Get this: 18 developers, one QA person. 6 months development, 3 weeks QA. Some stuff didn't even make it into QA. Yes, I opposed that schedule and spoke out against it but was overruled by The Man.

So, perhaps it's not "more testing" that's required, but rather "more integrity" on the part of management of software companies. I think we all know the valuation games executives play these days, often sacrificing quality or glossing over deficiencies.

Do you have to keep bringing it up?

Look, I already said I'm sorry, and now that I know about off-by-one errors, I'll be more careful.

A.C.

Re:Not just "sloppy coding" (Challenger lessons)

[Beryllium+Sphere(tm)]

Yes. Sloppy engineering is a symptom and not a cause.

Engineering at Thiokol did present data about cold-weather hazards to management. The problem was management's decision to disregard the data.

Here's an excerpt from something Boisjoly said:

Some discussion had started between the managers when Arnie Thompson moved from his position down the table to a position in front of the managers and once again tried to explain our position by sketching the joint and discussing the problem with the seals at low temperature. Arnie stopped when he saw the unfriendly look in Mason's eyes and also realized that no one was listening to him. I then grabbed the photographic evidence showing the hot gas blow-by and placed it on the table and, somewhat angered, admonished them to look and not ignore what the photos were telling us, namely, that low temperature indeed caused more hot gas blow-by in the joints. I too received the same cold stares as Arnie with looks as if to say, "Go away and don't bother us with the facts."

In further news....

[timeOday]

experts estimate that friction costs the economy $200 billion per year.

That doesn't work.

[Steveftoth]

Comparing boob jobs to broken windows is different, one is a luxury item, something you don't need. And the other is a loss, someone caused you to buy something that you already have. Every house needs windows keep the heat in/out (esp. in places like Alaska), but nobody needs boob jobs to live (well maybe in extreme cases).

Does this number factor in at all the amount of money SAVED by using computers in the first place? Or is it just a measure of how much money we could be saving if software was 100% efficient.

This also just in...

[El+Camino+SS]

Here's another funfact instead of a inflated $60 billion:

Unrealistic ideas and the opinion that computers could solve all problems cost the American people the entire freaking economy in the last two years.

Who are you trashing?

[GuyMannDude]

This article it typical alarmist FUD. No mention of how much money is saved each year by coders.

This world of perfection exists only in the minds of the pencil pushers at NIST.

(emphasis mine)

So are you saying the article is shit or the 307 page NIST report is shit? Or both? Yeah, there's no mention of how much money is saved by coders. That's because that wasn't part of the NIST study. If you had bothered to even skim the NIST report (the PDF is just a click away) you would have read on page ES-2:

The objective of this study is to investigate the economic impact of an inadequate infrastructure for software testing in the U.S.

Note that the objective of the NIST report is not "Software: benefit or liability".

In the real world, coders sometimes make mistakes because they are...human.

Just because software developers are human doesn't mean that they should be blind or ignorant of the very real costs borne by society because good testing procedures have not been instituted at most companies. NIST isn't saying "coders are crap". They're simply pointing out that software bugs are a serious problem. And then they back it up with 300+ pages of analysis.

GMD

Re:Who are you trashing?

[lelitsch]

I've now been in software development and public policy for about 10 years. (Yes, unlike a bunch of people here, I DO have another life outside of coding). And my basic comment on surveys/studies like this is: "Take 'em out and shoot them for wasting money, bandwidth and braincells."

This is the same BS that permeates the medical profession, social sciences and a bunch of other subjects. Basically, take an informal study (let's send an email survey to some clueless people), contact some industry leaders (send email to some CIOs who have better stuff to do than fill out dumba** surveys), do intense follow up (talk to the 2 CIOs, 3 SQA managers and 500 marketing flak that don't hang up on you immediately), investigate important papers (find the 5 papers by CS wankers that didn't get rejected by some overworked advisors), do an extrapolation (use this fit thingy in Excel with a quadratic or exponetial model), pretty it up in Powerpoint, call some journalist, and publish.

This is not to say that I doubt that sloppy coding it a huge problem. Hey, it took us two years ('96 and '97) to get all to crap out one of our developers put in in a state of demetia, but making sweeping claims like this and throwing around huge numbers is just the usuall pop scientific approach to funding and "scientfic recognition"

Sorry, had a rotten day taking to journalists.

Re:Who are you trashing?

[bryan1945]

(Yes, unlike a bunch of people here, I DO have another life outside of coding)

Hee, hee, hee... yup, and I have a 80 foot yacht for sale.....

For example-
...it took us two years ('96 and '97)to get all to crap out one of our developers put in in a state of demetia...

Kinda scary when: 1) Your company is "crapping" out people; 2) it took 2 years to crap out said people; 3) one developer crapped = screwed?; 4) A basic grasp of English grammar is way beyond your abilities.

Maybe you should stop claiming how great you are since you have no real job (SW dev and public policy- I've done that starting with my 1st freeware program I gave to my township.)

When you move out of your parent's house you will find out that you actually have to really talk to industry people; oopps, I'm sorry, you are so important that CIOs will just flock to you and automatically accept your survey results.

Making sweeping claims about anything you have not investigated is not the best way to fame, either:

Examples- "Basically, take an informal study..."; kind of like this?

"contact some industry leaders (send email to some CIOs...."; like you have some CIOs' private emails.

"do intense follow up"; reiterating info that other people have already done is not considered "intense" nor "follow up"; it's considered plagarism.

I always need a couple of sub-contractors to do my dirty work, if you ever need a job counting cables let me know (I wouldn't trust you to do anything more than that after your post).

Waste?

You've obviously never experienced the benifits of a $20,000 toilet seat.

Turn it around...

[cachorro]

Sloppy coder estimates NIST costs taxpayers $800 million.

http://www.nist.gov/public_affairs/budge t.htm

Sometimes you have to specify the language

[Srin+Tuar]

Because if you dont some yahoo newbie programmer will insist upon using [insert language learned at college here (java)] despite the fact that its less portable, poorly integratable, and terribly slow (for the specific requirement, say a device driver).

Contrary to popular belief, it is possible to write C++, and even C code, that does not contain memory leaks or buffer overflows, just a matter of programming practice and discipline, and not a matter of some compiler/or interpreter holding your hand.

Re:Sometimes you have to specify the language

[Darth_Burrito]

it is possible to write C++, and even C code, that does not contain memory leaks or buffer overflows

The question then is, is it possible to write C++ and even C code that will not contain memory leaks or buffer overflows after it has been modified by [me|random_recent_college_grad].

