The Atlantic Was Wrong. Software Engineers Do Exist.

An article written by Ian Bogost in The Atlantic today declared that programmers should “stop calling themselves engineers”, calling it a disservice to the civic professionals who build our skyscrapers and heavy machinery.

Civic engineers, according to Bogost, have a responsibility to the public to construct buildings and machines with integrity, knowing that if they make a mistake, people’s lives are at stake. Software engineers, by contrast, do not build in the interest of the public, and therefore should be called “programmers” or “software developers”.

Bogost is partially right. Today’s average software developer connects prefabricated pieces of code together to make it work, but touches little of its underlying infrastructure. Someone building software in 2015 will have a much easier time than someone in 1998, because so much of the work has already been done for us.

Instead of writing complex JavaScript, we can use jQuery. Instead of building our own user authorization, we can use OAuth. Online resources are so widely available that sometimes building a new application requires little more than Google and copy-paste.

However, there are still software engineers deserving of the title, and the clue lies in a term used by Bogost himself: infrastructure.

Bogost suggests that infrastructure means physical things like engineers building bridges, yet he ignores a growing, uncomfortable fact: we have digital infrastructure, too. Digital infrastructure doesn’t just refer to hardware, like physical servers and networks. It also refers to the layers upon layers of developer tools, languages, libraries and frameworks that make it so easy for “programmers” to code today.

Digital infrastructure may not be as permanent as physical infrastructure. It may change frequently. But millions of people still depend on digital infrastructure to function. These tools are actively maintained by volunteers who work relentlessly, without pay, to ensure a programmer’s favorite Python http library doesn’t break, or that they can get up and running on Django in no time. And those programmers, in turn, make our well-loved consumer and enterprise apps, like Instagram or Slack, that we use every day.

Perhaps, if these software engineers make a mistake, people will not die, as with the civil engineers building bridges. But bad things can still happen.

Last year’s Heartbleed bug was considered to be one of the worst security vulnerabilities in history. It allowed for potential theft of servers’ private keys and the stealing of users’ session cookies and passwords. The bug was found in a software library called OpenSSL, used by two-thirds of the world’s web servers today.

Who maintains OpenSSL? A team of 11 volunteers, only one of whom was paid full-time to work on the project. For years until Heartbleed happened, OpenSSL did not pull in more than $2,000 in donations per year, despite its widespread usage — the rest of their revenue (still <$1m/yr) came from contracts and consulting services.

Steve Marquess, one of the project’s leaders, wrote of the situation:

These guys don’t work on OpenSSL for money. They don’t do it for fame (who outside of geek circles ever heard of them or OpenSSL until “heartbleed” hit the news?). They do it out of pride in craftsmanship and the responsibility for something they believe in.
I stand in awe of their talent and dedication, that of Stephen Henson in particular. It takes nerves of steel to work for many years on hundreds of thousands of lines of very complex code, with every line of code you touch visible to the world, knowing that code is used by banks, firewalls, weapons systems, web sites, smart phones, industry, government, everywhere. Knowing that you’ll be ignored and unappreciated until something goes wrong.
The combination of the personality to handle that kind of pressure with the relevant technical skills and experience to effectively work on such software is a rare commodity, and those who have it are likely to already be a valued, well-rewarded, and jealously guarded resource of some company or worthy cause.

Marquess’s description sounds a lot like Bogost’s portrayal of Canadian engineers, many of whom wear an Iron Ring to signify the “pride which engineers have in their profession, while simultaneously reminding them of their humility”. (Wikipedia) In fact, Marquess’s blog post is titled: “Of Money, Responsibility, and Pride”.

It’s become acceptable in tech media to portray software developers as self-entitled, overpaid neckbeards. Their readership, presumably of the nontechnical sort, accepts this portrayal as accurate. But to perpetuate these stereotypes ignores those toiling thanklessly under the hood to give those overpaid “programmers” and “developers” such a cushy job in the first place.

Stephen Henson, the only full-time employee of OpenSSL, is such a private person that Marquess asked his readers not to contact Henson directly, instead offering his own email address and volunteering to collect and forward the comments to Henson himself.

If Bogost is correct, and today’s computer programmers don’t really do that much complicated work, then we must acknowledge there is still a quiet class of true “software engineers” who are working hard to make it easy on the rest of us.

They’re making it so easy for us, in fact, that we forget they’re even there.