These are some of my impressions after some time spent at DB, sorry if it sounds too negativistic.
When a bank gets a new regulation on their table, they tend to create a department that compartmentalizes the subject within the organisation. That's how we get the exact opposite of what the Agile mindset is. And that's also how we get organisations where nobody wants to work in, except if the pay or day rates are high enough to excuse any suffering. And that's how bad, bloated software is created.
Yes, I believe that some sectors might be worse than others. There are metrics and tools provided by the Software Engineering discipline to measure quality of architecture or code. However, they have remained mostly academic. There is no standard metric, which is widely accepted to be useful. And even if some rare(?) company might systematically measure their code base, they don't put the results in the their home page and not even in the contract with their customer.
As long as that does not change, it's just more or less educated feeling where the situation might be better or worse than elsewhere.
But the worst part was that there turned out to be a single input that completely dominated the final result, and that input was a "gut feel" that the fund manager had about which way the market was going to move. So after all that calculation, the upshot was that the fund investment decisions were being made based on this individual's intuitions, and the entire spreadsheet was just window dressing. Ironically, the audience for the window dressing was the fund manager and his team because the spread sheet was considered proprietary, a closely guarded secret. That's the reason I'm not revealing the name of the manager. I'm probably still bound by the terms of the NDA.
That was the moment that I realized that much, if not most, of Wall Street is a colossal scam.
Alternatively they could wait for in-house IT to take a few years and millions of pounds (add going running over schedule and budget, too) to produce a bug ridden mess that misses.
And more importantly it enables the "money people" and the "1s and 0s people" to work together throughout the software life-cycle. When the people who input the data understand what's going in and the people who read the output know what should come out the black box in the middle is a lot easier to create and maintain.
Of course, the above is a generalization, but I stand by the assertion most tech savy bank workers try to interface with Bank IT as little as possible.
There are ways to test your tests (in a way that does not lead to an infinite regress), and alternatively you can also prove your tests correct; or just use plain old code review.
Outside of that however change is happening. And you will see new products coming out of "Innovations" groups operating entrepreneurially. My colleagues at WF and JPMC are busy experimenting with distributed ledger tech, mobile payments, global micro credit, and other "fintech." And the rollout of Zelle, instant peer-to-peer cash transfers, happened in weeks not months. Literally I was invited to participate in a beta program around the beginning of summer and a few days later billboards advertising the service started popping up around town ;)
You mentioned that your colleagues are working on things that break this mold - I won't try to speak for their companies, but in my experience those sorts of experimental projects (e.g. distributed ledger tech) tend to be wildly underfunded and consequently don't deliver much beyond an overblown, hype-building press release.
I strongly agree with your general point. Just like any extremely large business, there's small sects pushing forward in various ways, while the vast majority toils away on SSDD stuff.
Betas and hacks that make it into production because no-one is allowed to re-engineer things correctly.
Imagine in 2017 still having to run IE6 because there's a web-ui written in a COBOL system back in early 2000 that everyone is afraid to touch. And supporting Solaris 2.6 for similar reasons. You don't have to imagine.
and I agree with everything that's been said. i've been talking with a couple different banks (across the US) and they all are sharing the same concerns, whether their systems are VB6 or newer.
i'm with a group of machine learning and software maintenance folks who are trying to build tools to make refactoring/ migration/ speedups easier. if anyone is curious, we'd love to get feedback on the tools, see if they might help in similar situations, or could be improved.
Had a friend that worked at BBVA Compass. Same deal: huge mess, overworked employees, and awful experience setting up and getting into a workflow.
Why is a PR move worse than an employee who publicly badmouths his employer while being on the payroll? And why is this tolerated (upvoted) when it's a large corporation?
Edit: thanks for downvotes (this was expected)
Why do you not think that employees should be allowed to discuss how their workplace looks in reality?
But in all seriousness, this is a great step forward in institutional software. Open up software to further progress towards standardizing an industry's software interface.
Sadly I think a lot of it is just going to be lost to history... at an old employer of mine, I remember we had a store room full of old 9 track mainframe backup tapes – the mainframe had been retired and we no longer had a 9 track tape drive to read them with – I wonder if they are still there now – ideally they'd be sent to some sort of archive – they couldn't be released now without vetting because they would have contained confidential information (e.g. employee payroll information, customer data), but a century from now when all of us are dead who cares if our confidential info gets released to the public then?