And if they used/built prototypes that would save

[crovira]

billions every year.

And do you know why they don't? Because ego gets mixed up in it.

NO mangager will ever admit that he doesn't know everything. They too scared.

NO PHB will ever admit that either. They too stupid.

End result ... Surprize. Project X DOESN'T WORK! And its gonna cost three time as much to replace the crap code... And it still won't fuckin' work cause the next guy won't have known something else.

I own http://www.softwareprototypes.com

Mailing campaign. Hand-outs. Post-It pads. And NOT ONE CALL. NOT ONE EMAIL. NOT ONE. Its not like I'd even got a chance to fuck up. They weren't even interested.

I now own a dog grooming salon and the dipshits in the DP/MIS/IT world can all go fuck themselves.

That's another things. How long has the automobile industry called itself automobile industry? Since day dot.

In twenty-five years, my profession hasn't even figured out what the fuck to call itself. Toy makers, tyros and jack-offs.

I don't know wether to be angry or relieved that I've give up on the whole idiotic lot.

I lurk here to see what other loser stupidity they come up with.

Results are bogus

[fizban]

How can they even think to come up with that figure of $59.5 billion??? If they had done their homework at all and studied the software company I work for, they would have to totally revise their numbers...

Up, of course.

Broken Windows Effect?

[xenocide2]

Come on now, thats just funny. It caters so well to the /. audience as well.

so the BSA owes us?

[fermion]

1. This article implies that bugs cost the end user around 30 Billion.

2. The BSA tells us that piracy costs the idustry about 11 biliion.

As far as I can tell, the software industry owes us around 19 Billion in refunds.

Isn't playing with fake statistics wonderful?

Maybe better techniques could be explored.

[rice_burners_suck]

Better testing could allegedly cut that by one-third.

Yeah. And a better education system would cut the other two thirds. I believe that better programming practices would reduce the number of bugs installed to begin with, thus reducing the amount of testing that must take place.

Better programming begins with better design. The purpose of a program and its interface to the outside world (user, system, etc.) must be spelled out initially. Nothing that doesn't fall into the predefined limited functionality belongs in the program. Period.

I mean, you can make a bunch of programs if you need a bunch of functionalities and stuff, but you shouldn't have a ton of junk in the same program. If you know what I mean. I guess you don't, cuz I can see the flames coming.

The program would be well designed, meaning the basic flow of the program would be defined, and then any number of possible ideas and algorithms would be explored during design time. The program should be designed such that algorithms can be exchanged with as little fuss and trouble as possible. In other words, encapsulation and modularity. The design would require the highest level of efficiency possible, meaning that spacial and temporal resources aren't wasted. In English, that means that a text editor wouldn't require 128 megs of RAM and 6 gigs of hard disk space, and would use up as few processor cycles as necessary, by design. In other words, a totally unoptimized program would execute so efficiently that any optimization would practically be a waste of time. You'll find that programs designed for efficiency are generally more reliable as well, because more thought goes into them before any implementation takes place. Finally, robustness would be a pervasive part of development. Testing mechanisms would be built in to the programs, and by design, those mechanisms could be removed at compile time. I'm not talking about debug information generated by the compiler. I'm talking about tests the programmer, tester and "preview release" users can invoke. A testing suite would also be designed, at design time. Project management is also part of the design process... in other words, for each component of the system, what resources (folks, time, money, etc.) are required, what problems are anticipated, etc. All of this is done by the programming team, not by some stupid manager who doesn't know jack about schitt. Once a ton of design takes place, management reviews it. Which features will be present in which release, etc. As much of everything as possible is anticipated beforehand. (Yeah yeah, you'll never anticipate more than 0.0% of the problems beforehand, but it gets you thinking, and that in itself will reduce greatly the number of errors made later.) Management reviews the design, multiplies all time estimates (which are already over-estimated by the programmers) by 2.5, and sign it or whatever. They can't ask for any new features or whatever until the program is written, debugged, tested, released, feedback comes in, a "huge fixes" release is released, more feedback comes in, and it's time to figure out new features again. This could take weeks or months, depending on the scope of the project or whatever.

Once all that designing takes place, implementation begins. That doesn't mean that design ends. In fact, there's no 'design -> write -> compile -> debug -> fix -> write...' cycle. All of those items are done all the time, like you're multitasking or something. Yeah, you could draw out an operational chart showing all those items, so you'd spend most of your time doing whichever stage that you're on (like debugging most of the time, doing everything else some of the time). This is useful because you might be debugging some obscure problem, and then one of your fellow programmers will say, "Hey, who needs this damn routine in the first place?" (The routine you're debugging.) Maybe the design can change a little bit and then the section that contains that damn bug isn't even necessary. Know what I'm saying?

Also, when I spake of education, I was speaking about all the branches of logic, electronics, math, etc. that are no longer studied as part of the programming curriculum or whatever. I'm talking about heavy duty stuff that programmers need to know cold, because it's actually USEFUL! Seriously... learn a little bit about electronics and you'll be surprised at how a few hundred lines of code can literally be replaced by tens of much simpler lines that execute thousands of times faster (not kidding!) and produce exactly the same results, or better (meaning with less problems and side effects). Seriously... when you design electronics, there's no erasing that capacitor once its soldered on the damn board. You gotta draw it right because you can't erase the metal once its cut. And if programmers thought like this more, and didn't think "oh yeah, we can always change it later" then programs would be better. Because, as easy as it is to delete a bunch of text and change it, you and I both know that sometimes you can't change stuff because of side effects. So yeah, it's easy to type, but as a programmer, you gotta pretend that you're carving the damn program in stone, because you'll probably find that it is carved in stone once you've written about 100,000 lines.

So where was I? Oh yeah, programming... So while you're implementing, the design is reviewed often, perhaps every few days or once a week at least. Problems encountered during implementation are tested against the design, and changes to the design are almost invariably made, with a big eye towards reducing or eliminating coding changes.

Oh yeah, and all this is done by the programmers again. The team meets often to review each others work, ask questions, find errors of any kind, criticize, rip the code apart, put it back together, and stuff. This constant reviewing is similar to the peer reviews that used to take place back when compilers ran on mainframes, where folks paid hefty fees for computer time, and had to schedule an appointment weeks in advance. In fact, I'd advocate dropping a mohogany grand piano hood (or whatever that cover is called) on the programmer's hand who makes the most mistakes during a project. That'll teach him (and get him to type slower, possibly leading to more thought behind each character typed). In fact, I'd get rid of the backspace and delete keys on the keyboards, and make the programmers pay a penny for each character they want deleted, and this would have to be done by a specialist who can write machine code to go to that location on the hard disk and remove the character, moving all the others back by one. Some of us would have to give up our whole damn paycheck if that was implemented!

