eah, I know: programmers わ 4 ビ writing. And when, for some reason, they are somehow forced tO write down something, it reads like the repair manual for a DC-3, or the result 0f consolidating all the "don't d0 this" examples from an English style guide int0 one page. ・ WeII, enough is enough, I say. At my own company, we lnstituted a policy: we only want tO hire SOft- ware developers WhO can wrlte, and write 比 ℃ 〃 . Just な ) submitting a resume tO me with grammatical errors or a cover letter that reads like it was written by that guy whO translates those instruction manuals for really cheap consumer electronics. I dare you. The goal of this book is t0 encourage better writing about software by highlighting some 0f the best writing 0f the year. What 1100ked for was sim- ple: good writing. Writing that is engaging, because it is funny, clear, or important, and writing that draws you ln and captivates you. I want the experience Of reading about SOft 、 tO be better. I want software developers tO learn hOW tO write things that people want tO read, because communicating iS one Of the 1 れ OSt overlooked skills in software development. The essays in this bOOk present a broad array Of great ideas in software. These are some Of the best ideas l've seen in a long time. And they present them in a way that is engagmg, interesting, clear, heartfelt, and Often funny, which means these ideas are the ideas that will be listened to, and these will be the ideas that influence software development in the years tO C01 れ e. Joel Spolsky 、 / oel 〇 〃 So ″ ル , 4 尾 立 の ・ 訪 可 S が 市 な : (JoeI SPOIsky, 1 -59059-389-8 ) RELATED TITLE S Painless Proiect Ma 〃 ag 〃 夜 な Ⅲ / ル お ogB 〃 (Mike Gunderloy, 1 -59059-486 凶 Us わ な c D 〃 ん Programmers (Joel SP01sky, 1 -893115-94-1 ) 0 レ 20 梔 の ・ s 0 ー H / g 伝 訪 M た 可 / 〃 g D な (Chapman, MerriIlR. (Rick), 1 -59059-104-6 ) I S B N 1 ー 5 9 0 5 9 ー 5 0 0 ー 9 Apress US $ 24.99 SheIve in Programming 、 V 、 、 V. apress.com 6 8 9 2 5 5 5 9 5 0 8 9 7 8 1 5 9 0 5 2 4 9 9 5 9 5 0 0 8
XViii INTRO DUCTION Anyway, I called up the editor of the book that they wanted me to praise, and said I couldn't, in good faith, recommend a boring book without any storles ln it, even if it was 1000 % correct and otherwise well- written. I think they hate me now,. So be it. The software development world desperately needs better writing. If I have to read another 2000-page book about some class library written by 16 s 印 4 people in broken ESL, l'm going to flip out. If I see another hardback book about object-oriented models written with dense faux-academic pretentiousness, l'm not going t0 shelve it any more in the Fog Creek library: it's going right in the recycle bin. If I have t0 read another spirited attack on Microsoft's buggy code by an enthu- siastic nine-year-old Trekkie on Slashdot, I might just poke my eyes out with a sharpened pencil. Stop it, stop it, stop it! And that's why when Gary Cornell suggested this book, I leapt at the idea. lt would be a chance tO showcase some of the best writing about software from the past year "or SO. " The original idea was to make it an annual, so the volume you're holding would be "The Best Software Writing of 2004 , " but there were a bunch of great articles from 2003 that we wanted tO include, and we were afraid bookstores would return lt at the end Of the year if there was a date in the title. I solicited nominations from the faithful readers of my website, ル 0 〃 So ″ 曜 4 肥 , and selected the final stories myself, so the blame for what's included and what isn't included is entirely my own, but full credit for really incredible writing in a field that doesn't normally get any goes to the contributors.
ABOUTTHE EDITOR Joel Spolsky is a globally recognized expert on the software development process. His website, Joel 0 〃 SO ″ ル 4 (www.joelonsoftware.com/, is pop- ular with software developers around the world and has been translated into over 30 languages. As the founder 0f Fog Creek S0ftware in New York City, he created FogBugz, a popular project management system for software teams. Joel has worked at Microsoft, where he designed VBA as a member of the Excel team, and at Juno Online Services, devel- OP1ng an lnternet client used by millions. He has written tWO previous books: User 1 催 Design P 川 g 川 川 s (Apress, 2001 ) and Joel 0 れ So ″ ル 4 (Apress, 2004 ). Joel holds a BS from Yale in computer SC1ence. Before COIIege he served in the lsraeli Defense Forces as a para- trooper, and he was one 0f the founders 0f Kibbutz Hanaton.
