The Design of Software (CLOSED)

A public forum for discussing the design of software, from the user interface to the code architecture. Now closed.

The "Design of Software" discussion group has been merged with the main Joel on Software discussion group.

The archives will remain online indefinitely.

Rescuing a project on the verge of failure

I have a project at hand, on which has no analysis and design has been done by anyone. Everyone dived into coding, with the result that "classical mistakes" were committed, even if I was aware of them.
Is it worth it to apply my skills in analysis and design [however good/bad they are], at this juncture ?
What do you tell the clients in such a situation ?
And how should one handle requests that are considered blasphemous by any system designer worth his salt ?
Anonymous but still clickable Send private email
Saturday, December 31, 2005
 
 
>Is it worth it to apply my skills in analysis and design [however good/bad they are], at this juncture ?

Definatly, if the only reason you do it is for personal expereince and increase your knowledge.
Who will work on the system after you? The analysis and design could be useful to somebody else down the line. Just ask yourself if you picked up this project would you want A+D?

>What do you tell the clients in such a situation ?

Dito, the client doesn't need to know how you choose to develop software and if you do tell them it may raise issues or they may become suspect? If it is affecting deadlines then be honest with them, but make sure they understand you are fixing these issues...

>And how should one handle requests that are considered blasphemous by any system designer worth his salt ?

Don't know what you mean here, sorry!

Anyway, just my thoughts, hope you sort it!
Dan
Saturday, December 31, 2005
 
 
The fact that you haven't already applied your design skills is what makes me wonder whether you have them. But anyway you need to be aware that the client doesn't want to hear that it needs a major re-design without some reason to trust that you know what you are doing better than the previous developer.
Anon and anon
Saturday, December 31, 2005
 
 
> And how should one handle requests that are
> considered blasphemous by any system designer
> worth his salt ?

Please god, spare us from all the know it all system designers who have no responsiblity, do not work, and just tell other people what to do.

You will screw it up just as bad as the other people because you share the exact same weakness.
son of parnas
Saturday, December 31, 2005
 
 
Anonymous But Still Clickable,

It's all right, you can admit you're working on Vista, we won't tell...
BahHumbug
Saturday, December 31, 2005
 
 
"It's all right, you can admit you're working on Vista, we won't tell..."

Nope it's not Vista. It's worse than Vista.

But I'm really surpised at the comment made by Son of Parnas - I was asked whether it is possible to capture information (that is submitted by a user to a website), by a 3rd party desktop software.
Even I can say that it's possible technically, but not when one is talking of 128-bit SSL connections that are in place to ensure that the user's privacy is respected. And not when such capture of information can be termed legal by making the user accept the EULA for the desktop software. Not when we could get the information from the receiver after the legal procedure to obtain the information.
I could write a keylogger to do that or for that matter even a spyware engine / rootkit / malware; but I'm proud to have better ethics than the guys at First4Internet.
Such requests need to be rejected right away, you and I know that. But how does one tell a client why it has been rejected ?
Anonymous but clickable Send private email
Saturday, December 31, 2005
 
 
"But I'm really surpised at the comment made by Son of Parnas"

It was a valid comment based on what you had written - you made it sound like an aesthetic design issue rather than a moral/legal issue. You came across like a Prima Donna designer/middle-manager.

But anyway, it's not for you to judge what the client should and shouldn't ask for. They may have a very good reason for asking for that feature - they don't have to tell you why they want it.

If you object on moral grounds, leave the company. But sure as heck if you don't do it for them, they'll find someone who will, especially in your neck of the woods.
BahHumbug
Saturday, December 31, 2005
 
 
"But anyway, it's not for you to judge what the client should and shouldn't ask for. They may have a very good reason for asking for that feature - they don't have to tell you why they want it."

I must agree. If my put myself in their shoes then it will look like a valid request.
Which is why I want to know how to tackle this issue that could cause probelms for them. If the request is implemented within the desktop software, it is a glaring security hole waiting to be discovered; to top it all - the clients using this software would be companies from the Fortune list.
How do I convince them that obtaining information from the recipient [ an organization with the status of the Feds ], even though time consuming would be in the best interests of the companies involved.
Anonymous but clickable Send private email
Saturday, December 31, 2005
 
 
Just let it fail. Some projects deserve to die.

Saturday, December 31, 2005
 
 
The basic trick is that if you are writing unethical software that will be used to commit crimes, is make sure you are paid very very well, and paid in cash.
Art Wilkins
Saturday, December 31, 2005
 
 
If it's not legal, it shouldn't be done. Your clients demands notwithstanding. period.
a
Saturday, December 31, 2005
 
 
But this is legal. It's only the designer who has a moral problem with it.
BahHumbug
Sunday, January 01, 2006
 
 
Encourage the designer to propose alternatives that will accomplish what the client wants, yet does not violate his ethics.

Discuss with the designer the worse-case scenario that would result if the designer does implement what the client wants.

You shouldn't spend more than a day or two discussing this with the designer - but you do need to approach him with an open mind, and be prepared to justify the business requirements even if you don't agree with them.

For example, I have a corporate safety related web site that identifies users by name, and tracks all of the comments they make - not unlike this one.  I initially resisted that requirement because I wanted anonymous users to be able to post negative comments, i.e., people can ask controversial questions and not get punished.