The core routines of the program, holding the most important crap, would probably be written by the whole damn team on a whiteboard, while questions are asked and shit. I don't care how long this takes, it'll save a ton of time in the end. Shit, some of all ya'lls will have to get a huge room with whiteboards all around and sliding ladders like they have in the old-school libraries. (Damn, dude, I love libraries.)

Once in a while, the programming team will actually take a break from the program they're working on (like every friday afternoon, a few hours before you get off work) and study a bit of Knuth or one of the other classics out there. (There are a bunch of them.) Most of those books contain exercises at the end of each chapter. Pick a tough one, and have it solved by noon on Monday. You can think about it all weekend, talk to each other, whatever. This will expand the whole team's range of thought, and cause them to produce better shit.

Oh yeah, and every line of the program would be run through a debugger, in as many combinations as practical, in order to watch what happens when they execute. All the programming do's and don't's learned over the past 50 years would be reviewed constantly, and the programmers would be required to follow all of these (using common sense, obviously).

And of course, testers would be hired who get paid a small bonus every time they get something to fail. They'll be present from the first day onwards, testing even the individual routines before the program runs as a whole. And once the program runs as a whole, they'll get paid even more for each failure. And they'll have full access to the source code, so they can audit it to their heart's content and figure out innovative new ways to crash it and twist it and make it screw up all evil and stuff.

When a program is ready for release, its release is delayed for an additional two weeks (or month, if you can afford it) as the entire damn team tries everything they can to make it screw up. (And yeah, they obviously fix every crappy thing they find. If all ya'll did it right up to this point, there won't be any changes requiring the damn design to change. Just little coding typos and crap.) Then, it's released as alpha-testing to a small group of folks. Then, once that passes, it's released as beta-testing in three phases to increasingly larger audiences. (Each of these testers gets paid a small amount for each bug they find for the first time.) Then, it's released to the final audience as version 1.0.

Now at this point, a ton of support calls will start coming in and stuff, and folks will get suggestions and stuff for wishlists. All this will be accumulated for a few months while the programming team visits each problem and tries to figure out possible solutions. No coding changes are made during this time. These will be explored in theory, with an eye towards killing as many flies as possible in one swat. After a shitload of stuff is accumulated, the programmers choose proposed solutions, go over them along with management, go over proposed solutions, and choose the best ones. The programmers choose the best ones, that is. Management signs it into law, and they can't change their minds. Only the programmers can, if it's important enough, then call a meeting with management again and get the new law signed into law. These are implemented (again, with the same torture-testing as before) and once again, released to increasingly larger audiences, until finally, it's released as a version 2.0. All even versions are "fix" versions. All odd versions are "new features" versions. They can be developed in parallel, with porting going on between versions. Something like that.

I'd even say, during design time, figure out how many bytes of code something will be, how many lines it'll be in the source code, how much memory and time it'll require, etc. Make up limitations, kind of like how car engineers have to make a throttle body fit in a certain place and fit certain restrictions. They get to play inside that area, but other stuff goes in the other places, so you can't make a throttle body the size of the whole damn car and expect the other crap to be changed to fit. Programmers constantly just write crap and assume it'll fit. If you invent restrictions, you'll be surprised how much better the code will be. It'll also be a challenge to make it fit into the restrictions you choose.

Also, here's something all ya'll programmers will like. When the design is reviewed by management, and you say, "Implementing this should take 4 days" (and "this" would be a sufficiently small part of the system that it stands alone and can be estimated, but large enough that it won't be a single line of code or a single routine or something silly like that). Management will say, "Ok. If you can get this part implemented and working properly (in other words, passing all the tester's tests) within 3 days, you'll get a bonus of X." X wouldn't be like 10,000 bucks, but it wouldn't be 2 cents either. It'll be a small amount that when added to the other bonuses you get for getting everything done on time, you'll have some real money. And, a final release date for the whole damn project is estimated by the programming team. This is multiplied by 2.5 by management, and that's their expected deadline. (Then, if it does get done in time, management claims to be "early" and then everyone looks good. Even if it takes twice as long to get done as anticipated. But if it takes two and a half times as long as anticipated, you're on time. And if it takes longer than that, you're only overdue by a very small amount. And if you're really overdue, you're stupid.) Now, if the program can get released within 90% of the originally estimated time (that is, not the 2.5 times more), then the whole damn team gets a hefty bonus. Just to make them think efficiently.

Ooooooooh well.

Re:Maybe better techniques could be explored.

[catsidhe]

And while we're at it, I'd like a pony.

Re:Maybe better techniques could be explored.

[bluebomber]

Some things you left out:

• A steady flow of cash coming into the company while there is no product yet to sell.
  
• Your customer provides all of the requirements in a level of detail sufficient to base a design upon them.
  
• Your customer has a static set of needs and none of the requirements change during the project.
  
• You can find people that can read code, write code well enough to produce good whitebox tests, and who just want to test rather than write production code.
  
• The project is small enough that all of the people working on it can comprehend the design of all of the pieces of the project -- in order to be able to effectively peer review others' designs.
  
• You can find people who know all of the solid mathematical/engineering principles that you mentioned, can estimate, can design, and can program.
  
• None of these people are prima donnas that screw up the dynamics of your team.
  
• Nobody leaves halfway through your project. Although since everyone can comprehend the design of the entire project, this wouldn't impact you beyond the loss of that person's future work.
  

There Is a Silver Bullet: Signal-Based Software

[Louis+Savain]

There is silver bullet. We must emulate the parallelism of hardware ICs in our software ICs. In a 1995 article titled "What if there's a Silver Bullet..." Dr. Brad Cox wrote the following:

Building applications (rack-level modules)
solely with tightly-coupled technologies like
subroutine libraries (block-level modules) is
logically equivalent to wafer-scale
integration, something that hardware
engineering can barely accomplish to this day.

I disagree with Dr. Cox, primarily because subroutine libraries have no analog in integrated circuits. The biggest difference between hardware and software is that the former operates in a parallel, signal-based environment, whereas the latter uses sequential algorithmic code. I believe that this is the main reason that hardware is orders of magnitude more reliable than software. My approach completely eliminates algorithmic coding from everyday software development.