The Best Software Writing I: SeIected and lntroduced by JoeI SpoIsky Copyright ◎ 2005 Edited by Joel Spolsky All rights reserved. NO part of this work may be reproduced or transmitted ⅲ any form or by any means, electromc or mechamcal, including photocopyrng, recordlng, or by any informatlon storage or retrieval system,without the prior 、 vritten permission Of the copyright 0 、 Ⅵ ler and the publisher. ISBN-13 (paperback): 978-1-59059-500-8 ISBN-13 (electronic): 978-1-4302-0038-3 Printed and bound ⅲ the United States of America 9 8 7 6 Trademarked names may appear ⅲ this book. Rather than use a trademark symbol with every occurrence Of a trademarked name, we use the names only ⅲ an editorial fashion and tO the benefit of the trademark owner, with no intention of lnfringement of the trademark. Lead Editor: Gary Cornell EditoriaI Board: Steve AngIin, Dan AppIeman, Ewan Buckingham, Gary Cornell, Tony Davis, Jason Gilmore, Jonathan Hassell, Chris Mills, Dominic Shakeshaft, Jim Sumser Assistant Publisher: Grace Wong Project Manager: Beth Christmas Copy Edit Manager: Nicole LeClerc Copy Editor: Liz Welch Production Manager: Kari Brooks-Copony Production Editor: Kelly Winquist Compositor: Dina Quan Proofreader: Nancy Sixsmith lndexer: Broccoli lnformation Management Cover Designer: Kurt Krames Manufacturing Manager: Tom Debolski Licensing: Tina Nielsen Distributed to the book trade ⅲ the United States by Springer-VerIag New York, lnc. , 233 Spring Street, 6th 日 00 New York, NY 10013 , and outside the United States by Springer-Verlag GmbH & Co. KG, Tiergartenstr. 17 , 69112 Heidelberg, Germany. ln the United States: phone I-800-SPRINGER, fax 201-3484505 , e-mail [email protected]/ or visit http : / / し Ⅷ 、 ・ springer-ny.com/ Outside the United States: fax + 49 6221 345229 , e-mail [email protected], or visit http : / れ Ⅷ *. springer. de. For informatlon on translations, please contact Apress directly at 2855 Telegraph Avenue, suite 600 , Berkeley, CA 94705. Phone 510-549-5930 , fax 510-549-5939 , e-mail [email protected]/ or visit http://www.apress.com/ The information in this b00k is distributed on an 。 as is " basis, without warranty,. Although every precaution has been taken ⅲ the preparatlon of this work, neither the author(s) nor Apress shall have any liability tO any person or entlty W1th respect to any loss or damage caused or alleged to caused directly or indirectly by the informatron contained ⅲ this work.
ざ 0 し ? to ん ロ 岱 THE 'BEST SOFTWARE ◎ 、 つ み 、 一 4 日 れ び s 0 ー 彡 ノ ッ ー ー 、 ' 駅 北 、 レ レ LNLBS' ・ 、 0 000 〇 0 0 叨 0 0 鬩 〇 い 第 一 、 、 ヾ を 甲 01 五 . 彡 ′ ノ イ な リ 5 ょ ft 「 0 れ れ 一 4 SELECTED AND 'NTRODUCED BY JOEL SPOLS'KJ ◎ 000 ⑨ @ ・ 000 ◎ - み ノ ノ ノ ド カ の 川 - ク ツ ッ ノ を ノ ル A 所 tn は を 4 誉 嶂 、 TB*F 第 “ 0 0 0 0 、 ″ S な 4 ー ミ
ABOUTTHE AUTHORS Ken Arnold has loitered around the computing field for decades, includ- ing attending Berkeley where he worked on the BSD project, creating the curses library and helping on rogue; writing the "The C Advisor" col- umn for Unix 犬 ル (later "The C + + Advisor" as progress led us down the garden path); coauthoring T わ ル Programming 4 〃 g 〃 ag and other books; designing JavaSpaces and helping design Jini; and occa- sionally ()s shown here) pretending t0 be hip by blogging. His current dalliances include the human factors 0f programming languages and APIs, electronic voting systems your mother could trust, and the Napkin pluggable look and feel for Java that makes provisional GUls 100k , well' provlsional. Leon Bambrick is a prolific programmer, satirist, and pugilist, working out 0f the southern hemisphere. He first met Joel Spolsky when they were stranded together on a desert island, with nothing but an 8086 and a copy Of Kernigan and Ritchie. His website, secretGeek. net, has a small cameo in & Wars E 々 な 0 施 ー Ⅱ ー Revenge 0 ー 舫 Sith—as an lmperial Guard's codpiece. Michael Bean is a software developer and entrepreneur. He is currently president and one Of the founders Of ForiO Business Simulations. Before ForiO, Michael held senior management posts at consulting and soft- ware firms in the United States and Europe. Michael was alSO a research associate for the System Dynamics Group at MIT, where he developed simulations that analyzed the strategic implications Of manager deci- SIOns. Michael has consulted with corporations and government agencies nationally and internationally on transfer pr1C1ng, competitive strategy, emerging technologies, and customer migration. He has con- ducted scenario planning, systems thinking, and computer simulation
