Things I Wish I’d Known When I Started Programming

codeI’ve been programming for more than a few years now, but sometimes I like to look back at things I wrote when I was much younger, and reflect on how much I’ve learned since then. Of course, no one expects you to start out knowing everything, but there are a few things I wish I’d known when I started, or that I’d learned a bit sooner than I did. So, just for fun I thought I’d come up with a list of a few of the things I wish I’d known when I started programming.

Use Source Code/Revision Control

Like a lot of young developers, when I first started writing code I didn’t use any sort of source code/revision control system (just zipping up the project files every so often doesn’t count). But once I did, I realized how wrong I’d been – having a complete history of all changes is just sooooooooo helpful, even without any of the other features (branches, merging, etc.).

Now, there is a bit of a learning curve with any revision control system, and when you’re just starting out that learning curve can be a bit steep, especially in addition to all the other stuff you’re learning at the same time – but it is so worth the time and effort. Being able to undo changes, or make different changes to the same code (via branches), and just in general having a nice, detailed history of what you’ve done and what’s changed over time is simply invaluable. This is especially true if you’re part of a multiple programmer team, but it’s also just as true if you’re working by yourself.

For anything beyond 5-minute throw-away projects, use source code revision control!

Write Comments So That You’ll Understand Them Months or Years Later

Writing comments is like writing a log entry that you’ll inevitably need to review much, much, much later – so taking the time to write it clearly is well worth it. Countless times I’ve run across old comments of mine and wondered “what was I thinking?”

Same goes for commit messages – brevity may be the soul of wit, but not when it comes to commit messages! You shouldn’t need to do a diff on a particular commit just to figure out what you did; the commit message should at least give you a general idea.

On the flip side, though, you don’t want to be writing novels in your comments or commit messages, either – so write enough to be understood, but don’t be needlessly wordy, either.

Automate the Build & Deployment

It doesn’t matter how many times you’ve gone through the process of compiling or deploying a build, someday you will forget a step. And it’s also just so nice to be able to kick off a complete build & deploy with a single click and then go grab a cup of coffee or something, instead of having to sit there and go through all the steps manually. So take the time to write a script to automate the process – it doesn’t need to be super-complicated, just something to do the work for you. Believe me, it’s worth it.

No Fix or Change is Ever Too Small to Not Test

Also known as “TEST EVERYTHING,” this one’s a hard rule to stick too, especially for really small things like changing a typo in some text – but you still have to do it. It might seem like a tiny change that couldn’t possibly cause any problems anywhere else – but code is complicated, and complexity breeds bugs in the weirdest ways. Maybe that little text change you made causes a display issue at higher DPI settings, or when using a different font – you won’t know until you test it.

If You Find a Problem, no Matter How Small,  Put it in the Bug Tracker!

When making a fix – even for a small, seemingly insignificant problem – if it’s in production code (or in a released beta build), you’d better be writing up a bug report for it. Just making a comment in your SVN commit log isn’t enough – you need a proper report that can be searched and found and referenced, because someday, maybe years from now, you’ll need to know how or why you made this change.

(I will make an exception here to “fixing a typo” text-only changes, but only just.)

Always Write a Spec (But Don’t Write a Novel)

Just as fixing (seemingly) simple bugs can have unexpected consequences, designing and adding simple features or changes can turn out to be unexpected complicated. Writing a spec – even if it’s just a quick outline on paper or on a whiteboard – can help immensely in heading off these unexpected complexities. (Or, at the very least, you’ll know there are complexities and can design around them.) Good software should always be designed first, then coded – and writing a specification is part of the designing step (if not the entirety of it).

At the same time though you don’t need to write a novel’s worth of specifications, even for complicated changes or features. If the spec is too long (or goes into too much detail) then no one will read it – yourself included. If your spec just has to be that long, then maybe the feature or change you’re planning should be broken down into smaller parts first. Finding the right balance between length & specificity is a skill that takes practice to get right, but it’s one that’s worth learning.


These are just some of the things I wish I’d known when I started programming all those years ago – if you have things you wish you’d known, feel free to share them in the comments!

We’re Not Ready to be a Surveillance State

Recent news has revealed what many already suspected – we have become a de-facto surveillance state. The problem is: we are not at all ready to be a surveillance state.

1984 was not supposed to be an instruction manual for a surveillance stateRecent news has revealed what many already suspected – that we are (or are about to become), a de-facto surveillance state. The problem is: we are not at all ready to be a surveillance state.

The kind of surveillance that was previously only in the realm of dystopian fiction has been revealed to not only be possible, but to be taking place right under our very noses, without our knowledge, our consent, or what we would consider proper oversight.

The thing is, we’ve been headed in this direction for a long time – companies have effectively been doing this for years now. What’s changed is the scope of the  surveillance, and the government’s involvement in (and use of) that surveillance.

This sort of surveillance is a by-product of the digital age we live in, and is not, by itself, a bad thing. What is bad is that government is getting deeply involved, and it is doing so very quickly, and without a chance for public debate (or even without the public’s knowledge!).