Blame software unreliability on a software coding practice that is as old as Lady Ada Lovelace: the algorithmic code. I am convinced that, if we stop basing software construction on the algorithm, we can expect several orders of magnitude improvement in the reliability of our software.

Re:There Is a Silver Bullet: Signal-Based Software

[vsprintf]

The biggest difference between hardware and software is that the former operates in a parallel, signal-based environment, whereas the latter uses sequential algorithmic code. I believe that this is the main reason that hardware is orders of magnitude more reliable than software.

The biggest difference between hardware and software is the complexity. In a previous life, before software, I did hardware. First, I can't totally agree with the parallel/sequential difference. Many hardware designs depend on the inherent propagation delay involved, becoming in effect, sequential.

Second, do you have any idea how many transistors it takes to mimic a single line of C code? Even using ICs, it's at least two gates (not Bill) for every AND, OR, XOR, etc., plus latches, buffers, comparators and the rest for the simplest program statement (and no subroutines or other reuse allowed).

To replicate any non-trivial program in hardware would be incredibly complex -- on the order of producing an Intel or AMD CPU. Given the kind of budget used for a CPU, any single program could be made extremely reliable -- until the compiler or the CPU changed, of course. I'll believe in siver bullets when the Lone Ranger rides in.

Re:There Is a Silver Bullet: Signal-Based Software

[Louis+Savain]

To replicate any non-trivial program in hardware would be incredibly complex -- on the order of producing an Intel or AMD CPU.

And we all know our CPUs are extremely reliable. I haven't had one fail on me yet.

Given the kind of budget used for a CPU, any single program could be made extremely reliable -- until the compiler or the CPU changed, of course. I'll believe in siver bullets when the Lone Ranger rides in.

It is expensive to build a CPU because of the nature of the beast: clean room fabrication, extremely small tolerances, signal racing conditions, physical impurities, etc... Once these problems are solved, the chip usually performs flawlessly. None of these problems are present in software construction. At least, they should not be.

DO-178B

[Ada95]

I currently work testing airplane navigation sofware per RTCA DO-178B (Software Considerations in Airborne Systems and Equipment Certification). Although its now almost ten years old its still a very guide for the development of reliable software. I often find myself wishing that Microsoft would follow DO-178B when developing/testing Windoze.

Pot? Kettle on line 2!

[Donut]

Geez, another tax-financed study telling us how much is wasted on 'x' behavior in the free market.

Of course, we never see the government tell us how much money is wasted on government behaviors. 60 billion could be found in the couch cushions in the Pentagon.

-Donut

Re:$60 billion... cut by a third... carry the one.

[Hack+Shoeboy]

This is the exact comment I was going to post, but I did a text search on this page for "$20 billion" first, since I figgered somebody else would think of it.
Mod me redundant; I don't care. Parent post deserves (+5, Funny; +5, Insightful). That's economics near equilibrium. Do you think the software industry would be that dumb, if it were actually $60 billion in real losses?

OK---

OK--please expound in simplistic terms for a non mathematician to understand.(if possible)*

thanks

*if the branez/trollz want more, offer that too, I guess, for me, simple works. I'm the customer, explain to me why your system will work better and why.

Time to market, Quality, Price

There was a time when American cars where the greatest car in the World, the same applied with consumer electronics products. There was a time when the paradigm said you can not combine price, quality and time to market.

Then there was Eduward Deming and its Quality Management, and something happend to american industry, after some other guys listened to his ideas.

And now a lot of people say that software can only be produced with bugs, with a lot of features, and costly.

Well there is a guy named Watts S. Humphrey and people on other parts of the world are hearing his ideas about software engineerning and CMM, there is no question that someone will find out how to make software less buggy, on time, and in price.

History will tell, remember that those who forget history are set to make the same mistakes.

Hey

It's a real shame that the problem usually starts with:

void main()
{
...
}

Nonsensical Studies

[RhettLivingston]

This number is completely out of context and nearly useless. To get any use at all from it, we need to AT LEAST know how much money that same software saved the users versus no software.

I also don't know why they say software is unusual in its quality. To even make the comparison, you'd have to build a mechanical equivalent to a million line program. I've seen pictures of simple mechanical processors, but none even close to the complexity of a modern program.

I don't know of any item manufactured that is perfectly bug free. Moreover, most of the bugs in mass produced hardware items are intentionally inserted (or knowingly not removed) by the manufacturers to limit the lifetime of the device.

Automobiles are especially notorious for this and cost way more than our home computers + all of there software. We've known how to build million mile brakes for little more than the cost of the

Let's hear some more about how many billions of dollars the "bugs" in the algorithm of applying the energy of combustion of gas to the rotation of the wheel is costing us.

Funny guy.

What's wrong with this picture:

Problem:C/C++ costs the economy an estimated 59.5 billion dollars a year.

Solution: Escalate the use of C/C++

Re:Funny guy.

What makes you so sure that most software shipped is C++?

Most web apps are Java, and I've never in 20 years in the industry seen software as bad as the average web application.

wow...

[Cynikal]

I wonder where all that money goes?

The worst code in the world

Can be seen in NIST's own EMC Machine control software for Linux. What a hack. It took 30 minutes to get rid of things like #define AND2 && and #define ISEQUAL ==. Who the f would waste time writing such useless macros? And then some dude who had a clue wrote a note on the mail list telling how the algorithms they used where only used in the first expeirmental machines and were ineffecient and dangerous (yes, machine control of cutting blades spinning 6000 RPMs can be dangerous). Your tax dollars at work, writing the worst code, then explaining how it is costing the economy huge amounts of money. What a racket.

Bahh

[Hodr]

In other news, man hours devoted to extra "De Bugging" costs the economy 5x as much as the bugs do. Greater than 50% of this cost is carried by the developer, but thankfully is passed to the end consumer where it belongs.

I wouldn't write such buggy code...

[stickyc]

if I didn't have such a buggy development environment.

one more bug...

[simeon_pimpmaster]

type conversion rounding error in slashdot story causes $.5 billion in damages...

Writing Bug Free Software is harder than you think

[waveman]

IBM had a mainframe program called IEFBR14, whose spec was 'do nothing'. It existed to allow the job control language to allocate files and so forth.

Over the years it had at least two fixes applied to it:

1. Make sure it issues a specific return code of 0.

2. Allow it to work in extended addressing mode, which was not taken into account in the original design.

The first was a spec omission, the second was an unanticipated change in environment.

Testing is incredibly expensive. Most large software projects spend 60-80% of the time on testing. The percentage is higher for more critical projects.

