new | ask | show | jobs
psadauskas 5 hours ago  [ - ]

Regarding your 2), in other industries and engineering professions, the architect (or civil engineer, or electrical engineer) who signed off carries insurance, and often is licensed by the state.

I absolutely do not want to gatekeep beginners from being able to publish their work on the open internet, but I often wonder if we should require some sort of certification and insurance for large businesses sites that handle personal info or money. There'd be a Certified Professional Software Engineer that has to sign off on it, and thus maybe has the clout to push back on being forced to implement whatever dumb idea an MBA has to drive engagement or short-term sales.

Maybe. Its not like its worked very well lately for Boeing or Volkswagen.

godelski 4 hours ago  [ - ]

  > I absolutely do not want to gatekeep beginners from being able to publish their work on the open internet
FWIW there is no barrier like that for your physical engineers. Even though, as you note, professional engineers exist. Most engineers aren't professional engineers though, and that's why the barrier doesn't exist. We can probably follow a similar framing. I mean it is already more common for licensing to be attached to even random software and that's not true for the engineer's equivalents.
Onavo 5 hours ago  [ - ]

Oh there have been many cases where software engineers who are not professional engineers with the engineering mafia designation get sidelined by authorities for lacking standing. We absolutely should get rid of the engineering mafias and unions.

https://ij.org/press-release/oregon-engineer-makes-history-w...

henryfjordan 4 hours ago  [ - ]

It's kinda wild that you don't need to be a professional engineer to store PII. The GDPR and other frameworks for PII usually do have a minimum size (in # of users) before they apply, which would help hobbyists. The same could apply for the licensure requirement.

But also maybe hobbyists don't have any business storing PII at scale just like they have no business building public bridges or commercial aircraft.

knollimar 3 hours ago  [ - ]

I'm wary of centralizing the powers of the web like that.

Xelbair 2 hours ago  [ - ]

Web is already mostly centralized, and corporations which should be scrutinized in way they handle security, PII and overall software issues are without oversight.

It is also a matter of respect towards professionals. If civil engineer says that something is illegal/dangerous/unfeasible their word is taken into the account and not dismissed - unlike in, broadly speaking, IT.

knollimar 2 hours ago  [ - ]

I just don't feel we want the overhead on software. I'm in an industry with PEs and I have beef with the way it works for physical things.

PII isn't nearly as big a deal as a life tbh. I'd rather not gatekeep PII handling behind degrees. I want more accoubtability, but PEs for software seems like it's ill-suited for the problem. Principally, software is ever evolving and distributed. A building or bridge is mostly done.

A PR is not evaluated in a vacuum

closewith an hour ago  [ - ]

GDPR doesn't have any minimum size before applying. There's a household exemption for personal use, but if you have one external user, you're regulated.