> Even when tech-savvy people is high enough in the company's hierarchy, the business culture usually is to avoid fixing a bug until the bug costs more money than its fix.
That's not quite 100% correct.
> In my honest opinion this sucks, but oh god, most companies live with a "only money matters" mindset...
That's quite 100% incorrect.
Good businesses will do risk assessment. If the risks are communicated correctly, the choice of mitigating them for a few man-hours is obvious.
There's bad businesses, but I don't think that's most businesses.
But in my experience, companies tend to look down at issues which affects customers, but don't affect the company directly, the risks are understood perfectly, but the choice almost always is "we will be as negligent with our customers as we can be, no matter if our customers die".
An old example which features "no matter if our customers die" is the Ford Pinto[1].
Fortunately, there is not a current example as fatal as the Ford Pinto, but the practice to overlook what affects customers remains in effect. At the end of the day, Risk Assessment is just a way to say "what matters to partners and investors", which is was what I tried to summarize with my previous point of "only <s>money</s> profits matters".
The Takata airbag and GM ignition switch issues are comparable, IMO.
"If the air bag housing ruptures in a crash, metal shards from the air bag can be sprayed throughout the passenger cabin—a potentially disastrous outcome from a supposedly life-saving device."
That's not quite 100% correct.
> In my honest opinion this sucks, but oh god, most companies live with a "only money matters" mindset...
That's quite 100% incorrect.
Good businesses will do risk assessment. If the risks are communicated correctly, the choice of mitigating them for a few man-hours is obvious.
There's bad businesses, but I don't think that's most businesses.