Slashdot Mirror
Java Apps Have the Most Flaws, Cobol the Least
dcblogs writes "An analysis of 745 applications for violations of good architectural and coding practices found that Java applications had the most problems and Cobol-built systems, the least. Some 365 million lines of code were analyzed by Cast Software to assess 'technical debt,' or the cost to fix the violations. Java was calculated at $5.42 per line of code, while Cobol did best at $1.26. Cobol code had the least number of violations because programmers 'have been beating on it for 30 years,' said Cast. As far as Java goes, 'there are many people going into Java now that really don't have strong computer science backgrounds,' said its chief scientist, Bill Curtis."
That COBOL code has been maintained for like 30 years, it would naturally be rock solid by now.
To offset political mods, replace Flamebait with Insightful.
So... masturbation makes you a better programmer? That explains a lot about guys living in their moms' basements.
In today's agile world, who gets time to maintain technical debt. How does paying technical debt ever give your app that new feature that your marketing department is pushing for -- to have out by tomorrow. I think the rules have changed in how companies push their software development organizations to deliver software. That may be the biggest reason that quality is different than it was. That and the other programs have been worked on forever.
this is no assessment of Java vs Cobol, but of seasoned programmers vs half-skilled newbies.
I would imagine that the reason Cobol code has so few bugs is because the vast majority of it was written years ago and any bugs that might have been there have been fixed already. I'd be more interested in a study that compares only new code that hasn't had the benefit of years of maintenance and eyeballs.
Java is the "training wheels" of programming languages.
Applications run in a sandbox, where inexperienced programmers can't do real damage to the system.
Then again, if you don't do real damage, how do you know how to avoid it?
Memory management is hard, let Java do it for you.
Sorting is hard, let Java do it for you...
X is hard, let Java do it for you..
So we have a generation of programmers, who are really nothing more than typists, who can bang together a half way working solution, without having to worry about memory, or other "hard" things, because Java can do it for them.
No need to worry about optimization, memory utilization, algorithm choice , etc get just it minimally working.
"Java EE, Cobol, .Net, C, C++ and other programming languages". Really doubt that PHP applications were checked there.
If you look at enterprise world (which is what they analyzed) you'll see that either Java or C# are most widely used. Which means most new/inexperienced/crap developers get to work on these projects in Java and C#. Which again means most mistakes & hacks & silliness. All the speciality stuff using exotic languages gets better people. And cobol applications in use today are either really mature and good quality or discarded years ago.
There are very few good team leads and architects who actually stand their ground and demand both quality from developers and resources to do quality work from their managers... And there are probably fewer managers who understand that quality needs time & resources...
--Coder
Sure, it's easy to conclude that teams writing COBOL programs have more development discipline, but there's also something to be said about the overall complexity of the languages. There are huge differences in the range of capability in the core language, the range of different expressions to solve the same problem, and the range of handling different modes of process (serial, concurrent, federated, etc.).
[
The only real coding practices that mean anything are:
1) Does the program work
2) Can the program be maintained
3) Can a normal developer understand your program
4) Is your program acceptably bug free
When you start breaking down coding practices into line formatting and variable names and etc... etc... etc.... your no longer programming your doing document management and personally I'm not going to write my embedded systems firmware in word so let me program.
Where?
Some of this might be because the COBOL code was written by seasoned coders who have learned many of the lessons that newer coders are still needing to learn.
'there are many people going into Java now that really don't have strong computer science backgrounds,'
Honestly, as if you need to do CS to be a good programmer. I know plenty of people who write unmanaged code and blow most CS majors away.
If anything CS are mostly trained in managed and interpreted languages like Java and this should actually make Java first instead of last. But instead it's last...I think this says more about the inability of schools to keep up.
This useless study is equivalent to comparing the brands of hammers by their respective number of nails required to build a house.
Our Java teacher was a total dick. He gave us really odd examples (copied out a book), ran off and told us to get on with it. Then came back near the end of the lession with us all (excpet one geek) pulling our hair out with runtime errors. We didn't know how to fix the syntax errros we were all getting. It's a shame because Java looked good and is used on so many different OS's. We all ended up trying to get help of the resident geek.
Most COBAL applications while do a lot of processing they are not required to do much in terms of advanced coding. We expect more out of Java Programs then we do with Cobal. Java Apps need a cool fancy UI that handles every users whim. While the COBOL app has a menu you type that Item fill those fields and the record and hit process and wait.
If we were to one for one recreate those COBOL apps in Java without anything new. I will bet those Java Apps will run just as well.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
(..) assess 'technical debt,' or the cost to fix the violations.
Sounds like a very useful metric: the cost of fixing a bug. Or perhaps even more useful: the cost of a bug as it's released into the wild. That is: the total cost of stumbling on that bug, reporting it, discussing it, devising workarounds, producing & testing a patch, bandwidth / system maintainers' time for checking whether to apply it, actually doing so, cost of a site hack resulting from that bug, etc, etc, all of that vs. no bug in the first place.
With that as a metric I suspect even minor bugs have a massive cost if you're talking mass-used software like popular OS or the embedded software that runs smartphones etc. And considering that massive cost, it might make sense to invest massive effort trying to find bugs before software is released. At least for popular and/or mission-critical software...
