What Is the Long-Term Cost of Code?
Call it the scout rule or opportunistic refactoring, as developers take increasing ownership of code, we are also responsible for cleaning it up along the way. This aligns with the trend toward becoming better stewards of your software, leaving reasons for your choices for future developers to understand (when things go right or wrong.) It’s about building empathy for your users — and even planning for your software’s inevitable deprecation.
But how often do we consider the true cost of the code we’re creating? Not just the price tag, but the cost to maintain, to society, and to our environment.
This is the question Dylan Beattie was trying to answer at Skills Matter London’s newest conference Beyond Tech, which is dedicated to exploring our industry’s impact on our communities. And one that we will begin to answer today.
Should We Be Charging for Software?
Our industry has a common saying that if you aren’t paying for it, you are the product. And never has that seemed truer than as we only start to understand the value of our individual digital identities.
Of course, Beattie pointed out that software started out as free — everyone just shared code before we started manufacturing and selling computers.
What is free software, anyway? At its core it’s where the users create and share it.
Beattie gave WordPress as a good example. It’s free software and you are free to use, adapt and modify it. And from the start, you’ve been free to sell it by way of WordPress consulting. You just can’t say you invented it.
And since no one owns it, it can be unclear who to blame when things go awry, like when a client installs some plugins and someone else exploits a vulnerability in the free software. The consultant profiting off of the free software may then be held responsible for fixing it, long after the consulting relationship has ended.
When examining if you should go the route of open source or proprietary, Beattie said, “Bosses don’t say ‘Does it protect your liberties?’ They ask ‘What does it cost?’”
He argues the best “free” code is:
- Free, as in speech,
- Free, as in beer — doesn’t cost any money,
- Free, as in your weekends — “not having to worry about WordPress bugs and security vulnerabilities and anxiety.”
Free has to come with trust. This is the hardest to measure and yet the most important part because you are no longer doing anything in isolation. Beattie said this ended in the mid-90s, when a team, like the Super Mario developers, could know everything about a computer system.
“Those days are gone and they are not coming back,” he said.
Sure it’s still technically possible to not use any third parties and run on trusted hardware, for industries like healthcare, aerospace, security, and military. But even then, how well can one part have insight into every single other part?
That’s where Eric Raymond’s Linus’s Law comes in: “Given enough eyeballs, all bugs are shallow” or given enough beta testers, all your problems should be found quickly.
Popular open source should have that strength in numbers. But then Heartbleed happened. It did take two years to find this important security bug, but the open source community was able to maintain trust because it created a catchy name and logo, so mainstream media quickly increased awareness of it and its fix.
Beattie says there’s also the risk of what he calls “the open source entitlement complex.” Much of OS software is created by enthusiastic volunteers which he says run the risk of becoming “entitled users” who maybe don’t want to work on certain issues.
“Sometimes it’s a genuine bug but not a priority. Or sometimes it’s users saying your project is wrong. Or project maintainers quit,” he said about when things go wrong with OS.
“You’re never going to be left completely high and dry — but unless you have a plan what to do with the code, you’re going to be lost,” said Beattie.
So, Is Proprietary Code Better?
In many cases, proprietary code is not better than open source/free software. Unless you build it yourself — and that comes with its own can of worms and responsibilities — proprietary software brings its own slew of problems.
With paid-for software, you can file bug reports and there will be an updated build with your bug fix. They are liable to be more responsive for particularly security flaws.
But what happens if that paid software company just shuts down and your extended warranty is effectively broken?
“Suppliers don’t have succession planning and you’re under a support contract but they don’t know your code,” Beattie said.
This is why a lot of organizations have opted to build their own in-house code, but then they fire the development team once the code is “perfected” and launched.
Don’t forget that we will always have dependencies that aren’t in our code. That’s how microprocessor vulnerabilities Meltdown and Spectre happened.
“These were not bugs in software or one particular piece of hardware. [They are] fundamental bugs in the way we designed computer processors over the last ten years. The only way to fix it was to get a new computer,” Beattie said.
When all was said and done, he said the cost of these two vulnerabilities added up to slowing down software between 2% and 8%.
But then that gets into the idea of our culture of waste.
What’s the Cost for the Earth?
At least in the UK, the amortization tax law for tech is five years, but how many of us are buying new computers every two? We have unnecessarily short smartphone upgrade cycles — some as short as 11 months — and at this point, there’s no increased value in terms of battery, speed, or camera quality. It does what we want it to do and we really don’t need a new one until it breaks.
Beattie said that smartphones use more than 60 of the 82 stable elements on the periodic table. Neodymium is one of them — a rare earth metal that China controls 80% of and which is used to create a magnet to allow our phones to vibrate and earbuds to function. An increased popularity of electric vehicles will only increase the demand for this very limited natural resource (and the power of controlling it.) However, as Beattie pointed out, only between three and five percent of any neodymium ore is used for these processes and “the rest of it has radioactive and harmful byproducts.” We get these magnets and then the radioactive sludge is just buried.
We talk a lot about who is online, about smartphone users, but we don’t talk about the billions of ex-phones.
Beattie advocates that we push the major smartphone providers to build phones that last a decade, which he says, in turn, will lead to great software on more expensive phones that better serve humanity.
“Imagine as software developers if we got the time to get really good? To work and target the same hardware platform for two, three, five years? What if people working in those factories got paid a living salary and benefits?”
What’s the Cost to Society?
We’ve already spoken about the Volkswagen developer who went to jail for three years for “blindly following” leadership in writing code that hid a clear failure to meet U.S. environmental emissions standards. Beattie gave us an update of how five of the VW executives were charged with fraud this April. Sharing the code in this article’s feature image, he asked the BeyondTech audience:
“Wouldn’t anyone notice and say it? The amount of code is small. It’s pretty obvious no one wouldn’t have noticed it.”
“Be humble. Be kind. Be responsible. If code’s gonna change the world, we’ve got to manage the cost of that code and we’re going to need everybody else to help us do it.” — Dylan Beattie, Skills Matter
And it took six years to be discovered. A company culture that didn’t allow people to speak up and a lack of a sense of individual responsibility has now been quantified as 45,000 disability-adjusted life years and 59 deaths.
Now the Boeing 737 Max 8 jet was only in the air for three years and led to 346 deaths.
“Press calls it a software problem,” but Beattie calls it a business one. “Boeing wanted a new 737 with a bigger engine for longer flights, but they didn’t want to retrain pilots… [The new engines] were so big they wouldn’t fit under the wings so they would move them forward and up. So the plane would throttle and climb, go up.”
Software was created to correct this problem — and it did. Beattie said it was the faulty inputs and untrained staff that brought two planes down.
“It was faulty inputs… thinks the plane is climbing, brings the nose down. The crew wasn’t aware and didn’t know what to do. The software did what it was supposed to do,” but Beattie said it’s a communications problem.
“We have to look at software as part of it all.”
He continued that we are just starting to grasp how it took half a million people to get on the moon. One of those individuals who helped is Margaret Hamilton, known as the first software engineer. She was not only the director of the MIT division that developed the Apollo in-flight software, but she is also the founder of systems design and modeling.
Beattie says we must follow the systems view that “Software is not something separate. You cannot reason about it unless you think about software as part of the whole connected system.”
He ended his talk that it’s our duty to think about the impact our software will have on people’s lives and, it’s our duty to help them understand that impact. We also need to understand the chain reaction of our software impacting other software and how it fits into our lives.