In light of the seeming inevitability of increased surveillance and data collection, and to prevent the absolutely certain slide into despotism and a de-facto police state, you need deep, fundamental protections against misuse of data – and such protections need to be built in, from the start – they are not the sort of thing that can be added on afterwards.

Technology is progressing so rapidly that our laws simply cannot keep up – even the ways we create laws is still largely stuck in the last century, so that even if we try to adapt to new technology, by the time we’re done, it’s too late.

Even more worrying is that even though our laws can’t keep up with technology, that’s not stopping our governments from taking advantage of that technology – and that creates a huge problem.

In a way this is like having a really old machine that we’re trying desperately to keep running, even though the manufacturer has long since gone out of business, and the purpose for which the machine was originally built no longer exists. Instead, we keep replacing parts as they break or wear out – which takes longer and longer, since we have to rebuild them from scratch (since no one makes them anymore). We keep trying to get the machine to do things it was never intended to do – bolting on additions and making adjustments, all without really knowing how it will affect the overall functioning of the machine, or even if it’ll work the way we want it to.

Programmers in the audience will recognize this pathological pattern of behavior – any large software system will often find itself in this very same situation. And when faced with this kind of situation, often the response will be to just throw it all out and start over again from scratch.

In law, as in software, the argument against doing this is usually “why throw it away, since it still works” or “why fix what isn’t broken?” But I think it’s clear, especially in the face of new technology and what we’ve learned recently is being done with that technology, that things are in fact NOT working, and that the system IS broken.

doubleplusungood (1984)We either need to start over, or more practically, immediately begin reforming the ways we deal with technology – from the ground up. The pace at which we adapt needs to keep up with the pace at which technology changes – the way we debate laws, the way we vote, the protections & systems needed to prevent abuse – all of these things need to be updated, and they need to be updated in a hurry.

Until our laws are fundamentally overhauled to provide the same kind of deeply embedded protections in this digital age that we previously enjoyed before computers existed, we simply are not ready to be a surveillance state.

That such a surveillance state is being created, before we are ready for it, is deeply disturbing and either needs to be stopped right now, or a concerted effort to reform our laws needs to happen, yesterday.

Why Corporate Participation in Politics is Bad, Bad, Bad

I’ve talked before about why corporations are evil (or rather, why they tend to behave that way). But there’s something else I want to talk about which is related to that – and that’s corporate participation in politics.

Let’s back up a bit first though and go over what exactly is a corporation?

A corporation is a sort of legal fiction, an “entity” that exists only on paper, created and sustained only by the laws that allow its existence, and designed to shield people from loss and liability so as to give them a way to do things they wouldn’t be able to (or wouldn’t want to risk doing) otherwise.

In order for this to work, corporations have to be able to do some of the things ordinary people do – borrow money, have credit, enter contracts, etc.

But lately, corporations have started to be able to do things that aren’t strictly necessary for corporations to exist – specifically, they can now participate in politics in ways that they weren’t allowed to before.

Now, corporations can’t vote in elections – thankfully things haven’t gotten that out of hand yet – but it’s getting close, because of the way corporations are now allowed to influence (i.e., give money to) politicians & political campaigns.

This isn’t, by itself, a bad thing. People band together for political reasons all the time, and they can gather money and contribute to campaigns & such – this is nothing new.

What’s new is that corporations are allowed to do this, on their own behalf.

The problem with this is that corporations are inherently immoral.

Remember – corporations are not people, even though we sometimes think of them as being like people. They exist to shield people from risk, and to make a profit. Corporations do not exist to be nice, or act in a moral manner.

Let me say that again: corporations do NOT exist to be moral, or be nice, or obey laws. While all (or some) of those things may be done by some corporations (especially when they are small), they are NOT the purpose of the corporation, and they can all be subverted to greater or lesser degrees in pursuit of the primary purpose, which is PROFIT.

This is true even if the people running the corporation are the nicest people, and the shareholders are all nice, ordinary people themselves – all of this is stripped away by the structure of a corporation, by its very nature.

Everything a corporation does is measured against a single metric: profit. Even adherence to laws is considered only insomuch as how much that disobedience would cost (literally), or how those individuals in the corporation would be punished directly by disobedience.

Now, don’t get me wrong here – I’m NOT saying that corporations are themselves a bad idea, or that these attributes of corporations make them terrible. There are problems with them, sure, but they have served us well over the years with various tweaks here and there, and I’m sure they will continue to do so in the future.

The problem here can be summed up like this:

  1. Corporations are inherently immoral.
  2. Corporations can now participate directly in politics.
  3. Because corporations are inherently immoral, their influence in politics will also be immoral.

Politics is a nasty enough business on its own, but now it is going to be much, much worse – which is why letting corporations participate in politics (a la the Citizens United decision) is such a bad, bad, bad idea.

This is akin to suddenly having large, sentient, carnivorous dinosaurs appear, and then giving them an almost equal vote in our political processes, and wondering why very soon it’s legal for people to be eaten by dinosaurs at any time, or have their homes stomped on, etc.