So let me get this straight, a company that sells tools to help you find and fix issues in code ran a study that indicated that one of the most prevalent enterprise platforms has the most issues, therefore companies using it have the most need to buy their tools? Shocking!
I say this as someone who has the highest respect for people who go on about comonads, dependent types, information density, p-spaces, and so forth, so don't think I'm bashing CS, but dear lord SPARE me from the production code written by ivory tower eggheads, or from the programming languages designed by people who aren't. These folks came up with Algol-60, not wretched slithering masses like COBOL. The guys who have the fortitude to actually work with COBOL for decades, however, are the ones I want to maintain my systems, because they actually prefer it in the trenches. "One more abstraction layer" involving factories of managers of contexts simply isn't how they work. Nothing wrong with abstraction, it just needs time to shake out, and I'd rather someone else did it.
I say that as someone who's writing systems in Scala using frameworks that are barely a year old, but I know and freely admit I'm building on sand, or at least a very wobbly moving platform.
SQL is also traditionally written in ALL CAPS, yet look at all the SQL injection vulnerabilities that have been used to break into high-profile web sites.
Java is one of the languages currently used by students (along with VB.net and sometimes C++ or C#). I would not be surprised if the high relative bug count is due primarily to the number of inexperienced programmers working in Java.
...is better than the stuff made now? SHOCKING!
Marketing zombies have always been hungry for a fast release and to the devil with the quality/stability of a product. Even in the early days of COBOL this was so.
Fewer bugs not less bugs.
You wouldn't say "much more bugs," you'd say "many more bugs." It's the same with less vs. fewer.
Cast Software should have evaluated 'defects per function point' - not 'defects per line'.
http://www.qsm.com/resources/function-point-languages-table
http://www.castsoftware.com/resources/document/whitepapers/monetize-application-technical-debt
I'm not terribly surprised that Java ranks so low. I myself write in Java a lot, and greatly enjoy it's syntax, (although I don't have as much respect for it as I do for C, C++ & Objective-C. Maybe it's just psychological, but that JVM will always make me feel like the outcome is inferior). Java has exploded over the last decade, and is used by many who would not call themselves Programmers. They program in Java, but they lack the mindset, and passion of a true computer Programmer. I still have a lot to learn, but I feel that much of the problems with Java may stem from the fact that it is a language often used by those who are not interested in elegant coding, simply getting something that works. This isn't to say that Java Programmers are inherently flawed, but that it attracts many that are. COBOL on the other hand... well, anyone who writes COBOL these days is probably a true Computer Scientist, and been in the industry a very long time. And yes, it's been around the block a few times. It, like Fortran, has been around for EVER (but then again... so has BASIC) and it's kinks have largely been worked out or worked around. It's not that COBOL is a better language and Java is inferior, when it's all said and done, it's the Programmer who makes or breaks the elegance of the code.
~theCzar
I would venture to say that it's not possible to write a nontrivial Cobol application using good software engineering.
The say most viruses are for windows, yet when you consider the amount of windows machines vs any other, for sure there will be more chances that someone wants to hack it vs. a less used system. The same can be said for a language that is less used then any other...the more language you use the more likely someone can make an error in the syntax.....so for 1 billion lines of code in java vs. the million lines of code in cobol...guess what....apples and oranges...
Oh, COME ON. I know there's some geek pride in not giving a damn about grammar, but really, in the headlines?
"Fewest", not "least".
(feel free to quibble with the punctuation outside the quotation marks)
Beside server-side, start by showing me COBOL codes that can play music, MIDI, animation, display web contents (HTML), VNC, VOIP, text chat, audio chat, video chat...
Do those also on cell phone, PDA, tablet... ... then maybe I would agree to talk seriously about some grueling comparison between COBOL and Java
As somebody who's worked in COBOL and Java shops (within the same company), let me say "Duh!".
It's not so much the language as the typical environment it's used in, combined with the experience.
People working on Cobol are usually working on mission-critical applications, Java applications are typically less mission critical.
In practice I find that the cost of a bug is usually a pretty good measure of the quality of code; I've worked on code where an hour of downtime literally costs over a million dollar and I've worked on code where a full day of downtime means some user might have noticed it and had to wait a day. There are people working on code where a few seconds of downtime means death. Want to guess what code will be the best quality?
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
My head asplode. Function points are a uselessly subjective and abstract metric.
The problem with legacy COBOL is the occasional Waterfall program. That means that you flow from the beginning of the code to the end, occasionally skipping chucks of code with branches that lead to two different GOTO statements. A good COBOL program only uses GOTO to skip to the end of the procedure it is in, not to go to any arbitrary label in the program. You can write a good COBOL program that doesn't jump around all over the place if you bracket your code with procedure names and call those procedures properly.
My COBOL is a bit rusty or I'd give examples.
After all, most Cobol programs haven't really been growing much and all they have had done to them is bug fixes. After 3 decades of bug fixes they ought to he rock solid by now.
Was there any analysis of Ruby tech debt, or would that just be division by zero since it's just going to be thrown away in the end?
