Ask your questions for Eli and the rest of the Silicon Discourse community here.  Build your reputation by giving advice to others too!

174 views
0

Hey Eli James_S here. My question is do you think its possible for boot camps to teach students information security and Quality Assurance in relation to coding? Especially in a short time frame. Should security be added to the curriculum or once students exit the program they should take it upon themselves to learn security?

1

Follow-up: A good book for programmers: The Pragmatic Programmer

It’s no about methods or programming languages, it’s about the mindset and useful tools you may find handy as a programmer.

1

Quality Assurance is best taught in my experience by letting people not only code new stuff but force them to especially manage their own code over time. This way they learn, what worked and what not. Best quality assurance is good planning, the generalization of code which starts to repeat itself, write the easiest possible code solving the problem (if you don’t understand the code you wrote yourself after a week, then it’s probably not good code) and writing tests. Documenting stuff is also a good way to ensure quality: it’s almost philosophical, what you cannot put into words while documenting will most likely make no sense in code also.

My two cents on Quality Assurance. 🙂

1

I am not Eli, but I will be bold enough to still write an answer 😀

Security is not something to be learned or taught as an “add on package”, as you imply. Eli said this sometime ago “security is not something special beyond getting basic configuration correctly” (paraphrased). Same in coding. If you see a bootcamp that teaches you how to do, say, form input, and says “oh and by the way, if you want to validate input, avoid SQL injection, not store password in clear text, you’ll have to learn that thing over there”, do not just run from them, REPORT THEM. Storing user data properly in a SQL schema is something you do by default, not an after thought. If bootcamp does not tell you how to create form field securely as an embedded in the curriculum concept, stay away and let others know.

Quality Assurance is a more tricky one. This goes into learning ALM (application life cycle management). As much as it is very very important subject, problem is youngsters do not see value in it until they get more experience and shoot themselves in a foot a few times (“mom, why should I not touch hot stove?… its bad for you, dont you dare try it!… -> hospital trip some time later”). As such, they tend to become frustrated when time to learn “the right way” to do things takes away from fun time of banging code out. They will either give bad reviews or attendance will decrease.