Possibly a product owner trying out the latest build, receiving a call, accepting it, and then waiting for the call initiator to receive the message that the call has been accepted, and then start sending data and asking:
"Why doesn't it take X seconds before I can start talking".
To which the engineers possibly explained the reasons and the product owner saying:
"But I want it instant, let's bypass all this extra stuff and get a proof of concept instant answer working"
To which the engineer said:
"But we'd technically be sending data before the call has even been accepted"
To which the product owner said:
"That's okay, the user can't actually see that data, let us just get this in for now, we can worry about the security/privacy side later".
To which the engineer said "but, but, but" saw the product owners eyes glaze over and just made the commit:
Commit 1279: Remove very important security/privacy feature of ensuring no data is transmitted until the call has been accepted. This is again my best judgement, do not come to me when this blows up, please speak to the product owner.
You hear this excuse all the time, don't FAANG employ the world's very best developers?
Maybe their code is a mess for orthogonal reasons - management, profit-motive?
Aside: I thought I'd heard devs have automated analysers that step through and find all possible code paths, allowing complex code to be audited for security issues and such? Presumably that's how these sorts of bugs should be found in testing.
Since they have an impeccable interview process that only selects the brightests.. They may be all too busy implementing linked lists and inverting binary trees instead of actually delivering a working product.
> don't FAANG employ the world's very best developers?
People have to stop putting these types on a pedestal. Some of the least intelligent people I've known have worked for some very big names. You shouldn't trust someone based on who they work for or what name is attached.
And some of the world's very worst. There are not 10s of thousands of world-class developers to hire in the first place and they would be focused on much higher-level details than implementing basic features and maintenance.
That gruntwork requires solid reliable workers with experience but the current screening processes do more harm more than help in getting that talent.
I think this is very close to spot on, though the version I've heard from developers involved with mobile involves VP's using the app/feature once it's been deployed: "Why is my group call taking 20 seconds to connect, this is unacceptable!". Fire drill ensues.
"Why doesn't it take X seconds before I can start talking".
To which the engineers possibly explained the reasons and the product owner saying:
"But I want it instant, let's bypass all this extra stuff and get a proof of concept instant answer working"
To which the engineer said:
"But we'd technically be sending data before the call has even been accepted"
To which the product owner said:
"That's okay, the user can't actually see that data, let us just get this in for now, we can worry about the security/privacy side later".
To which the engineer said "but, but, but" saw the product owners eyes glaze over and just made the commit:
Commit 1279: Remove very important security/privacy feature of ensuring no data is transmitted until the call has been accepted. This is again my best judgement, do not come to me when this blows up, please speak to the product owner.
Then went to the pub in despair.