This just in, intensive analysis has revealed that a hammer has fewer flaws than both Java and COBOL!
If I put a room five JAVA/C# developers on doing a particular task I am most likely to end up with four if not five different implementations. With the five COBOL (or similar "old school" language) I might end up with two, on the outside three.
I always though the big feature of certain "object oriented" language was their re-usability but even in house far too many roll their own and have a litany of excuses as to why what they did was better than someone else. Don't even get started on libraries. Standards do reign people in but they don't hit at the other problem, just doing simple work with files is no fun compared to the simplicity it is in COBOL or other business languages. Hell, dealing with money, forget it, COBOL and business languages do that very well. I can search for handling decimal positions and such math for other languages and I wince at all the "try this" I get back.
One team at my friend's shop has a person whose entire job is fixing values in the data base because the "web" guys keep screwing up simple things. His words, not mine. However it still comes to languages which don't provide simple solutions but instead give you so many solutions you actually end up with worse off.
* Winners compare their achievements to their goals, losers compare theirs to that of others.
They are talking about using sound programming, not just bugs.
I immediately have to question the quality of the analysis for each language. If Java's analysis is more in depth than C++, it's obviously going to look worse under the microscope. Using a common value for each violation does not an equal comparison make. Also, smells like an ad...
That might skew the cost on COBOL's side a bit...
As far as Java goes, 'there are many people going into Java now that really don't have strong computer science backgrounds,' said its chief scientist, Bill Curtis."
This is indeed true, but, as a Computer Scientist, I don't necessarily agree that one truly needs a CS background for most enterprise computing related tasks. What a person needs is technical depth, analytical skills and, mucho importante, organizational/spatial skills that allow a person to design and/or work with large amounts while coping - efficiently - with rapid code change (read as "can write code of sufficient quality under pressure, combined with an ethic of never delivering shit without sacrificing deadlines"). People with MIS and Computer-based Art degrees have also done well without a CS background... and there are people with CS backgrounds that should never be allowed to be near a keyboard.
I would change Mr. Curtis statement to the following: many people going into Java (and .NET and PHP and most other stacks related to Enterprise Computing), for one reason or another, end up lacking the technical depth necessary to be a good programmer/software engineer. Combine that with the ever changing face of modern enterprise computing and you can see why the greater technical debt cost per line of code.
Your bank transactions are done with it, your payroll most likely... all the stuff that matters.
COBOL is the Mac Truck and Container Ship of I.T.
When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
one requires training and adherence to good practices, the other can be used by any Jaba to slap some shit together.
No surprises here.
The Kruger Dunning explains most post on
From my experience with financial companies, COBOL still is entrusted as the God of all Data and backend processes, but almost no user input is provided directly. In fact, most of the COBOL I've worked with has ASSUMED that the data is good and non-malicious. Either that, or the security checks were in the user interface code, which was abandoned 20 years ago. My guess on this? The COBOL still out there has very small attack surface...it's encased in a warm, porous, gooey layer of Java/PHP/.NET/Ruby/Groovy/Grails/G-g-g-g-g-unit! The fact that PHP (and to a lesser extent, Java) was designed by and for script kiddies does not help either, buy hey!
Great features for masochists to maintain horribly engineered legacy systems, including (but not limited to):
No recursion or dynamic arrays: hard coded implementations at compile time, off by one errors, limited toolset
Global comm(memory) access is the rule: ad-hoc code, debugging errors due to opverlaid memory can take days
Lack of OO Concepts: lack of abstraction, repeated code, ad-hoc code
No automated testing: unavoidable code rot, makes TDD impossible, ad-hoc code
Lack of frameworks or simple library functions: no option but to always rebuild the wheel
Horrible IDEs: Completely inaccessible (try downloading a COBOL compiler), Worse to code in than notepad, costly and eternal vendor lock in (hope you like micro focus)
COBOL Culture: Programmers are a dime a dozen, Analysts with domain knowledge and no technical ability are awesome
Java apps are to be written as fast as possible without sleep and you have ZERO time for debugging and testing before it ships.
Cobol apps are designed properly, go through reviews, testing, more testing, and the programmers are given the time to perfect it.
Do not look at laser with remaining good eye.
I've done all that with COBOL., except the portable stuff. Not that I couldn't.
http://www.netcobol.com/cobol-compiler-for-net/
Anyways, you comparison doesn't matter. It's not which is a better language, or which can be used to build more shit.
The shit that's out there, COBOL has fewer bugs...which is too be expected.
It doesn't mean Java is useless.
"Beside server-side,"
yeah, I like how to try to move the goal post to fit your statement.
The Kruger Dunning explains most post on
C'mon guys, maybe I missed someone commenting on the extremely obvious, but COBOL code is less "buggy" because COBOL code does 1/10,000th of what Java code does. COBOL code is several orders of magnitude simpler and the problem space it addresses is so very small compared to Java.
As proof I'll create a computer language with 10 commands that simply moves an image of a turtle around a screen. Guess what? 99% of programs written in that language will be bug-free. Why? Because it is a simple language.
Ergo, COBOL is like using a screwdriver to do things only screwdrivers can do while Java is like a whole workshop full of tools that will let you build almost anything and, yeah, you're going to mess up more often building almost anything.