In my COBOL compiler project I spend most of my time writing and running tests. Writing code that doesn't work is fast and easy.

It is unfair.

I don't believe it. Its always the code cruncher who gets the blame. How about bad design?

I've seen a horrible database and code which resulted from a bad design (moving target).

Can I get in on this?

[Latent+Heat]

OK, the bugs cost 60 billion in whatever kind of disruption. What would it cost to produce software without bugs? With current understanding of software development, it would be big bucks, if the Space Shuttle software is any indication (and Feynman said it was the one part of the Shuttle that could be considered overall low-defect and well-managed).

If we have a free market, we are saying we will put up with $60 billion in hassle to perhaps get $200 billion in benefit and skip spending $400 billion to engage in (by current methodology) low-defect software development.

Put another way, spelling and grammer errors in Slashdot postings are bugs, but there is a tradeof between time spent checking everything and reading the postings of wisenheimers complaining about one's syntax.

Re:Can I get in on this?

[anthony_dipierro]

OK, the bugs cost 60 billion in whatever kind of disruption. What would it cost to produce software without bugs?

You can't produce software without bugs. But how much would it cost to fix say one third of the bugs?

If we have a free market

We don't have a free market. The copyright holder has a government granted monopoly on fixing bugs in the software.

Put another way, spelling and grammer errors in Slashdot postings are bugs, but there is a tradeof between time spent checking everything and reading the postings of wisenheimers complaining about one's syntax.

Actually, according to Taco, that's a feature.

"A" does not imply "B"

[Morris+Schneiderman]

Sorry, Gregory Tassey's 309 page report does not say "software bugs are a serious problem". It says that "Inadequate Infrastructure for Software Testing" is the problem, implying that better testing is the answer.

I'm curious why he commissioned "The Economic Impacts of Inadequate Infrastructure for Software Testing".

I've just reviewed it. In spite of the title, the report really seems to be about "The Economic Impacts of Buggy Software."

There are three approaches to avoiding the costs associated with buggy software:

1. Don't use software.
2. Test it to get (most of) the bugs out.
3. Design and develop it in such a way as to minimize bugs.

This report seems to assume (and we know how sales people parse that word) that the problem is in the testing. Let me argue that the major problem is really in the design and development stages.

I know, because I've managed the design, development, testing and support of commercial software which was licensed to major firms with a MONEY BACK GUARANTEE, and we were never asked for a refund.

Yes, bugs were found in our software. Two of them. Each was fixed within 24 hours of being reported by users.

Morris Schneiderman
morris@intrex.net

Because most of it is written in C

[GCP]

Using better languages could reduce software bugginess dramatically, but only if programmers admit they have a problem.

Most developers overestimate the value of custom solutions to every problem. A language like C, with no built-in string type, no collections other than the most primitive array, no memory mgt above the finest-grained primitives, and so on, seduce programmers into working at too low a level of abstraction for most problems.

The nature of C is such that it is a good choice for the software equivalent of "innermost loop" code: small bits of code in constant use with crystal clear functional requirements that never change. The 1% of code that accounts for 95% of all CPU cycles should probably be written in C, massively code reviewed, tested exhaustively, and then left alone to do its well-defined and unchanging job.

Code of this sort should mostly be in the OS itself, or in libraries, although it's also appropriate in the "engine" portion at the heart of Big Apps, like database engines, spreadsheet recalc engines, text rendering engines, etc.

But programmers flatter themselves that everything they write is this type of code and use C for the other 99% for which it is ill-suited. Instead of working at a higher level, using built-in Unicode Strings, well-designed collections classes (where you simply can't write "outside the box"), automatic memory mgt., etc., they foolishly trade safety for speed, reliability for customizability, and so on.

It's so easy to trade safety for speed when you tell yourself that you're such a hotshot programmer that you don't overlook anything (hence no actual loss in safety) and your code is so important that an increase in performance is a Big Deal (probably undetectable to the end user.)

C is the perfect tool for programmers who think this way and a major reason for the general bugginess of software. It's an excellent choice for a small percentage of code and the biggest cause of bugs in the rest.

Re:Because most of it is written in C

[pommiekiwifruit]

Instead of working at a higher level, using built-in Unicode Strings, well-designed collections classes (where you simply can't write "outside the box")...

Well that eliminates Java, at least until they support Generic coding properly. Java cannot even support a collection of ints (it can support one of Objects though, which you can typecast all over the place to be Integers if you don't care about type-safety or memory usage).

A fan of std::vector

Re:Because most of it is written in C

[Random+Walk]

I code in C. I only use safe functions (like snprintf, and OpenBSD's strlcpy/strlcat functions).

I admit that still some bugs show up now and then, but these are almost invariably caused by flawed logic in the code (e.g. the control flow), and I don't see how changing the language would be of any help with that.

Is there any serious study that proves the superiority of a particular language with respect to (say) bugs per function point ? It seems that lots of people claim that Java or C++ are better than C, but nobody ever quotes a reference for this statement ...

Re:Because most of it is written in C

[WGR]

I completely agree.

Coding in C for most applications is like trying to build a skyscraper with only hammers and saws. C is a good tool for making the power tools but it is not itself a power tool.

Interestingly, C replaced assembler language for the same reason that it should be replaced. For many early critical software systems like Operating Systems and Complers, programmers used assembler languge. They assumed that they needed to be written in a language as close to the machine architecture as possible to avoid inefficiencies, since only hotshot programmers could really tune the code, not compilers.

The reality, of course, was that everybody believed themselves to be an elite programmer, so large applications were written in assembler, tieing their owners to particular machine architectures and creating huge costs when the architecture changed.

When Dennis Ritchie, a proven hotshot programmer, came along with a superior Operating Sytem (Unix) written in a higher level language (C), suddenly there was an out for hotshot programmers. But C was also designed to be as close to the machine architectures of the time so you could still come as close to the machine as possible (PDP-11 in particular). That meant C assumed that every user of it really understod the machine architecture, was aware of the tradeoffs and could optimize code written with it to optimize use of the machine.

But because of this:

• C was not designed to be secure.
• C was not designed to be easy to show correct.
• C was not designed to be easy to modify.
• C was not designed to be easy to document.

It was designed to produce fast code, nothing else.

But this is the 21st century. My Handspring Visor is a 100 times faster, with a 100 times the memory of the PDP-11 that C was developed for. The need is not for super fast, super small code, but for secure, correct, easy to modify code, even for a palm computer.

