

Bad code plagues business applications, especially Java ones - ORioN63
http://arstechnica.com/business/news/2011/12/bad-code-plagues-it-applications-especially-java-ones.ars?utm_source=rss&utm_medium=rss&utm_campaign=rss

======
kls
I don't know if it is any more prevalent in Java apps or not. We probably
experience and notice it more in Java apps because there are more lines of it
out there. It would be east to work the numbers to come to that conclusion.

In my personal experience the worst technical debt that I have seen is in
organizations that brought the wrong guy in the door, as the first technical
person in the org or worse yet promoted the most technical person in the
office or a nephew into the position. These organization have always taken the
biggest payments on technical debt to rectify. The most important technical
decision an organization can make is the first technical hire, unfortunately
usually no one in the organization is qualified to make the decision.

As a side note, I have always thought there would be value in a technical
guild that people could call on to find these type people. Not your typical
head hunter but a network of good developers that are connected. So if I am in
Orlando, have a buddy that moves to NYC and starts a company, but I don't have
a network in NYC, he could call me, I could contact a guild member in NYC and
be comfortable that the member will give me a recommendation of someone who is
reputable.

How you design that guild to be effective has always stumped me, it would have
to be exclusive that much I know, and generally those of us that are 10x'ers
form a group of 10x'ers that stick together, but that is regional. I struggle
to figure out how one group in Orlando can bridge the gap with NYC and know
that that group is reputable. It would be a powerful organization if it could
be built, just based on the fact that it could keep a lot of companies from
taking on a lot of technical debt up front, by the wrong choice.

------
vannevar
FTA: " _...the oldest applications in our sample...have likely undergone more
extensive remediation for security vulnerabilities over time..._ "

I suspect the age of the codebase correlates better with their metrics than
the implementation language. The worst-performing languages are also the ones
with the most recent code. They're not finding a Java problem or a .NET
problem, they're finding problems in fresh code, which is no surprise.