How much per hour does it cost to get an OK Cobol programmer to come fix stuff versus an OK Java programmer?
There are lots of possible reasons for the disparity, including, as others have pointed out, that a "line of code" doesn't mean the same thing between Cobol and Java, but if it's going to be reported in dollars instead of hours, then it needs to be made meaningful by the difference in costs for the two languages.
This is pretty obvious as to "why".
Java: mostly written by inexperienced undergraduates and Indians with only a couple months of experience.
Cobol: mostly written by the (relatively speaking) Gods of Computing, in a better age.
So say we all.
~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
Seriously, lines of code? No surprise this guy favors Cobol, he is stuck in the eighties. So are more compact languages scoring higher for the same number of bugs?
You sound like just another whining bitch who doesn't know what the fuck he's talking about.
First of Sandbox? What the fuck are you talking about, unless you're referring to craplets.
Java programers prefer to work on actual problem, and not spending hours writing memory management boiler-place.
Sorting is hard? Really? Sorting is a waste of effort, the algorithms are already well known, why the fuck should I have to waste my time re-hashing them? That's old shit.
And in java you do have to worry about optimization, memory utilization and algorithm choice; you just don't have to worry about re-implementing shit you learned in a basic data-structures class.
a.) The number of acceptable bugs in a 'typical' Java program is generally going to be much higher.
b.) COBOL programs have been typically under maintenance and burning down bugs for a very long time
The end result? COBOL programs are less buggy. Nothing to do with the language, not much to do with the programmers, just a result of the different structural realities around the sorts of software written in their respective languages.
So here we go again: circle-jerking to the awe-inspiring deities of neon-green font set against black backgrounds... Here's what you have to ask yourself: "Is it really worth it?"
I'm a guy coming close to 30, so right there the lords of bytes around here will assume I know nothing about everything. That's okay--it rolls off me like buttah--but when I graduated from my undergrad back in in the day, I immediately accepted a job-offer from as a COBOL-2 developer. My experience there didn't last more than a year (for many reasons.) One thing I know for sure is that you can't stick any ole Tom, Dick, or Harry into a COBOL seat and expect them to produce gold. Why management at this place thought this about me is totally beyond me. I think it had something to do with some words that were said about me by my instructors because if it wasn't for my instructors, I would have never had the interview in the first place. If you ask me, I think management of these kinds of shops are in a type of "panic mode" because they realize that nobody in their right mind *wants* a job like that regardless of whatever money is on the table. Since the seniors are all retiring or simply getting cut or literally dying off, well, that leaves slim pickings in the wake... For example, I know of only 2 schools in the Midwest that teach that old shit.
Anyway, I worked there for about 1 year and it was one of the most painful experiences of my life, and if you knew me, you'd know that that's saying something. Did I know anything about COBOL-2? Nope, and I never wanted to before I got on board but lured into the web with sweet whispers was I... My intern background at my school consisted of CSS and PHP!!! Ha. After a year and $45,000 worth of depression-assisting salary, starting out, do I *want* to learn more about it with the idea that this starting rate eludes to an unparalleled amount of senior-level salary? Hell no. The job sucked, the projects made you lose hair, the language blows despite being some sort of supposed fantastical feat of modern-day technology, the management personnel are slavers who are almost all prescribed some sort of anti-psychotic drugs and everyone I ever met in that place wore an expression on their face that begged and pleaded, "Help me. Please... Help... Me."
I'll kill myself before I ever return to something like that. I swear to god I will. The management in these kinds of shops realize this kind of reaction, too, which is why you never want to mention to any of them during an interview that you want to get your foot in their door as some mainframe developer just to do something else, like web development... That is, if you're an odd sort and want one of these jobs. Doing so turns them off faster than a light switch and you know it's true if your own recruiter says that to you the night before your interviews.
Say what you want about these "seasoned gods" of COBOL, JCL, and whatever else they dick around with for 365 days each year. Personally, I feel sorry for them because I can't help but think about how much life they've wasted on that stuff. I know, I know... It's my opinion and just someone's opinion, but still... I've seen what goes on in these places and it's a living hell.
Oh, and for whatever it's worth, COBOL people do get tossed out the back door just like everyone else does during bad economies and so forth, high demand or not. I've seen it happen, not only to myself (joking aside), but also to people who WERE seasoned, too. Don't be fooled into working for a big shop just because some snake-tongued manager-type (who can't stare you straight in the eyes) promises you fortune and glory as well as job security. I promise you... I ABSOLUTELY PROMISE YOU, that you WILL live to regret accepting their offer.
Worst job to have on Earth. PERIOD.
How many people these days can distinguish between GOOD Cobol program and BAD Cobol program? Most of so called programmers will not be able to distinguish between Cobol program and cheese sandwich?
C'mon guys, maybe I missed someone commenting on the extremely obvious, but COBOL code is less "buggy" because COBOL code does 1/10,000th of what Java code does. COBOL code is several orders of magnitude simpler and the problem space it addresses is so very small compared to Java.
As proof I'll create a computer language with 10 commands that simply moves an image of a turtle around a screen. Guess what? 99% of programs written in that language will be bug-free. Why? Because it is a simple language.
