I think that a large part of Atlassian's problem is their network of extension vendors. Every time you look at a feature request for simple things like "as a user I'd like to see a total of the worklog hours I've added to tickets this week" you get a chorus of vendors popping up to sell you their $10/month plugin that approximately covers your request.
If Atlassian actually fixed these papercuts their product would be better but they wouldn't be getting a cut of all subscriptions from the dozens of plugins people install to make it a usable tool.
It's a completely different failure mode, but this reminded me of an infuriating situation I had a while ago with single-use URLs and safe-links functionality in MS Outlook. I can't remember the exact details but the gist was that Outlook would replace the actual URL with an indirection which would scan the page to check it was safe when you clicked. The result was that every time I would request an activation link it would be expired by the time I clicked it. I ended up having to reverse engineer the safe-links encoding algorithm to get the original URL. I wasted hours.
What does Facebook use internally these days. I'm amazed that the state of review tools is still at or behind what we had a decade ago for the most part.
I believe that once the OpenBSD team started cleaning up some of the other gross coding style stuff as part of their fork into LibreSSL that even fairly simplistic static analysis tools could spot the underlying bugs that caused heartbleed.
The bug that caused Heartbleed was extremely obvious: read a u16 out of a packet, copy that many bytes of the source packet into the reply packet. If someone put that code in front of you in isolation you would spot it instantly (if you know C). The problem --- this is hugely the case with most memory safety bugs --- is that it's buried under a mountain of OpenSSL TLS protocol handling details. You have to keep resident in your brain what all the inputs to the function are, and follow them through the code.
I'll give you most of those criticisms, but I'm a little surprised you think our tax system is overly complicated. For the vast majority of people it's pretty much just a progressive PAYE income tax handled by your employer and a flat 15% GST/VAT on purchases without all the carve outs that seem common elsewhere.
the capital gains tax system in nz is complicated and inconsistent compared to most countries, bright line tests
the way that nz taxes foreign sourced income is also very complex with 'deeming rules' etc
it results that rich people probably pay 10% total tax and normal people pay 20%+ income tax, and then normal people cant afford real estate and move to australia.
reply