10 THE BEST SOFTWARE WRITING I company A and selling merchandise made by company B and warehoused and shipped by company C, with customer service from company D, isn't honestly adding much value. ln fact, if you've ever had tO outsource a critl- cal business function, you realize that outsourcing is hell.Without direct control over customer servlce, you're going tO get nightmarishly bad cus- tomer servlce—the kind people write about in their weblogs when they tried tO get someone, 4 れ 0 れ e , from some phone company tO dO even the most basic thing. If you outsource fulfillment, and your fulfillment partner has a different idea about what constitutes prompt delivery, your customers are not going t0 be happy, and there's nothing you can d0 about it' because it took 3 months to find a fulfillment partner in the first place, and in fact, you won't even know that your customers are unhappy, because they can't talk tO you, because you've set up an outsourced customer serVICe center With the explicit aim Of れ 0 ー listening tO your own customers. That e-commerce engine you bought? There's no way it's going t0 be as flexible as what Amazon does with obidos, which they wrote themselves. (And if it is, then Amazon has no advantage over their competitors wh0 bought the same thing). And no 0ff- the-shelf web server is going to be as blazingly fast as what Google does with 2 their hand-coded, hand-optimized server. Bean's 覊 ア な the c 4 立 4 れ d / 計 々 0 〃 訪 4 鵬 ビ d ル 〃 〃 g l' レ s ビ ビ 〃 . lt's 4 々 ル as 〃 see such 4 lucid ど 工 々 れ 4 0 れ 舫 4 右 4 ″ ア c 〃 な ル ビ わ 4 0 ー ル な 5 〃 ど , ビ 5 々 ビ c 〃 ア ~ れ 4 ビ 4 0 ー SO 川 〃 じ わ 川 0 た 房 d bad 曜 g 0 れ ル ビ 々 た . ー Ed. lothing and toys are manufactured overseas. SO why not make SOft- 、 there t00 , 、 vhere labor iS cheaper? ln the last few years, many U. S. technology companies have moved their software development to lndia. ln 2004 , Hewlett-Packard became lndia's largest multinational IT employer, with more than 10 000 employees. enthusiasm for overseas outsourcmg nurrors the enthusiasm for lnternet compames in the 1990S. Ravi Chiruvolu, a partner at Charter Venture Capital, wrote that "Venture Capitalists decided that because 0f 2. 3. Joel Spolsky, D ビ れ 可 製 0 ト 怩 れ d - H 邵 e れ 市 0 川 巳 First published on the Web October 14 , 2001. http : //www.joelonsoftware.( om / a て ticles / f0g0000000007. html. See http://news.zdnet. CO. uk/bu5ineSS/emP10Yment/0,39020648,39118282,00. htm.
著 者 に つ い て Joel Spolsky( ジ ョ 工 ル ・ ス ポ ル ス キ ー ) は 世 界 的 に 認 知 さ れ た ソ フ ト ウ ェ ア 開 発 プ ロ セ ス の エ キ ス パ ー ト で あ る 。 彼 の Web サ イ ト 「 Joel on Software 」 (www.joelonsoftware. c 。 m ) は 世 界 中 の 開 発 者 の 間 に 広 く 知 ら れ 、 30 以 上 の 言 語 に 翻 訳 さ れ て い る 。 ニ ュ ー ヨ ー ク の FogCreek Software を 創 業 し 、 ソ フ ト ウ ェ ア 開 発 チ ー ム の た め の プ ロ ジ ェ ク ト 管 理 シ ス テ ム と し て 有 名 な FogBugz を 作 っ た 。 JoeI は Microsoft で ExceI チ ー ム の 一 員 と し て VBA を 設 計 し 、 Juno Online Se Ⅳ ices で は 数 百 万 人 が 使 う イ ン タ ー ネ ッ ト ク ラ イ ア ン ト を 開 発 し た 。 彼 は 以 前 に 2 冊 の 本 " User lnterface Design for Programmers" (Apress, 281 ) と "Joel on れ w " (Apress 224 ) [ 青 木 靖 訳 『 J 測 on 新 れ ware 』 ( オ ー ム 社 、 2005 年 ) ] を 書 い て お り 、 ま た 、 "The Best Software Writing I" (Apress, 2005 ) [ 青 木 靖 訳 『 BEST SOFTWARE WRITING 』 ( 翔 泳 社 、 2008 年 刃 の 編 者 で あ る 。 J 。 el は イ エ ー ル 大 学 で コ ン ピ ュ ー タ サ イ エ ン ス の 学 士 号 を 取 得 し た 。 大 学 に 入 る 前 は イ ス ラ エ ル 国 防 軍 の 落 下 傘 兵 と し て 兵 役 を 務 め 、 ハ ナ ト ン ・ キ ブ ツ を 創 始 し た 1 人 で あ る 。