Ergo, COBOL is like using a screwdriver to do things only screwdrivers can do while Java is like a whole workshop full of tools that will let you build almost anything and, yeah, you're going to mess up more often building almost anything.
absolutely. the whole story is a joke, this article is just surreptitious advertising for a software company that can't be taken seriously in anything IT related just for being capable of producing such nonsensical, laughable marketing.
this is like comparing error ratio between baking cookies and running a pastry shop.
if we have to believe blindly in any sort of fancy metrics (and there seems to be plenty of people in desperate need for it), we should at least restrict them on systems that are truly comparable.
Those things are calling .NET libraries on Windows (which is MS-flavored copy of Java -- ironic isn't it???). How cool is that COBOL code you realy wrote? How solid are those on Linux, BSD, cell phone, android phone? I doubt there is any such thing available. ["Not that I couldn't."] -- Yeah right!!!
On the server-side, how is that changing the goal post? Show me 100% native-COBOL in non-batch mode that can run as the SSH server, VNC server, VOIP server, CHAT server and show me how solid those apps run? How about UDP and TCP port services written in native COBOL? How about non-existent!!!
How about native-COBOL libraries that can run dozens other languages, something like BeanSell, Jython...
I wouldn't hold my breath 5 years, or 50 years for that. How about never???
You can't even teach those COBOL programers to understand such concepts as TCP/IP, UDP, GUI, Voice Processing, let alone write any such code libraries in native-COBOL. They buy/lease their COBOL libraries from Software vendors who wrote those in other languages. Wonderful world of COBOL -- NOT.
Also, the internet allows everybody to share their crap code with the world. I've seen people using online code references that showed some pretty dangerous or stupid ways of doing things.
Java is closer to pseudo code and has a low barrier of entry for beginners so you can have a lot of bad programmers cheaply. Less easy languages require a higher experience or skill set which filters out or highlights the weak programmers.
Do we want things so easy that somebody who can make some HTML thinks they are a programmer?? Sure there are some benefits for ease of use but there ARE downsides as well. Java may remove the top C programming errors but it allows in a lot more bad programmers.
Democracy Now! - uncensored, anti-establishment news
I didn't see anything about how other programming languages fared in the study. I also didn't see anything very detailed about their methodology. It is, of course, a very interesting question on both a purely intellectual and a practical level, and a lot of studies have been done concerning the topic.
In ancient civilizations that had complex writing systems, whenever a newer, easier to learn writing system was introduced, the old guard would resist it because then they wouldn't be able to demand high compensation for their rare, valuable skills. Programmers, in some cases, can adopt a similar attitude, and I say that as a programmer myself. I've sometimes felt a certain anxiety about programming becoming 'easy', rendering my valuable skills obsolete, while at the same time realizing that if I were a businessman having to hire programmers, that's exactly what I'd want to happen.
When trying to look at this objectively, I still think the quality of code depends significantly on what I'll call the human programmer's talent more than the actual language involved (though some languages are certainly more fun to use than others), and it'll probably be that way until the singularity happens.
In theory, theory and practice are the same; in practice they're different. (Yogi Berra & A. Einstein)
Used by people who don't understand what debt is.
This is just a vanilla resource allocation problem. Do you spend a dollar to write bug free code or do you add an extra feature. There is only so much money, only so many developers, testers and only so much time.
The number of places where bug free is the choice are small and they are specialised. Most places features win. Features means sitting on top of huge bloated frameworks which are also chock full of bugs.
So, the languages just represent the environments they are going to be used in.
In many industries, quality assurance is taken seriously, they often have far more people and resources working on quality than on developing the products.
Software, not so much... "It compiles" is often the gold standard of quality. "It passed the unit tests", the platinum one.
Deleted
More or less so than "Lines of Code"?
Those 200 billion lines or so of Cobol running the world's financial systems are some screwdriver!
And what makes you think COBOL 2002 can't do anything that Java can?
http://en.wikiquote.org/wiki/Edsger_W._Dijkstra#Misattributed
Computer Science is no more about computers than astronomy is about telescopes.
COSMIC-FFP: ISO/IEC 19761:2011 Software engineering. A functional size measurement method.
ISO/IEC 19761:2011 specifies the set of definitions, conventions and activities of the COSMIC-FFP Functional Size Measurement Method. It is applicable to software from the following functional domains: application software which is needed to support business administration; real-time software, the task of which is to keep up with or control events happening in the real world; hybrids of the above.
ISO/IEC 19761:2011 has not been designed for measuring the functional size of a piece of software, or its parts, which: are characterized by complex mathematical algorithms or other specialized and complex rules, such as may be found in expert systems, simulation software, self-learning software and weather forecasting systems, orprocess continuous variables such as audio sounds or video images, such as may be found, for instance, in computer game software, musical instruments and the like.
However, within the local environment of an organisation using the COSMIC-FFP Functional Size Measurement Method, it may be possible to measure these FUR in a way which is meaningful as a local standard. ISO/IEC 19761:2011 contains provision for the local customisation of the method for this purpose.
abstract and subjective did you even read the standard about function points before discarding them as uselessly subjective and abstract! For what that metric was designed to accomplish it is quite correct.
