Elizabeth Ayer3d ago

I'm a big fan of this explanation/rant from Andrew Murphy.

Taken as a whole, there are many bottlenecks in a corporate software development process. The "load-bearing" calendar is a great example!

Speeding up code creation just increases pressure on the bottleneck, which decreases throughput.

https://andrewmurphy.io/blog/if-you-thought-the-speed-of-writing-code-was-your-problem-you-have-bigger-problems

If you thought the speed of writing code was your problem - you have bigger problems | Debugging Leadership

AI coding tools are optimising the wrong thing and nobody wants to hear it. Writing code was already fast. The bottleneck is everything else: unclear requirements, review queues, terrified deploy cultures, and an org chart that needs six meetings to decide what colour the button should be.

Debugging Leadership
Show threadElizabeth Ayer3d ago

So why are we still trying to optimize code creation?

For decades, people with power - executives and product people - have been shifting the blame for strategy failures and poor market insight onto development "productivity."

This AI moment should be incredibly clarifying. Like, it should be the reductio ad absurdum of a productivity-centric approach.

Show threadElizabeth Ayer3d ago

The fact that we are *not* seeing wildly improving software all around us tells us everything we need to know.

There is no flourishing of value delivery, new product categories, more needs being satisfied better. Itโ€™s the opposite.

All we are seeing is decreases in quality, because ๐Ÿ‘ code ๐Ÿ‘ creation ๐Ÿ‘ is not ๐Ÿ‘ the problem.

Show threadulveon.net (on derg.social)2d ago
@elizayer Claude Code found a 23-year-old Linux vulnerability, the kind a regular human security auditor would have taken weeks or months to find (or in this case, 23 years). https://mtlynch.io/claude-code-found-linux-vulnerability/
Claude Code Found a Linux Vulnerability Hidden for 23 Years

Claude Code has gotten extremely good at finding security vulnerabilities, and this is only the beginning.

Show threadJane Doe1d ago
@ulveon @elizayer If a vulnerability hasnโ€™t been identified or exploited in over two decades, Iโ€™m not sure itโ€™s that important to fix.
Show threadTom
@janef0421 @ulveon @elizayer well, it only means that it was hard to find. It also means that all versions are vulnerable. And as it will be public it must absolutely be fixed.
Apr 6 at 7:31pmWeb