I'm reminded of Vernor Vinge's far-future scifi "A Deepness in the Sky," where "programmer-archaeologist" is one of the occupations. (along with "programmer-at-arms")
Your descendants probably. Especially if grandpa earned a lot of dough which by heritage would be theirs now. Or just for the sake of privacy. Would you care if your private social network data was dumped after your death?
To me, when I sign up for confidential that means now and always. Not until death do us part.
Go back three or four generations, and most people can't even remember any of their ancestors names. Why should I care about the privacy of people who died long before I was born, and whose names I can't even remember?
> To me, when I sign up for confidential that means now and always. Not until death do us part.
I guess it is a matter of personal preference. But why should I care about what happens to my personal info long after I am dead? Once I am dead, and my children are dead, and their children too, and nobody alive can even remember who I was–what difference does it make to me then? (Maybe 100 years is too short, since a century from now I might still have living grandchildren – but I think the principle is sound whatever the exact timeframe should be.)
Given modern data storage paradigms, with perfect recording of a wide range of data, it's entirely possible that people might care in the future. For example, if you have an ancestor who was near-sighted, you are automatically disqualified from any colonization missions (regardless of your own eyesight) due to the presence of potentially-flawed genes.
It would be similar in concept, if not degree, to the Nuremburg Laws, which were only made possible by the meticulous record-keeping of the pre-WW2 German bureaucracy. Whether or not those records are used for malicious, distasteful, or nefarious purposes at some indeterminate future is not something we can control or predict effectively today.
: Reduced human error
I don't find the future you describe very plausible. Keep in mind that you only inherit (on average) half of each parent's genes, a quarter of each grandparent's, an eighth of each great grandparent – so even if your great grandpa had some nasty health problems, odds are you didn't inherit whatever genes might have been responsible for them. Also, don't you think by then, our knowledge of human genetics will likely have advanced to the point that we don't need to assume you might have bad genes because your ancestors had health issues, we actually have a complete sequence of your individual genome, along with a much better understanding than we have today of what all those individual genes do?
So while you may be comfortably dead your descendants may pay the penalty in unexpected ways. A suitable time frame would probably be beyond centuries but rather like today finding Neanderthals (prehistoric men).
This is all apart from the breach of contract in a social sense.
Is your preference that they never be released, or not released in your lifetime? How would you feel about them being released a thousand years from now?
EDIT: I felt unethical saying this and have since changed my mind. I plan on no children but my cousins have children and I can't be sure what they would want.
Germany is a great country for stuff like this. They have a relatively high share of Linux users, OpenStreetMap usage, etc. I feel like they're very critical towards their own country and don't take things for granted (not the "we're so proud of our country" idea). As a Dutchman, I like Germany.
And to underline your point - its main office is in Germany :)
This is especially also the case, because of the post-WWII history of East Germany. The Stasi managed to subdue the entire population, mainly with surveillance methods.
And this was before the internet. When they still had to actually go out and infiltrate people's homes in order to place down bugs (microphones).
The worst part about this for me, is that this is not just an unfortunate fate that Germans in particular have to be worrisome about. The only reason other nations are less worried, is because they're collectively less aware of this having happened, of it being entirely possible for this to happen, again.
But considering that Firefox now also spies on your entire browsing history with CliqZ, not even they are trustworthy anymore. StaSiFox, ffs.
mobile internet is very expensive, 20 eur for 5gb, there is almost no street view, blocking content on youtube. high percentage of german startups are just copying ( famous rocket internet ). that are just some examples, that are not so great starting point to become leader in digital.
Actually it was far easier than that: 1 in every 6 Eastern Germans was knowingly or not, voluntarily or not, a Stasi informant.
As a german I envy you for your drug laws.
(I don’t work in FS, this is just what I can gather from reading the docs).
Thus releasing this and possibly pushing workload and costs onto other banks from business side makes sense.
See the HN thread from friday, where Mozilla employees even defend it as a good thing that Firefox by default now sends everything you type into the URL bar to CliqZ.
Yes it is now
> they'll just get overriden when I login to my Sync account
They explicitly won’t, the new feature overrides all your synced settings and explicitly defaults to sending all your URLs to the ad and tracking company Burda Media Group.