When corporations can participate in politics and government, the natural evolution will be for corporations to gain more and more influence, behaving like parasites, until eventually they merge with government itself, and you can no longer tell where one ends and the other begins.

Corporate participation in politics is, frankly, wrong, and it runs contrary to all the ideas of democracy that underpin so much of our society. If we are to continue to be a government of the people, by the people, and for the people – and not a government “for the corporations” – then corporate participation in politics must not be allowed.

Florida Activates System for Citizens to Call Each Other Terrorists

Florida Activates System for Citizens to Call Each Other Terrorists

Or, in other words, a very, very, very bad idea… but sadly not the first time we’ve seen something just like this.

There’s the “if you see something, say something” campaign that you see plastered all over the place in the greater NYC metro area (and probably elsewhere), as well as the “anti-terrorist hotline” in the UK – among many other examples.

uk anti-terrorist hotline billboardThe problem with systems like this is that they’re often very poorly thought out and ripe for abuse. Really, these systems are just ways for people to snitch on one another for vague and ill-defined reasons.

A system like this can only work if:

  •  People are capable of making reliable judgements on risk (they aren’t)
  •  People can be trusted to only make objective reports (they can’t)
  •  Few people will abuse the system for personal gain (they won’t)

People being people, you will see people reporting others that they don’t like, or trying to submit false reports to harass others – especially if the system is anonymous. Anonymous tips from the public are fine, but if you treat every anonymous tip as legitimate (and with terrorism tips like this, you almost have to, or else what’s the point) you are quickly going to find yourself chasing a LOT of dead ends, wasting time and effort, and just generally getting drowned in the noise of the system.

And if the system isn’t anonymous, what sort of review process is there? Where does this fit in the context of judicial review? What sort of penalties are their for false statements? If the penalties are too low, then the system is ripe for abuse just like if it was anonymous. If the penalties are too high, then people won’t use it for fear of making a mistake – thus nullifying the entire point of the whole thing (and easy way to report “suspicious” activity).

Even if somehow a middle ground is found for this system… where do these reports go? How long are they stored? Can you submit a plausible (but false) report about someone you don’t like, and then have that person get subtly harassed for years afterwards (getting “extended” pat downs whenever they travel, finding themselves on black lists, the subject of needless surveillance, etc.).

Finally, can  you trust the public to really know what “suspicious activity” is? The answer is, resoundingly, “no.” Unless the would-be perpetrator is being astoundingly obvious about his/her intentions, the likelihood of anything they do seeming “suspicious” is practically nil. And of course, there are far more ordinary and innocent things that people do all the time that might (incorrectly) appear suspicious if you don’t know the whole story (or are already in a paranoid mindset).

When you consider all of these problems – and these are all legitimate, real problems with a system like this – you have to ask yourself if it’s worth it. Is the thing you’re trying to prevent (terrorism) worth all the mistakes and harassment and wasted time, effort, and money? Because terrorism is, realistically, a rare thing – despite what some people would like you to believe – and it’s unclear whether it’s worthwhile to try and prevent these rare events, when it’s unproven whether such methods would even have an effect at all!

If terrorism were something mundane, like say, tooth decay, we’d NEVER even consider measures like this – you’d be a laughing stock if you even suggested such an insane idea. Even if it were something equally (or even more) deadly, but less emotionally charged, like say, wearing seat belts or motorcycle helmets (all of which are the cause of far more death & pain & suffering than terrorism is), there would still be heavy political and civil opposition to such a heavy-handed approach, not to mention lots of arguments about all the money it would cost.

I know it’s hard to do, but it really is very important to take the “emotional” aspect out of the question when you’re dealing with policies like this – because it just skews things so far into the realm of the unreal that it’s not even funny… and in many ways, it’s quite dangerous, especially to those principles we hold dear.

Still Blogging

There’s a reason I don’t use services like Tumblr (or LiveJournal, or Blogger, or any of a dozen other similar “free” services) and instead still post things here on my own blog – and that is: I own this blog, but I don’t own Tumblr*.

Now, this may not – scratch that, this will not apply to everyone, but for me, my words are my “product,” so to speak. They are the thing I spend time creating, and they are important to me – important enough that I would not want them to be lost.

Whenever I’m trying to decide whether to use some new web-based service (at least, the “free” ones), I ask myself, “if this service disappeared tomorrow, would it be a huge loss for me?” If the answer is “yes,” then I either won’t use the service, or I will only post low-importance things there (or I’ll duplicate the content elsewhere).

Naturally, there are some “free” services that I trust sufficiently to get over the “what if it disappeared” hurdle – things like Gmail, to name one example. (Though that doesn’t stop me from keeping a local, cached backup copy, just in case!)

Anyway, these are just some of my thoughts – and of course everyone else’s criteria will differ from mine. But it’s worth thinking about before you commit to creating a lot of content with whatever the next “cool” new web service is!

* This goes for any paid service, really. If I pay for it, I generally expect not to be left in the cold. With a free service, you can’t really expect anything.