Dave, Thanks for a very thought provoking article. As I read through it, I wondered how I could marry up an attitude I hold on financial debt, which is that if the debt brings in more than it costs, is it really bad, with an analogy in technical debt? I'm still pondering that one. It's really helpful to make the comparison with financial debt, as it is very practical. The one thing I wonder though, is what is debt and what is "well, I could have written that so much more elegantly, in a more sophisticated manner"? I'm not completely conversant on the topic, so don't want to go on. But thought it worth asking. Thanks again. Great article.
CategoriesAll - Design - Tech - The Web - Virus - Web Design
Another important aspect of technical debt is the effect it has on morale. If the hot-shot superstars continue to crank out prodigious but crappy code, the others are left fixing it and not getting their own work done. This makes them look bad if the bosses think that they don't produce, and builds resentment. There's no sense of team and people are less likely to share ideas. The employers are not getting the full value of a team and risk losing good people, thus lost production and time spent hiring replacements. A high turnover rate is never a good thing and word spreads in the community that this place is not a good work environment, that it is cliquey, or that it is a sweatshop. So the good people avoid the company and only those fresh out of school, who also think that cranking out code as fast as possible is the way to get noticed, take the jobs. Eventually, as the code becomes flakier, it affects the morale of everyone - the sales teams, the support staff, account managers - anyone who has to hear about all of the problems clients have with their products.
I've currently been working on adding new features to an application built by a web developer new to the job. The application is so difficult to work with because there have been some terrible short cuts which have been made. This article makes the point of why technical debt is important to manage and reduce. I liked the comparisons you made about looking at technical debt from a financial and quality point of view. Quality is important in software craftsmanship and technical debt appends time to maintenance and addition of new features. I would appreciate if you'd write another article that covers identifying code that is technical debt and prioritizing the reduction of technical debt.
Do you know how to do it with rails 3.0.7 ? Thanks.
@Jeremy, you cannot rewrite http verb with GET. ?_method=put will not work. Rewrite works only for POST. Also it's me who removed match http://homakov.blogspot.cz/2012/04/whitelist-your-routes-match-is-evil.html
Great article and special thanks for the twitter security advice ..Now thinking to implement what you have advised ...thnx a lot
PapePathe - Thanks :) Stephen - Excellent. Paranoia is king! Regarding SSL on Heroku. You could use Piggyback SSL (free) and have your domain name redirect to *.herokuapp.com. Not ideal but otherwise I can't see another way, other than asking them nicely and hoping someone there is in a generous mood to non-profits! :) If that doesn't work, maybe you have to look for an alternative host.
Very helpful article, which has made me extremely paranoid! Thanks for that! What options do you have if you're on Heroku, and don't want to pay $240 a year to enable their SSL endpoint addon? My site is for a non-profit organisation and they can't afford this expense. Is it possible to have security on Heroku without it costing so much?
Thanks for the enlightement on "match". Great Article, waiting for the next episode.
Theodoros - I wasn't aware of that. Thanks for the info!
Match also accepts a via option. You could change your routes to: match 'show_settings' => "settings#show", via: "get" match 'update_settings' => "settings#update", via: "post" But I agree, the default is to match all HTTP verbs, which is not safe. It's better to have the user specify it explicitly.
Marc - you could use the Digest method. However, IMO authentication pop-ups are ugly, it uses MD5, which is broken, and it doesn't protect you from lots of other issues (good analysis on <a href="http://bit.ly/LgxToa" rel="nofollow">this Stack Overflow question</a>). You could manually encrypt the password client-side before sending it, but then you'd still need SSL to protect when you sign up to a site, else someone else could intercept the request and change the password that's been entered. I've never used Digest authentication, so please correct me if I've got something wrong. Robert - I think the main point people have taken away from it is the "match" keyword. I'm glad you found it helpful :)
Great article. Thank you for writing it. I didn't know that think with the match keyword. I replaced it immediately in my Rails Apps. Many thanks for the advice.
Simple Email in the Cloud In this article, I will explain how Amazon’s Simple Email Service (SES) is a better way to send email from your web application, and I’ll provide a roadmap for getting started. Generally speaking, email on the internet is sent using SMTP servers. Web applications are no exception.
Craig describes how to diagnose the problems associated with running Apache on Windows when another application is using HTTP port 80.
Adding and Deleting Resources in Sinatra In this tutorial I’m going to go through how to use Sinatra to add and remove resources to and from a database. To demonstrate this, I’m going to build a tiny web app called The Robot Factory that allows users to ‘build’ a production line of robots. Each robot will be saved to a database with randomly chosen head, body and legs and can also be deleted after it has been built. You can see the final version running here – http://robotfactory.heroku.com/ .
Logo design is its own form of art. Designers must integrate branded colors, shapes, and even words into a logo all the while balancing minimalist designs that can be use on the web or on billboards. It’s certainly a challenge. This collection of logos represent a fresh batch of up and coming designers who have come up with some noteworthy concepts
It seems like everyone these days is texting away on their mobile phone or updating their social network status every 5 minutes. It’s no surprise that the convenience of being able to access the Internet from anywhere at any time has made sharing messages and pictures so popular. I can’t imagine going anywhere without my cell phone on the off chance that something interesting might happen and I can document it as if I were the first news reporter on the scene. This is the first article in a two-part series in which I will show you how to create a photo blog as part of your personal website which you can update from your phone simply by sending an email.
Its now widely understood that Google will be unveiling the next version of its Android operating system, Ice Cream Sandwich (ICS), next week on the 11th of October . It will launch along with a new flagship phone from Samsung, but along with it is a promise to get the new tasty treat OS on to many of the recently released phones . If they back this up, this means that there will soon be a lot of phones out there running the newest version of Googles OS.