But we still use tools for a PDP-11, when optimal PDP-11 code is not what we need to produce. It is as if we still used a 1927 Ford Model T assembly line to build cars for the Interstate. No wonder they have Model T type problems.

The costs of sloppy coding

[jmorack]

Of coure we have sloppy coding. We have poor programmers for the same reason we have poor teachers, poor doctors, poor lawyers, poor businessmen. People who are only in it for the money.(teachers may be a bad example) They have no talent for the field, they just do it for the money.

Out of thin air

I agree any figure is probably as good as any other when trying to quantify this. Of course, my experience has also taught me that this guess is woefully low.... I'd say 2x or 3x (more wasted time/money) at least...

so how much do they spend on 300 page studies?

[detect]

which aren't asking the right questions?

The entire premise is flawed.

[paenguin]

Software bugs are costing the U.S. economy an estimated $59.5 billion each year, with more than half of the cost borne by end users and the remainder by developers and vendors, according to a new federal study.

Improvements in testing could reduce this cost by about a third, or $22.5 billion, but it won't eliminate all software errors, the study said. Of the total $59.5 billion cost, users incurred 64% of the cost and developers 36%.

This is a load of Hogwash!

Testing can only prove whether or not the code was well written. You cannot fix badly written code by testing it. The most you can do with testing is delay it's introduction into the wild.

Testing is NOT part of the design or development process, which is where bugs are actually created.

Defects found during testing take far longer to find and fix than code audits and walkthroughs take. If you are doing a code audit or walkthrough and you see a bug, you are already at the spot to fix it. If you find a bug during testing, it might take days to determine where the cause is, if ever.

If you want decent code, write decent specs and allow the programmers time to hit a well thought out and non-moving target.

Re:The entire premise is flawed.

[pkesel]

Your argument sounds as though you expect all testing to be done after the code has been written. You don't use unit tests? Pre-defined functional tests? Capacity tests? Integration tests? You just write something and test when it's all done? I hope to hell you never work for my firm if you don't think testing is part of the development process.

Perhaps that works if you're reimplementing Mine Sweeper, but not when you're writing a piece of enterprise-class business software, which is likely what the article has studied. In the big show you write the test plan first and implement the test harness as you go. You define a set of test data that covers the problem space, and you make testing part of the day-to-day routine. Generally you have a QA group who makes sure things measure up, and they're talking to business stake-holders as well as developers and end users.

In the last ten years I've worked for the one of the top financial data firms in the US, a top-ten brokerage house, one of the biggest telco in the US, a top-5 pharmaceutical beneifts firm, and now the top performance improvement firm. I've written custom middlware, data warehousing, web and internet apps, and e-business software. Testing has ALWAYS been a major component of the development process.

Government studies

But let's look at this from the point of view of the government. The reason to do a study is to analyse whether there is a need for public sector involvement. Even if you believe in a fully market based approach in your policies, there are always cases of market imperfections, like environment or monopolistic markets.

If should a study shows a major impact on general welfare, then the government needs to evaluate which policies are at its disposal to tackle the problem.

Simple as that - the robustness, assumptions etc of the actual study are secondary issues.

New Sloppy Jobs!

[Zarf]

This is wonderful for us unemployed programmers! All we need to do is get jobs writing in Sloppy! Does O'Reily have a book on Sloppy? Where are the Teach yourself Sloppy in 30 days books?

Does anyone here write Sloppy Code? ...darn, didn't think so...

Dear Slashdot, I'm a new college graduate trying to get a job making Sloppy Code can you help me?

Simple conclusion

In sales cycles, bugs are not an issue, features are.
So your compatitors will win if they release more features including more bugs, it's as simple as that.

Besides this, more bugs -> more support -> more money.

The world isn't perfect ;-)

Linux Quality Database and Other Thoughts

[goingware]

I'm a very ardent supporter of Free Software in concept. However, while there are many excellent examples of high quality Free Software products, there are even more that are of very poor quality, and the confusing patchwork produced by integrating this jumble into a typical Linux installation leaves a great deal to be desired.

I'm very impressed with the work of the kernel developers, but when I first joined the linux-kernel mailing list to resolve a bug when I started testing the 2.3 kernels a few months before 2.4 shipped, I found the process of reporting a bug and making sure it got fixed quite intimidating. I think it takes more intestinal fortitude than most people who might otherwise want to help the developers are likely to have.

That's why I started The Linux Quality Database.

My original concept was to provide a powerful bug database to enable end users to conveniently file more useful and informative bug reports, combined with sophisticated search facilities to aid the kernel developers in looking up bug reports.

For example, one might be able to search by the values of kernel .config file entries as well as hardware that is or isn't present in the user's system. This isn't something you can do with bugzilla, although possibly it could be extended to do so.

Unfortunately the dot-com crash happened and I had to bust my ass just to survive so I haven't got anywhere with the bug database yet.

But I also had the idea of using the site to educate other programmers, testers and users about how they can improve the quality of all Free Software, not just the kernel. So I started writing articles on various topics as they occured to me and posting them in the articles section. All my articles are under the GNU Free Documentation license. The Open Source Development Lab mirrors a couple of them and I'm quite stoked to report has made Japanese translations.

I invite others to contribute articles or advice, and of course since the articles are under the GFDL you are welcome to republish them elsewhere or include them in distributions of Linux or other software.

The articles available so far are:

• Why We Should All Test the New Linux Kernel
• Using Test Suites to Validate the Linux Kernel
• Use Validators and Load Generators to Test Your Web Applications
• Pointers to C++ Member Functions

That last one was posted just night before last, and while it may seem a little off-topic, member function pointers provided a neat and simple solution to a severe performance problem I was having recently. The KDE, AbiWord and Mozilla folks would likely find it helpful. It's not quite finished yet though.

I think it's important to take personal responsibility for improving software quality. Rather than griping about Microsoft, your managers or your coworkers, strive to write better code yourself, educate your coworkers (for example by writing articles like I do), and stand up for yourself when the management attempts to bully you into writing bad code.

Don't just try hard. That's like pushing against a stone wall. Learn better practices, and also reflect upon past experiences in your own work and that of others to understand what works well and what doesn't.

In the last couple of years I have found that adopting unit testing and automated functional testing, as well as frequent use of assertions has enormously improved the quality of my own work.

They have also improved my productivity and made my experience of developing it much more pleasant. It's also impressed my clients because my code works so much better than that developed by their own programmers in house, so that despite their urgency to get code into production yesterday, they have been very supportive of my automated testing strategy and my high personal standards for quality - and they are starting to adopt some of what I do into their own process.

