Monday, August 18, 2008
Indian Outsourcing and how Inexperience Generates Failure
Many of the consultants I respect are often hired to consult on projects when they are already in trouble. The common story is how little experience most folks nowadays have...
When you study the code, it seems like many within India are learning from books and web sites which are weak proxies for actually learning how to design software. If no one on the project knows what good code looks like, you get (guess what) code that doesn't look good.
The interesting thing is that India hasn't yet taken advantage of the love of Agile methods. Consider, the ability to write suboptimal code where you can immediately declare that you were focused on business value as first priority. Your followup statement can be about the need to mercilessly refactor code at a later date. In the end, you have a nice set of Martin Fowler approved excuses for failure.
What is more interesting is the findings of an upcoming industry analyst firm who will be releasing a report on the ability of Satyam, Infosys and others to write code that doesn't have any of the OWASP Top Ten vulnerabilities. It shouldn't come to a surprise to anyone that the result isn't kind. The analyst writing the report also noted that India has lots of opportunities on learning how to write secure code but due to cultural reasons, few take advantage of user groups such as OWASP.
The only way for code to improve is for folks writing it to learn from others who are superior to them and are willing to publicly acknowledge such fact. Maybe it is a good thing that India has mastered the Peter Principle by promoting those who can't code into managers...
| | View blog reactionsWhen you study the code, it seems like many within India are learning from books and web sites which are weak proxies for actually learning how to design software. If no one on the project knows what good code looks like, you get (guess what) code that doesn't look good.
The interesting thing is that India hasn't yet taken advantage of the love of Agile methods. Consider, the ability to write suboptimal code where you can immediately declare that you were focused on business value as first priority. Your followup statement can be about the need to mercilessly refactor code at a later date. In the end, you have a nice set of Martin Fowler approved excuses for failure.
What is more interesting is the findings of an upcoming industry analyst firm who will be releasing a report on the ability of Satyam, Infosys and others to write code that doesn't have any of the OWASP Top Ten vulnerabilities. It shouldn't come to a surprise to anyone that the result isn't kind. The analyst writing the report also noted that India has lots of opportunities on learning how to write secure code but due to cultural reasons, few take advantage of user groups such as OWASP.
The only way for code to improve is for folks writing it to learn from others who are superior to them and are willing to publicly acknowledge such fact. Maybe it is a good thing that India has mastered the Peter Principle by promoting those who can't code into managers...