I did COBOL in university back in the day. I also did C and Pascal and VB, and a host of others (even assembly).
When I wrote in C and Pascal, the Professor cared about elegance. I recall they really seemed to dig recursive algorithms as being good (given situations).
COBOL seemed more about structure, and having things... "consistent". I recall for my final project, I thought I was being smart by doing a few recursive algorithms within the program. I actually LOST marks for doing so.
VB didn't really care so long as your widget did what it was supposed to do, and the GUI looked good.
So I think programming "Flaws" are relative to what language you are using, or at least that was how I seemed to be taught.
In addition to the aforementioned postulation that that different languages are meant to do different things, and that COBOL has had 30 years of maintenance and work to fix problems, I think it is worth mentioning that COBOL was generally done a long time ago, while Java is recent. By that I mean a lot has changed over time as to how programs are constructed, maintained, and the culture is vastly different now. I mean everything now seems to be released in Alpha, Beta, and just patched until it works properly. Back when doing that was a fairly big deal to change, you wanted to get it right the first time I would imagine, so a lot more care may have gone into the code. Projects are generally bigger now I would say as well, increasing complexity and difficulty as well. Where before you may have had a small team, now you have whole companies, many with overseas contracting etc... Also anyone can go to their local college and pick up a course in Java, where as back in the day, one likely had to have a more complete education (say in Computer Science) in order to have that training. Now in today's business, they just hire the cheapest labor, as no one really looks beyond a quarter or two these days. I would say in most cases they don't really care about getting it done proper, but rather doing it as quickly and cheaply and getting it out the door, they intend to fix all the problems later on.
Technical debt is not about bugs, mostly.
Technical debt is about things like design quality and ease of change. High technical debt code is hard to change. That means that adding new features or fixing bugs is more expensive, takes longer, and is riskier. You pay interest on the debt every time you make a change (or don't make a change because it was too scary because your design sucked).
If you pay off your technical debt by improving the design, adding features and fixing bugs will be cheaper, faster, and less risky.
While COBOL supposedly got OO capability in 2002 acoording to wikipedia, I would bet most COBOL is rather straight forward procedural code that is easy to follow and understand. The 'java way' on the other hand is to encourage over-abstration to the point of absurdity. There is a joke hello world at http://foreigndispatches.typepad.com/dispatches/2008/09/hello-world-in-java.html that really isn't far from the truth about how java programs are actually implemented by some coders. I seems some java coders think: Why just print a string when you could instead instantiate a new string-writer class implementing an abstract string writer factory with a text-writer interface? And instead of hardcoding a constant value, use an xml configuration file, even if you will never actually change the value.
Does mysqli support named placeholders?
No. MySQLi supports ? only, and it requires three things to be kept in sync: the statement, the list of argument types, and the list of arguments passed by reference.
using PDO rather than mysqli
Porting an existing application from MySQLi to PDO MySQL to be able to use named placeholders might take a while, especially when the boss wants features nyaaouw. But it might be an easier sell if you can come up with a couple other advantages of PDO.
was it by using CAPITAL LETTERS? (You know, the stable ones -- see upthread.)
Btw, all the languages you named are near-identical in terms of semantics, so don't start getting any ideas in your head that you understand computer languages.
Out of the box, PHP's mysql interface makes you concatenate/interpolate strings yourself to compose the SQL, and you have to manually escape parameters. In short, it requires extra work for programmers to do things right. All of those "Teach Yourself PHP in 24 Hours" books aren't going to help, either.
In contrast, almost all other programming languages make it easy to do the right thing. For example, Perl DBI and JDBC both encourage you to use '?' placeholders, which are automatically filled in by parameters. It takes no extra work to avoid SQL injection, and your code ends up being cleaner too.
Most modern COBOL compilers not on the mainframe compile code to the JVM. What happens when you combine COBOL and Java?
Somewhere around the same time that Java entered the market, everyone suddenly became a consultant or a manager. I'm not saying there is a causal relationship, or even a correlation. I'm saying it was a sign of the times: no more people to actually get their hands dirty. The mindset around Java suffered from this: seven hundred different 'frameworks', but no-one to actually implement - say - a PDF-generating library. Because that's menial work. We're building the future - we don't do that kind of stuff.
And so, ironically, the language that was supposed to stop people from re-inventing the wheel, made everybody re-invent the wrench.
Religion is what happens when nature strikes and groupthink goes wrong.
What about lines per function point! :-P
I've worked in Java and COBOL shops. The average age is pretty similar: most are in their late 20s to early 40s, with only a small minority older or younger than that range. I don't know if this is because people stop working as programmers by their early 40s, or if it's just an artifact of the fact that the field has been growing so fast in the last 20 years or so, adding so many new programmers every year that the older guys remain a minority.
To me (gut feeling, not having done any research on the matter) it makes more sense that the effect in TFA has more to do with the fact that Java is used for a much wider variety of uses than COBOL, and has very sophisticated analysis tools available, which I'm sure they've used to find the violations mentioned.