The best book I have found for teaching automated testing is John Lakos' Large Scale C++ Software Design. While much of it is of course C++ specific, the majority of it applies to any language.

One important thing to understand is that programs that have a rat's nest of dependencies between modules are difficult if not impossible to unit test - Lakos details methods to quantify, understand and manage dependencies within a program, not only to aid testing, but to enable module reuse (so modules can be used in other programs without dragging everything else along), aiding comprehension by developers and speeding build times.

Prevention is better than cure

[mrjb]

Better testing could allegedly cut that by one-third.

Better testing might find a few more bugs, but it would have been better to have prevented them in the first place. True, code coverage tests and automatic testing catch a few bugs that can not easily be caught in other ways.

However we can do much more. Code reading finds twice as many bugs per hour as testing (see 'Rapid Development', MS-press). But this still relies on 'the human factor'. If we are ever going to create bug-free systems, we are going to have to reduce 'the human factor' further.

Better development tools can help prevent bugs too: visual tools help reducing the amount of code we need to write. Garbage collection can prevent memory leak problems. Folding editors can give better overview.

It could help to have development tools that force the programmer into good habits rather than depending on their discipline. Even a high level language like Java still happily allows the programmer not to check function return values. I'm generally not a fan of functional programming languages, but they did seem to get that part right. Although it could be annoying at first to be forced into good habits, it would soon become second nature. Ever forgot to declare a variable in a strongly typed language such as Pascal or C++? You get the point.

All things taken in consideration, there's nothing that helps prevent bugs like having a solid, complete design before programming starts. Unfortunately in the real world we have to deal with changing needs. Our current generation of development tools doesn't anticipate that our systems will change a lot. When it comes to changing the structure of our application, we are pretty much on our own.

Finally, even with perfect tools it will be a challenge to create perfect systems. Clients have a tendency not to tell what they want, but to tell how they want things done (and not really knowing what they want). As a parallel, at the doctor they would tell 'I want you to give me an aspirine' rather than telling 'I want you to cure my headache', disregarding the cause of their headache. It's not always easy to tell the client that he really needs to have a tumor removed that another doctor put in.

Sloppy Article Title Costs Estimate $0.5B/year

Film at 11.

Top 10 reasons to upgrade to Visual Studio .NET

Top 10 Reasons to Upgrade to Visual Basic NETMicrosoft Visual Basic NET included in Microsoft Visual Studio NET Professional Enterprise Developer and Enterprise Architect editions is the latest version of Visual Basic built specifically for existing Visual Basic developers who want to get the most out of the software development experienceIn addition to more power productivity and application stability Visual Basic NET provides key enhancements that solve the most pressing challenges that Visual Basic developers face today From the new integrated development environment IDE to a modern streamlined Visual Basic language Visual Basic NET delivers the top requested features built for todays Visual Basic developerNumber 1Seamless DeploymentVisual Basic NET solves the most pressing issues around Windowsbased application deployment and makes DLL Hell and component versioning issues a thing of the past New XCOPY deployment enables developers to install a Windowsbased application simply by copying files to a directory With Visual Basic NET and new autodownload deployment Windowsbased applications can be installed and executed simply by pointing a Web browser to a URLNumber 2More Robust CodeVisual Basic NET delivers the feature most requested by existing Visual Basic developersfewer bugs in the code they write Features in the new Visual Studio NET IDE such as the realtime background compiler and the task list keep Visual Basic developers uptodate on any coding errors as they occur enabling quick and effective error resolution Enhancements to the Visual Basic language such as strict type checking and structured exception handling enable developers to write code that is more robust maintainable and less prone to runtime errorsNumber 3Powerful Windowsbased ApplicationsVisual Basic NET is the most productive tool for constructing powerful Microsoft Windowsbased applications The new Windows Forms Designer enables developers to get their desktop applications to market in less time New features include control anchoring and docking to eliminate the need for complex resize code the inplace menu editor to deliver WYSIWYG menu creation and the tab order editor to provide rapid application development RAD organization of controlsNumber 4Powerful Flexible Data AccessVisual Basic NET provides developers with both the ActiveX Data Objects ADO data access programming model that they know and love plus the new XMLbased Microsoft ADONET With ADONET developers gain access to more powerful components such as the DataSet control and a new strongly typed programming model that provides Microsoft IntelliSense statement completion within data access codeNumber 5Simplified Component CreationVisual Basic NET brings RAD to component development Developers can use nonvisual toolbox and server explorer components to easily incorporate resources such as message queues event logs and performance counters into their applications without writing a single line of codeNumber 6Enhanced Control CreationVisual Basic NET provides unprecedented flexibility in building customized user controls Developers can easily extend preexisting user controls and Windows Forms controls as well as design their own controls that generate custom user interfacesNumber 7Complete Direct Access to the PlatformVisual Basic NET provides complete direct access to the Microsoft NET Framework enabling Visual Basic developers to quickly access the registry event log performance counters and file system Visual Basic NET also eliminates the need for declares statements for access to the operating system In addition the new Windows service project template enables rapid application development of real Microsoft Windows NT ServicesNumber 8Integrated Reporting with Crystal ReportsUpgrading to Visual Studio NET Professional Edition or later provides Visual Basic developers with the power of Crystal Reports directly within the IDE Crystal Reports delivers the most productive integrated and RAD experience for creating highly graphical and interactive relational data reports These reports can be generated for the entire array of Visual Basic NET application types including Windows Web and mobile applicationsNumber 9Easy Webbased Application DevelopmentVisual Basic NET delivers Visual Basic for the Web Using new Web Forms you can easily build true thinclient Webbased applications that intelligently render on any browser and on any platform Web Forms deliver the RAD programming experience of Microsoft Visual Basic 60 forms with the full power of Visual Basic NET rather than limited scripting capacity The new HTML designer delivers IntelliSense statement completion for HTML tags and the separation of user interface UI and code enable more efficient teambased developmentNumber 10Existing Investments Carry ForwardVisual Basic NET enables developers to leverage their existing investments in code and skills Windows Forms provides a robust container for Microsoft ActiveX controls Component Object Model COM Interoperability provides bidirectional communication between existing Visual Basic applications and those written with Visual Basic NET The upgrade wizard enables developers to seamlessly migrate up to 95 percent of existing code to Visual Basic NETPut these top 10 features to work in the applications you are building today with Visual Studio NET and Visual Basic NET

-pwpbot

Open source everything, and Write it in Fortran 77

[luzrek]

The only language I can think of that meets the requirments of, well defined strings, automatic memory management, and well-designed collection classes is Fortran 77.