I believe not.
They touted it as being innovative and open but in the end all Banks are required to open up when PSD2 comes into effect next year. Seeing this release, maybe they have honest intentions for being more open, but it being Deutsche i still have my doubts.
A few years have passed since then and most germans banks are still the same. Meanwhile you get instant wire transfers in a few countries.
When I think Deutsche Bank and innovation, I think of my phone calls with Deutsche Bank about disappearing money and them telling me that I shouldn't be surprised if the online banking doesn't actually reflect my real balance and 3 day same country wire transfers. A friend of mine has a consulting company that claims that theyre trying to change their internal structures though.
I think of shitty support and paper faxes because of "security". The latter might actually be a prevalent problem in german society though.
I work in Gvt. Healthcare. They've been spending 1 year trying to define an API for activating the new healthcare smartcards. It has 3 API calls, it's not done yet, and it's SOAP only. And then the leadership has been trying to get government support to mandate by law the forced usage of their crappy APIs.
Germany is a digital dinosaur, no matter how much these old tycoons come to the bay area with their newly appointed chief of innovations for a week they won't get it, because they never had to compete on anything to get it.
User experience is a completely foreign concept to them.
(A few challenger banks like Monzo are trying to give Britain decent retail banking. I wish them luck.)
At the Zollamt you'll get to enjoy standing in at least 3 separate and consecutive lines.
Only to pay import taxes. Something that could have been done faster, cheaper and more conveniently by sending an invoice.
This is how it works if the seller fills out CN22 properly and the customs officials believe the declared contents/value.
I have several times received packages with duties that I paid on delivery. No need to travel to the Zollamt.
I have also been to the Zollamt when they suspect the package contains something else than what is on the shipping manifest. They're always quite giddy to catch you doing something not allowed and always end up terribly disappointed and grumpy when it's exactly as described and then you just pay VAT.
Digital signatures by themselves only provide non repudiation of the sender non the receiver. When in court, you as a sender will have to prove that the receiver actually received the data. § 371 ZPO 
When sending a Mail per Einschreiben, the receiver instead has to prove that he didnt in fact get the message. Why that also applies to FAX blows my mind though.
AS4 and AS2 respectively solve this in a way, because the receipt is part of the protocol and successful transmission. From what I understand(I might be wrong) its traditionally used for EDI in supply chain systems . Drummond certifies that your product supports the standard correctly some people make a lot of money and you're good to go(it's XML and SOAP though). Apparently the EU is looking at using it.
Here's where the german bureaucracy ruins everything though. The law stated above mandates from what I understand(again IANAL) that you use DE-Mail for communication to flip the procedure stated above. DE-Mail requires the use of a trust center, a third party that receives the message and forwards it. The only other way to flip the evidence case is by using your own contract, which german lawyers avoid, because they might be liable in case something goes wrong.
Fax has a built-in transmission protocol and the receiver confirms that the transmission succeeded.
All bank transfers have to happen in 10 seconds or less.
I mean, arbitrarily picking whatever happens to be a popular comms protocol, with no regard to its functional validity, was how they got to SOAP in the first place.
Probably the only thing stopping them will be the byzantine budgetary processes that quasi civil services have.
- re-implementing all the processes at the receiving bank
- re-implementing all the processes at the sending bank
/// Log a message with the specified <paramref name="logLevel"/>.
/// <param name="logLevel">The level of log entry.</param>
/// <param name="exception">The exception to log.</param>
/// <param name="message">The format of the message object to log.<see cref="string.Format(string,object)"/> </param>
/// <param name="arg1">The first argument for message formatting.</param>
void Log<T1>(LogLevel logLevel, [CanBeNull] Exception exception, string message, T1 arg1);
It's not an essential part of the language. It's something that is used by the IDE and doc-generation tools. Comments inside the method that follows will not be so verbose (one hopes).
What's even worse is that Visual Studio 2015 just vomits out that the XML is malformed when I have C++ headers with Doxygen style comments in them. It detects the three slashes and tries to apply C# XML docs parsing to them and that of course fails. Meanwhile NetBeans can handle them no problem and display parsed docs in pop ups.
