Changes between Version 8 and Version 9 of Ticket #10280, comment 28


Ignore:
Timestamp:
Feb 14, 2014, 10:37:43 AM (6 years ago)
Author:
cypherpunks
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #10280, comment 28

    v8 v9  
    66Yes, this is correct.  A discussion would have happened still.  But the discussion at then point is more clear:  should we add this requirement, and how shall we word it?  Once that is done, then this automatically becomes a functional defect--no further discussion necessary.
    77
    8 So technically there are two defects here--a defect in the requirements, once fixed, triggers defect in the design, and then the code.  Potentially three defects.  How does your design cover the new requirement?
     8So technically there are potentially three defects here--a defect in the requirements, once fixed, triggers defect in the design, and then the code.  Potentially three defects.  How does your design cover the new requirement/vunlerability class?  Does this trigger a re-design of something?
    99
    10 And then you can tract these things.  You can track that you had either:
     10And then you can track these things.  You can track that you had either:
    11111. A defect in the requirements.
    12122. A defect in the design.
     
    2525With each ticket, you ask, is this an enhancement or defect?  You check the requirements.  If you cannot determine by checking the requirements, and it does not add new functionality, then there is a defect in the requirements.  This does not add new functionality, and the requirements are mute on this, so it is a defect.  In particular, the defect is that the security requirements are overly vague, and hence the designer did not catch this. "Is this a bug in requirements, design, or code/implementation?"
    2626
    27 You may have other projects that are more "Agile" like atlas, but Tor Browser is not one of them.  This is all a bit of an art form, and some people are great coders but suck at this.  Yet when you look at the figures, this stuff saves exponential time=$$.  Know your limitations and hire someone that knows what they are doing.
     27You may have other projects that are more "Agile" like atlas, but Tor Browser is not one of them.  This is all a bit of an art form, and some people are great coders but suck at this.  Yet when you look at the figures, this stuff saves exponential time==$$.  Know your limitations and hire someone that knows what they are doing. 
    2828
    2929You then get the benifit of determining which designs cover which requirements, which component, and which code covers which requirements, and eventually can track bugs easier, and determine responsible developers.