Clearly the analysis ignored all Ruby code ever written. Examples:
- Puppet
- Mcollective
A new programmer (who is likely using Java) isn't necessarily a BAD programmer, they're just NEW. Any skill (say, for instance, playing the guitar or playing tennis) takes a lot of practice (time) to perfect.
And let's not forget where a lot of our modern-day code written - in India. How long have Indians been programming? How long have Americans been programming? Again, it's not necessarily a bad programmer you're looking at, but an inexperienced one.
Everyone has to start somewhere. The most seasoned, grey-haired old man hacking away at assembly, C, COBAL, whatever... was once a beginner too. His code probably wasn't very good then either.
It's a good thing Android relies so heavily on Java then; it's so stable. Look at how smooth, reliable, and bug free the experience is there.
given that java is generally written pompus idiots... (look no further than maven or any other over-engineered POS) this does not surprise me.
Asinine report. The folks that program Cobol are considerably more experience (and older) than Java programmers. The "between the lines" conclusion is that less experienced programmers produce buggier code on average. Really? No Sh*t Sherlock! But a report that shows a direct relationship showing more experience translates to fewer bugs is not a headline catcher nor satisfies whoever paid for the report. Sheez.
what exactly is the problem with 16GB of RAM? it's about the same as subscribing in the apple developer program for a year
The motherboard you already own might not support that much RAM, in which case you might need to configure the build system for an overnight build instead of an immediate build.
C'mon guys, maybe I missed someone commenting on the extremely obvious
You didn't miss it because no one with a clue was saying it. You're just ignorant of how much of the world runs on COBOL. Whats best, is its the important shit that runs on COBOL, you know, like the worlds financial systems.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
Java in fact shares quite a few concepts with Ada. Packages, array validation, etc. Java has at least as good runtime checks as Ada. And there are Java static analysis tools.
Its because it takes like 300 lines of cobal to write a decent bug.
it already feels old and dated
I know what you mean! I was doing exactly that and (knowing it was my code) said out loud "What idiot wrote this code?".
Pogo had it right when he said "We have met the enemy and he is us!"
I've taken COBOL and RPG, but I don't believe there is enough money to intice me to program in these languages professionally. Even when my dignity and self esteem are at an ebb, some things I just refuse to do to myself.
There are no COBOL apps on my Android.
(Think for yourself what I'm implying here.)
I hadn't the slightest objection to his spending his time planning massacres for the bourgeoisie... (P.G. Wodehouse)
A smaller amount of cost per code doesn't necessarily mean anything. What we should be analyzing are the end results of the program itself, along with how long it took to write the code, how effective the code is, the versatility of the language, and the average cost of implementation and maintenance. While COBOL is designed for business mainframes, and has been around for 30-some years, it is not a viable solution to a lot of modern mainstream business needs and end-user demands.
Last time I checked, outside of the database maintenance niche, COBOL isn't really used for anything else.
I started with 1401 autocoder, then to cobol, and assembler, and later, to C language. I look at object oriented programming as bloat. The same function for different objects requires a unique method per object. Something is wrong there.
Think of the human body. -- No duplication. Negative side, no redundancy but positive side, functions that are not duplicated.
Leslie Satenstein Montreal Quebec Canada
There are a lot of clueless morons programming java. And between the crappy CASE tools like Oracle BPEL and all the architecture astronauts designing Rube Goldberg-esque software it's no wonder we see these kinds of statistics. Anyone ever heard of the KISS method?
Seriously, COBOL has been around FOREVER. Shoot, the first version, Cuneiform Obelisk Building Overseer's Language, was used for generating grain silage reports during the construction of the great pyramids.
Yup.
In my field of embedded programming a CS grad is worthless. If you dont have an EE degree you will never be able to write the code.
Bullshit. Where I work we have CS grads doing embedded work just fine. Though you are right that there are items that a CS grad should be cognizant, specially for doing work at the bare metal (like FPGA). There is a wide spectrum in the areas of embedded development. The closer you get to the metal, the more you need a EE degree (specially when you are spec'ing the hardware). From device driver level up, many competent CS grads do fine (read "competent".)
You have to understand what the voltages coming in MEAN. Understand transistors, logic devices, feedback loops, etc...
A lot of CS students (depending on the school that is) actually have a lot of CE/EE in their curriculum. Or used to... CS education has been watered down in the last 15 years.
The last CS grad we hired was completely worthless. Dude did not even know how a microprocessor worked.
And that's a reflection on him and the CS school that gave him a degree. Understanding how a microprocessor work, down to the digital level, is a must for a good CS degree. Or used to be a must.
Almost all CS grads I know or met know nothing at all about computers.
There. Fixed that for you. The sad thing is that many who have graduated with a CS degree in the last few years are just web-based programmers. That is not the same as being a Computer Scientist.
And don't be so smug with your EE degree. I work with many EE grads, and they can't code for shit. Yeah, they can make the hardware sing alright, but their code is unmaintainable, unreadable and fucking atrocious. Their cope out it is that their code is "embedded" or "optimized", but more often than not, it is anything but. A lot of the cost over runs associated with them simply come from their craptacular code bases.