252 THE BEST SOFTWARE WRITING I Hiring Programmers: The lJsual Advice 、 åost Of the writings on the subject Of hiring programmers tend tO sound the same. The usual advice is tO "only hire the very best. " l'll confess that l'm not terribly fond 0f this advice. lt is simply t00 vague. please understand that I am not advising anyone t0 deliberately seek out mediocrity. ・ We obviously want tO hire the most talented and experl- enced people we can. ln a hiring decision, the stakes are high. Your decision will affect your team, and it will affect the individual. As Joel says, "lt is much better tO reject a good candidate than tO accept a bad . If you have any doubts whatsoever, NO Hire. " 7 candidate.. But the usual advice still annoys me. The problem isn't so much with the advice itself, but with its tendency tO be misunderstood. ・ en applied with no additional precision, the primary effect 0f the usual advice iS tO create a sense Of arrogance. ThiS effect iS especially common among programmers, S1nce elitism comes naturally tO us anyway. When we hear that we should "only hire the very best," we internally translate this tO mean: The "very best"? Why, that's me! I am the "very best. " Obviously, I should only hire people wh0 are as gifted, as smart, and as good-looking as I am. After all, why should I pollute my perfect team with riffraff? lt is not surprising that this attitude provides a poor framework for hiring decisions. The usual advice works much better when it is under- stood quite differently: I want to build the most effective team that I can build. ・ When I hire another person for my team, my goal is not merely t0 make the team larger. Each per- son I hire should be chosen tO make my team better in some specific way. I am not lOOking for someone as talented as me. Rather, I am lOOking for someone WhO iS more talented than me, in at least one significant way. 7. See http : //www.joelonsoftware.com/articles/f0g0000000073.html.
36 C わ 4 1 Defining 4 D な じ ゅ 〃 れ e of saltzer and Schroeder [ 1975 ] ) and rules (identified and captured in static analysis t001S such as lTS4 [Viega et al. 2000a ] ) are fairly well understood. Knowledge catalogs only more recently identified include guidelines (often built into prescriptive frameworks for technologies such as . NET and J2EE)' attack patterns [Hoglund and McGraw 2004 ] , and historical risks. TO- gether, these various knowledge catalogs provide a basic foundation for a unified knowledge architecture supporting SOft 、 securlty. Software security knowledge can be successfully applied at various stages throughout the entire SDLC. One effective way t0 apply such knowl- edge is through the use Of software security touchpoints. For example' rules are extremely useful for StatiC analysis and COde actlvitles. Figure 1 ー 12 ShOWS an enhanced versl()n Of the software security touch- points diagram introduced in Figure 1 ー 9. ln Figure 1 ー 12 , I identify those activities and artifacts most clearly impacted bY the knowledge catalogs briefly mentioned above. More informatlon about these catalogs can be found in Chapter 11. Awareness Of the software security pr()blem is growmg among researchers and S01 れ e security practitioners. ト10 、 the most important audience has in some sense experienced the least eXPOSUre¯fOr the most part, SOftware architects, developers and testers remain blithely unaware of the problem. One obvious way t0 spread software security knowledge iS tO traln software development staff critical software securlty issues. The most effective form Of training begins with a description Of the problem and demonstrates its impact and importance. During the Windows security push in February and March 2002 , Microsoft provided basic aware- ness training tO all Of its developers. Many Other organizations have ongo- lng SOftware security tralmng programs. Beyond more advanced software security training should Offer coverage Of security engi- neering, design principles and guidelines implementation design flaws' analysis techniques, and security testing. special tracks should be made avail- able tO quality assurance personnel' especially those whO carry out testing. Of course, the best training programs will Offer extenswe and detailed coverage Of the touchpoints covered in this bOOk. putting the touchpoints intO practice requires cultural change' and that means training. Assembling a complete SOftware security program at the enterprise level is the subject Of Chapter 10. The good news is that the three pillars 0f software security¯risk manage- ment, touchpoints, and knowledge—can be applied in a sensible' evolution- ary manner no matter what your existing SOftware development approach is.