I love the web. I love web developers. Heck, I love all developers. I co-run a conference about software development because development is creative, fun, profitable, and excellent for New Zealand’s economy. If you want advice about how to be a great developer*, I’m always available to talk, and I’m very friendly.
But right now, I’m angry.
I don’t like being an asshole. Honestly. But if you put your shitty half-assed website online, and shout from the rooftops that you’re going to take down Trade Me, and what’s more you’ve got forty servers and millions of dollars to do it, you’ve gotta bring your A-game. You have to realise that people are already laughing at you because of the “take down Trade Me” comment. They’re already looking to see where you slip up. Don’t give them a wide open target.
Don’t be putting up a website that looks like it’s coded by 50 monkeys in a room bashing keyboards with their copies of “An Idiots Guide to HTML”. It’s not like product development where you can hide the rough edges inside a shiny casing. We can see how good the website is just by viewing pages.
Seriously, I don’t throw around the term “shitty half-assed website” easily. I’d be appalled if someone called something I’d built shitty and half-assed. I’d wonder what I had done to deserve such abuse. I’d go back and look at my code and try to understand what offended them so. If I looked and found some of this stuff, I’d hang my head in shame:
- Security holes you can drive a truck through. Holes that are clearly listed on the OWASP top 10. Total newbie errors.
- Passwords sent in clear-text over email, who cares if they are stored in reversible encryption: if you can decode my password on the server, you are Doing It Wrong.
- Unfinished features, like being completely unable to edit images on an auction.
- Spelling mistakes all over the place.
- Blank emails sent to customers to notify them of auction events.
- Horrible UX issues like not being able to submit a search (aka your website’s number one use case) with the enter key.
So yes, your website is shitty and half-assed, and you should feel bad. You’re giving web development a bad name.
What’s more, if you put up another shitty half-assed website within days of this huge failure and claim to be “better”, you have zero leeway. You’ve just watched someone else go down in flames. The least you can do is ask your developers if they’ve taken rudimentary steps to secure the website. Like maybe even sanitising user input to remove script tags?
I sound like a complete cocky asshole in this post, but it’s because I’m bloody angry. There are hundreds of wonderful, dedicated, skilled web developers in New Zealand, and this week’s embarrassment is an offence to all of them.
Wheedle and ListSellTrade, go and get some expert advice from these people. Trust them, listen to them when they tell you what is required of you, and help make the web a better place.
* I’m not a great developer. I’m a good developer who has some ideas about how to get better.