The developer came up with a way to hash the users' names such that we could identify trends. Department A has a lot of complaints whereas department B was on board.  Figuring out specifically who made the comments would however take hundreds of hours to break the pseudo-encryption.

The people who "owned" the site also responded to our concerns by drafting a policy explicitly forbidding retaliation.

Is it a morally perfect solution?  No.  Was it something we can live with?  Yes.

In the bigger scheme of this discussion - the most valuable thing you can do is identify all of the features the application provides (reverse engineer a functional specification) and DOCUMENT the rationale for the function or why it was refused.

If someone came to me and complained about the hash protection, I have paperwork that says the client and I discussed this on such and such a date, this is what we agreed to, this is why we agreed to it, and these are our approvals.  And believe me, having that written down prevents a LOT of problems down the road.
Anonymous Coward
Sunday, January 01, 2006
 
 
Tell that to Sony. Maybe you can help them avoid all their spyware lawsuits. After all, the users all agreed to it in the clickthrough, so they have no case.
Art Wilkins
Sunday, January 01, 2006
 
 
Responding to BahHumbug's claim that spyware is legal.
Art Wilkins
Sunday, January 01, 2006
 
 
Art,

We don't know enough about the software in question to know that it is spyware.

And is the Sony rootkit actually illegal? You don't need to break the law to get sued.

The more I look at the original post and the author's followup, the more it seems like a way to discredit First4Internet, or the developers who work for them. First4Internet create DRM and image content filtering solutions, both of which have an (arguable) legitimate reason to track website usage.

Maybe we're all being trolled...
BahHumbug
Sunday, January 01, 2006
 
 
The Sony rootkit is illegal in Texas where they are being sued - spyware is illegal there.
Art Wilkins
Sunday, January 01, 2006
 
 
There are reasons "Bad" approaches are considered "Bad".  They open security holes, they make the system hard to maintain, they make the system buggy, they make the system slow, they can cost a lot.

As a systems engineer who knows his salt, I believe it is incumbent upon you to know the reasons why things shouldn't be done the way your customer is asking -- and to tell your customer those reasons.  I usually try to take the approach of "Well, we COULD do it that way, but it would cost $X more, or it would cost $X more to maintain the system after that, or it would open an unaccpetable security hole -- after all, Joe Hacker is out there just WAITING for an opportunity to hack in..."

Now, I'm not even pretending that's going to be enough to change your customer's mind.  So let's say you've made your statement, and made your attempt to change your customer's mind to a more orthodox way of operating, and he STILL says do it my way.

You tell him how much it will cost, and the likely hood of success, and he STILL says do it my way.

So, you start to do it his way, documenting each step for him as you go, as the time and expense start to pile up without success.  Now, the risk of this approach is that he might think you're "dragging your feet", or question your competence, for clearly HE thinks his "stupid" approach should be no big deal.

But this is one way to let reality prove to your customer that what you said in the first place was correct.
AllanL5
Sunday, January 01, 2006
 
 
" The Sony rootkit is illegal in Texas where they are being sued - spyware is illegal there."

which is precisely the stuff that I dont know about. I dont know what laws the software might be breaking by having this functionality in it.
I'd rather tell the client that the proposed feature exhibits characteristics of spyware and seal the issue there. But what if the client insists on having the feature and the ability to avoid legal issues by including a clause in the EULA. The client [he's a lawyer mind you] might think that is enough to avoid a legal battle; but in my opinion that's a no-no.
Anonymous but clickable Send private email
Sunday, January 01, 2006
 
 
You seem to have a large number of problems. You also have many ideas of solution addressing these problems. But if you try to adress all the problems at once, it would not work well. If you identified main problem, you should priorize the most dangerous problem and throw away the others.
Yuuki Send private email
Monday, January 02, 2006
 
 
I wish I could throw away my biggest problem - my manager, and then try to solve my other problems. Then the world would be a better place. But....

Monday, January 02, 2006
 
 
What kind of problems does your manager have?

Monday, January 02, 2006
 
 
Umm... trying to beat Steve McConnell's list of classic mistakes at : http://www.stevemcconnell.com/rdenum.htm

Heck...I feel so miserable when the same mistake is repeated like there is no eternity.
Anonymous but clickable
Monday, January 02, 2006
 
 
Anonymous But Clickable,

How long have you been in your current job? Have you been there longer than your manager?
BahHumbug
Monday, January 02, 2006
 
 
Art, the Sony Root Kit installed itself whether you pressed "I agree" or "I disagree." That is at the root of the illegality of it.
Peter
Monday, January 02, 2006
 
 
More than 4 months into the job.
The manager is a newbie into outsourcing.
You could say that he's a manager because he cant afford one. And in my opinion there is no point waiting for one to turn up. Searching for skills in your own backyard is better than digging the neighbour's garden. So I'd rather apply what I've learnt over my previous projects, and what the gurus recommend, rather than abide by orders that often have no rationale. Often, the situation in question reminds me of Joel S at Juno.
Anonymous but clickable Send private email
Monday, January 02, 2006
 
 
Anonymous but clickable,

Is this your first job in the real world, outside of university?

Is your manager actually the client?
BahHumbug
Tuesday, January 03, 2006
 
 
Looks like I was right.

Another fresh-faced graduate who thinks he can change the world.

Good luck with that, my friend.
BahHumbug
Thursday, January 05, 2006
 
 

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics
 
Powered by FogBugz