Even beyond that, because they thing they can code a for loop, they thing they are the authority in matters of software. I have a EE co-worker who was stupidly lecturing me on semaphores, assuming I didn't know because I was a CS grad (all the while the retard didn't even know that the concept of a semaphore was invented by Dijkstra, a CS'tist.) That same tard was arguing with me (quite gratuitously and for no reasons at all other than to prove that Computer Science was easy) that he could write a compiler with nothing but lookup tables. Yeah, I want to see how things like dead code elimination and register allocation can be done with lookup tables.
Better, I know of a EE lead at another company that is insisting developers to use 8-bit error codes to identify unique errors, down to the actual physical line of code (as opposed to an error type code and a error string descriptor), because it is more efficient. The guy does not comprehend that potential faults in their code base can be mapped into thousands of points, so how the fuck will he map those into a 8-bit error code. He might know what a transistor is, but he for certain cannot write even semi-decent embedded code.
Stupidity and incompetence exist in both sides of the fence. It takes more than knowing about circuits, transistors and feedback loops to perform GOOD, COST-EFFECTIVE embedded programming. Anyone who thinks otherwise is full of it or is ignorant of his own ignorance.
Java in fact shares quite a few concepts with Ada. Packages, array validation, etc. Java has at least as good runtime checks as Ada. And there are Java static analysis tools.
Java shares a lot of concepts with everything. Or rather, Java is kinda like English: it waylays other languages in dark allies and rifles through their pockets for loose change.
But, look, runtime checks are easy. In fact, they are axiomatically complete: if you have a problem, but you can't see it at run-time, then you don't actually have a problem. Compile-time checks are what separates the men from the boys. Or, in the case of Ada, what separates the women from the little girlie princesses who like ponies. From what I've heard, the thoroughness of Ada's compile-time checking is unequalled. "If it compiles successfully, an Ada program is bug-free."
i'd hit it so hard, if you pulled me out you'd be the king of britain [bash.org]
From what I've heard, the thoroughness of Ada's compile-time checking is unequalled. "If it compiles successfully, an Ada program is bug-free."
Unfortunately, no compile-time checker can detect flaws in your logic.
Sheesh, evil *and* a jerk. -- Jade
COBOL is a far less capable language than most. In fact, COBOL was rarely the only language used to make a system because COBOL itself was practically useless. It was little more than a fixed field record store manager. RPG was used for generating reports. Screen I/O was a COBOL extension which generally consisted of designing an input UI in another language and calling functions in COBOL... although there are some direct COBOL UI toolkits, but they are barely useful for anything.
COBOL unlike SQL is not a structured query language. Typically, raw COBOL works on fixed field records connected to a fixed field ISAM. With DB2 (or other modern multiuser ISAMS), COBOL can often be mixed with SQL... giving us all the power of another bug ridden SQL implementation. If the form developer allows it, then it could in theory be used to execute SQL code through injection just as easily as in other languages.
COBOL is a crappy ass language that allows for implementing fixed field databases relatively efficiently.... but pretty much every other language is going to be flawed with regards to security in comparison as COBOL itself is pretty much incapable of handling the nasty nasties like dynamic memory allocation and such.
Let's not suggest that COBOL is more secure because of its maturity. Let's instead suggest it's more secure because it can do what it can do an pretty much nothing else.
On that note... COBOL is as secure as the terminal it is running on. But this is where maturity matters. COBOL is generally being run on a IBM mainframe virtual machine (IBM mainframes never run native code) which is still running almost the same operating system as it was in 1969 with additional features. Things like Ethernet aren't even supported by the operating system. They're handled by add-ons which map a terminal session to a telnet, 3270, 5250 or ssh session. Oh... but there was a major update in recent years which made it so most new things are running with UTF-8 instead of EBCDIC.
COBOL has been around for fifty years. It was originally designed as a business programming language to replace IBM's Autocoder & RPG (Report Program Generator language), System 360/Assembler Language,and FORTRAN principally for business applications. Initially designed for batch processing it was quickly adapted for Online Transaction Processing by IBM for its CICS (Customer Information Control System) OLTP environment with CICS 360/Assembler macro level API support and shortly for the more popular CICS Command-Level Programming Interface. Although less efficient than IBM Assembler Language, also known as BAL (Basic Assembly Language), it provided a very favorable medium for developing and maintaining structured programming business solutions. COBOL continued to support numerous API languages including Assembler, FORTRAN, and PL/I. PL/I had been developed to provide an engineering language to replace FORTRAN. Today COBOL is strongly supported by IBM for business application program development with support for batch processing, OLTP, interfaces to IBM IMS DBMS, DB2 RDBMS, WebSphere, Peer-to-Peer and Message Queuing applications, and GUI interfaces and integration for Oracle's Database and Tuxedo OLTP. Online program development can be done with IBM's TSO/E and ISPF environments with fully supported run-time environments. IBM also offers a GUI Application Development Framework and Oracle offers support for COBOL in their Fusion Suite and ADF development tools. IBM COBOL now supports an Object Oriented Programming methodology and interfaces to the JAVA programming language. The only knock I have ever had with COBOL is that it can become extremely verbose. With the advent of structured and function programming constructs and GUI Application Development Frameworks this problem can be minimized while still providing very easily read, maintained, and debugged business applications.