Their promoted research-paper is also more engaging (and less bloviating) than I was expecting:
>Ironically, the political compulsions imposed by the aging population are one reason for this. For starters, 56 per cent of Germany’s voting population is above 50 years of age. The members of the major political parties are on average 60 years old. This has led to an implicit consensus between the government and the people, to maintain the cosy status quo for as long as possible, hoping the day of reckoning might only affect following generations. A literal endorsement of Keynes’ maxim, “in the long run we are all dead"
I'll have to read through all of it before I can tease out its agenda.
DB is releasing a small program for interop into the public domain to encourage others to use it too.
”Interpol, Deutsche Bank, FBI, Scotland Yard, Flensburg und das BKA, haben unsere Daten da.”
Maybe it's just that we are soooo deep down shit creek with no paddle now, that it's easy to forget that you could already tell clear signs of "big data vs the citizen" back in the 1970s if you just looked around you.
Enterprise OO Garbage is alive and well.
And if there are multiple types of "SerializationProvider" (ie. there's an unrelated "CachingSerializationProvider ") then the name is unfortunately long, but accurate
The next guy who work on your code will be happy to have variable and class names longer than 3 characters. Short names are evil.
It's simply a verbose name.
You need some data structure to combine the functionality for serializing and deserializing, and you then need some function that can, depending on context, choose the correct such data structure.
And now you've got your transportprotocolserializer, transportprotocolserializerprovider, and transportprotocolserializerproviderfactory
Even in Haskell or Scheme you'd end up with the same data structures and functions, one that does TransportProtocolEnum -> TransportProtocol, one TransportProtocol -> Data -> SerializedData, and one TransportProtocol -> SerializedData -> Data.
If you want to allow at runtime configuration of the transport protocol of each service, you still need the same structures and functions.
Or how else would you implement it?
No, you cannot, since you want to dispatch to components that you don't even know of (pulled in via class path or extension DLLs). Components that have not yet been written and will be provided by another team or 3rd party and never compiled in, but just added to the extension directory of the application.
It's getting a bit tiring hearing cargo cult JS developers talk the talk, but walking backwards in their blissful stench of second level ignorance.
They could've called it ProtobufSerializer or ProtobufProvider.
For example, what features does it have that would let me buy and sell securities?
We're writing to let you know that the group you tried to contact (plexus-interop) may not exist, or you may not have permission to post messages to the group. A few more details on why you weren't able to post:
* You might have spelled or formatted the group name incorrectly.
* The owner of the group may have removed this group.
* You may need to join the group before receiving permission to post.
* This group may not be open to posting.
If you have questions related to this or any other Google Group, visit the Help Center at https://support.google.com/a/symphony.foundation/bin/topic.p....
Thanks for raising the issue - we have fixed the mailing list (google groups) so now posting is allowed even for users that haven't yet joined the list.
- This is the mailing list archive https://groups.google.com/a/symphony.foundation/forum/#!foru... (fairly new, but we can't wait to see your traffic)
- To subscribe to the list just email email@example.com
We will follow up with a much more comprehensive set of technical information, but in the meanwhile all docs are hosted at https://symphonyoss.github.io/plexus-interop/.
> The bank will put over 150,000 lines of code from its award-winning electronic platform Autobahn into the public domain
If this is indeed correct, there's no licensing BS, no control of what you can do with it like most free software. This is pure and simple public domain.
There some higher-ups that seem to understand the benefits of a more progressive approach, so I do think you will see more of this sort of activity, however, it'll take time before this becomes widespread within the company.
Said that, we need all the help we can get, so we'd love to see such passion consolidate in the Community we are trying to build.
We'd love to hear from you in any of our lists https://groups.google.com/a/symphony.foundation/forum/#!over... and even better we'd love to see your issues / patches / comments at github.com/symphonyoss.
I love bank "security".
I do believe that end users will benefit by these firms not reinventing the wheel and building innovative, more interoperable and ultimately better technology.
I, my team and I know I speak on behalf of our Community are committed to this level of transparency.
Finally the beauty of open source is that you don't have to trust a PR article, just go look at the code at https://github.com/symphonyoss/plexus-interop and decide for yourself.
And if unsure reach out to the firstname.lastname@example.org mailing list, it's all in the open!
My question is basically that - OSS existed for decades; why only now in big finance?
That their clients wanted such a trading platform... is that the reason you are saying was plainly stated?
edit: can someone explain why I'm getting downvoted?