Comment by firesteelrain
4 months ago
I disagree that coding doesn’t have regulation. If you have never developed code in a professionally regulated industry such as Airworthiness then you haven’t been exposed yet to an area that requires rigorous process. There are regulated areas where software is regulated.
I have DIY’d an addition onto my house with professionally architected blueprints and engineering seal. During various stages, I would call the City who would send code inspection officials to incrementally sign off on my project’s progress. Other than pouring a new slab of concrete and electrical, I built it all myself to code. I followed YouTube tutorials.
My point is that DIY isn’t the issue - lack of oversight is. With standards, expert input, and review processes, even non-experts can safely build. AI-assisted coding needs the same approach.
All true but tell the average programmer that you think their industry should be regulated and they should potentially be held liable for their code.
This is not a popular opinion on software development circles - unless you're already in one of those regulated fields, like where a software engineer (a literal accredited engineer) is required.
But it's been an increasingly common talking point from a lot of experts. Bruce Schneier writes about it a lot - he convinced me long ago that our industry is pretty pathetic when it comes to holding corporations liable for massive security failures, for example.
We have to mature as an industry. Things like not staying up to date on third party dependencies, not including cybersecurity as part of the build pipeline, lack of static and dynamic analysis, not encrypting at rest secrets, etc
It is already costing millions of dollars and it’s just accepted.