I'm so tired of it all. Countless times it has been tried to enact laws like this. And it's not just this surveillance law that depresses me, reading up on the cyber resilience act just feels to me like it will suck even more fun out of software development, at least in a professional context.
We just have to get used to this being an eternal political fight. There will always be politicians with a desire for control and/or a lack of technical understanding that will try to take control of people's communication in this way.
I guess the best way to counteract this is well funded institutions whose purpose it is to fight that fight for us. I'm using this realization as an occasion to make a donation to the EFF.
> And it's not just this surveillance law that depresses me, reading up on the cyber resilience act just feels to me like it will suck even more fun out of software development, at least in a professional context.
God forbid people who love to use the title engineer will have to apply the rigour and standards of actual engineering to the work they do.
I had a horror of meeting some. Those can be, basically, put into two categories: 1) completely brainwashed (engineers aren't immune to that, unfortuntely), 2) drowning in regret and alcohol (being hostages of the situation).
1) There are a lot of people doing engineering without a degree. One example: many makers are not engineers and they do a lot of good stuff anyway. What they don't do is taking legal responsibility because they are not allowed to. It's no warranty / no fitness for a purpose stuff. Similarly there is a lot of software with no warranty / no fitness clauses. History demonstrated that it's good enough to keep the world spinning.
2) Most people in the software industry do engineering jobs no matter if they have a degree in Computer Science or Software Engineering (I didn't check the USA name for that, sorry) or in anything else. I know very good software developers, maybe with an architect / engineer job title, with no degree at all or with a degree in Graphic Design or Philosophy or Agronomy. They moved to software development because they tinkered with their computers, wrote some programs and discovered that they are good at it. Nobody notices the difference after 5 or 10 years of work. The only downside it's a little narrowness of expertise: they have many more unknown unknowns because nobody systematically told them what's there outside and how it works, even at high level. One example: that good software developer with the Graphic Design degree told me once that he doesn't really know how networking works. To him it's the configuration screen of his Mac and HTTP calls from Node.js.
> If software dev had been licensed and regulated this way we’d have only a tiny fraction of what we have now in terms of languages, OSes, tooling, etc.
It's starting to sound like a very good idea.
> There are specific areas where it makes sense but doing it broadly will just halt all innovation.
Or speed it by focusing efforts on well designed software.
Yea, like the Windows 9x days. The best days ever, for sure. The best days for a fucking disaster and a collapse of the Western economy in a matter of days if you suggested that turd.
This isn't in relation to either the chat control law or the cyber resilience act, I haven't read either proposal in enough detail to have a strong opinion on them. But I want to comment on the "sucking the fun out of professional software development" part.
Should we expect professional software development to be fun? There's a lot of laws out there which arguably "suck the fun out of" civil engineering, but I certainly appreciate the fact that there are standards in place to try to keep bridges, tunnels and buildings from collapsing.
Maybe it's not the worst idea in the world to have enforced engineering standards for the digital built environment like we have for the non-digital built environment, and treat it less like a playground where programmers can do whatever they want?
Just a thought, I don't have very strong opinions on this topic.
> Maybe it's not the worst idea in the world to have enforced engineering standards for the digital built environment like we have for the non-digital built environment
If you're building infrastructure control systems, sure.
But for software that "enable human-to-human communication"?
Do we have engineering standards for printing out pamphlets, teaching foreign languages, inventing board games, writing a song?
Obviously the standards should be in concordance with how critical the infrastructure is. I thought that went without saying. I'm just trying to ask if we should expect working on critical infrastructure to be "fun" and not burdened by regulations.
Yea, I wouldn't have a problem with that regulation if it would be applied to only these critical areas. But it seems that they want to apply this directive to all software that's sold in the EU.
To be fair, I haven't read the actual draft, just read some reporting about the implications for open source software.