I guess we should also switch back to Tektronics 4010 terminals to get rid of problems with video glitches, and regress back to DOS since there is no blue screen of death.

Anyway, the main advantage to writing in C, C++, or any other programing lanuguage with Powerful memory management and well developed libraries is that you don't have to use the basic functions. You can use "safe" functions from well known libraries or make calls to routines written in other languages. I'ld say that crappy programming is 50%, and the other 50% is a lack of Quality Assesment.

Microcode can have problems too

[pnadeau]

There have been problems on Intel and AMD processors traced back to faulty microcode though.

Yes, and . . .

[pkesel]

How much does sloppy construction practices cost? How much does sloppy auto repair cost? Sloppy housekeeping? Sloppy dry cleaning? Sloppy food preparation? Sloppy medical service?

What about sloppy bookkeeping and auditing at major firms in the US?

Why has somene singled out the computer business for assessing the cost of shoddy work?

Re:Yes, and . . .

[Joel+Ironstone]

You can sue your contractor. You can get sick from bad food preparation and sue. There is really no precedence for negligence in software developement. People just restart and continue... sometheing you can't really do with a bridge.

Re:Yes, and . . .

[pkesel]

There are two precidents.

The first is quality guarantee. Most reputable software consulting firms have some sort of guarantee. The firm I worked for for several years had a full satisfaction guarantee, and on occasion they had to pay on it. They sometimes put a bonehead somewhere and it didn't work out.

The second has to do with third-party software vendors. Most of the time if they sell you something there is a clause about time to production, overall usability or some such thing along that line. If what you've agreed to buy won't work for you the deal can fall through entirely, it can come at a significantly reduced price, or their consultants can come in and figure out why and try to make it right.

And there is always the right to bring damage litigation (law suits) against any firm whose product has cost you time, money, market presence, whatever. If you can quantify it and show proof that the damage is directly attributable to the failure of a particular product, make your case and see what you can get. Most of the time I'd bet it's settled.

Re:Yes, and . . .

[Joel+Ironstone]

But its more difficult with software to PROVE whose at fault. There are so many interacting components that peopl ewill contiunally pass the buck to to the interacting vendors. It is a windows problem...no its a motherboard problem...no its a. So people sya forget it I guess its just my problem. I suppose this is a definite advantage to opening up source. one could point to a line and say there that's the problem, its yours, fix it.

Everything is relative...

[Snake]

While $60 billion is a huge amount of money, let's consider the following facts:

• Is it cost-effective to eradicate bugs? (think: is it cost effective to secure credit card to eradicate fraud? Banks prefer to eat it.)
• Is this amount really damaging to the economy? (ie: $60 billion/year is not much against the GDP)
• Enron market cap. at this top was $60 billion.

BTW, the report seems interesting. I've just downloaded it. It seems that it's got /.'ted (this reassures me that most /. are checking facts before replying...)

not first to market, rushed to market

[Infonaut]

You're right. I was wrong to say "first to market. A more accurate term would have been "rushed to market". Microsoft waits until a market is created, then pushes something out the door to show that yes, they're in that market as well.

Of course, this leads to the dreaded "Microsoft is entering the market!" syndrome.

[OT[ Re:Simple economics...

[ComputerSlicer23]

To be blatantly honest, I'm just repeating a statistic I can't cite the source because I've forgotten where I heard it. Surviving isn't all about the plane not crash landing. It's about living after you get out of the plane. There is an incredible engineering that could go into creating a "seat" that if a human was in it and hit the ground at 400MPH the would survive. If the black box can survive, more then likely a human can too. It just isn't cost effective to do that for 180 people on the plane.

But how much would it cost to test and fix?

I'm not saying testing is a bad idea, but testing has a cost. How does the cost of testing compare to the cost of not testing?

I am responsible for most of this...

[JimFromJersey]

yup, 59,999,999,999.99$ is my fault. As for the other penny? I have no idea.

Actually....

[Da+VinMan]

...I don't care how well constructed the report is when it's premise is fundamentally flawed to begin with. What are they trying to accomplish by pointing out how much defective software costs us? Why *didn't* they point out the opportunity cost of not having the software in the first place? Why is no one able to state how much *benefit* there is in having that software, defective or not?

If you could weigh the benefits of the software against the costs of defects, development, etc. you might actually have something useful. For all I know, that may be what NIST intends, but somehow I doubt it.

Armchair philosophers are a researcher's best friend in finding out the questions that matter. NIST should have consulted a few before embarking upon a study which is essentially worthless to the industry or the general populace. (Note that such a report is good stuff for consultants who want to place QA resources. Hmmmm...)

Re:And if they used/built prototypes that would sa

[mOdQuArK!]

Dunno if it's because of the industries I've been working in (first a big document management system, then semiconductor CAD), but I have rarely seen where software prototypes have been very useful on a large scale. As long as your requirements fit _exactly_ what the prototype was built to handle, then you can use it - but the moment your problem space includes something that wasn't taken into account when the prototype was designed, in my experience the resultant system is often twice as complicated & hard-to-maintain as something which was built custom for that application.

On the other hand, I've found the "component" concept extremely useful & productive. I love small components with well-defined, well-behaved functionality.

Re:Broken Window Fallacy

[jaoswald]

The "broken window fallacy" is a fallacious argument, which goes something like this:

"Hurricane Andrew blew through here and created millions of dollars of business fixing broken windows. Why don't we break windows all the time to stimulate the economy, instead of waiting for a random act of Nature?"

The resolution of the fallacy is that we have used economic resources (the materials and labor of window-makers and window-replacers) to restore the status quo, when those same resources could have been used to make new windows, leaving us with more than we had before.

In the case of World War II, what "cured" the Depression was the increase in government spending, employing formerly idle labor to build tanks and ammunition, etc. That is a real increase in economic activity vs. people standing in bread lines, wasting their potentially productive labor. However, we could have alternatively used that labor to build automobiles, office buildings, modern sewer systems, power plants, or anything else, instead of blowing things up in Europe and Asia.

The stimulus to the U.S. economy would have been similar, but Germany and Japan would have been better off as well. Net gain to the world. [This is neglecting the economic losses caused by the system of wartime rationing, which were substantial.]

Of course, Germany and Japan had to be stopped, and the destruction of their homelands and conquered territories was the only practical way of doing so. That's a tragedy, though, not a happy ending.