[zachrose]

There are a lot of interesting things to say about a $634M website that didn’t work when it should have, but what pops out at me here is the description of “poorly written code.”

This article even links directly to some of the code, which A) looks fine? and B) is like “Yeah, the problem wasn’t with procurement regulations or clear requirements or public-private cronyism or managerial competence, it was that damn person who told the computer what to do and the computer didn’t do the right thing.”

[joshuahedlund]

Here is my personal experience with some of that "poorly written" code: http://www.postlibertarian.com/2013/10/yes-the-obamacare-web...

> the text on the sign-up page, the front-end javascript validation on the sign-up page, and the text on the help page all have different requirements for valid usernames in the database!

[penguat]

That sounds like poor BA/spec work. BA asks: "what do we need from this username". BA should ask "what do we need from usernames overall"?

It's always going to be hard to be agile on federal contracts - there're too many customers to really get a clear view from them.

[joshuahedlund]

A fair point. Other examples of problems were empty drop-down menus from presumably non-cached failed DB accesses[0] and forgot password links in emails leading to an error about no match found for the provided information [me], which I suppose you could respectively file under 'unexpected heavy load' and 'bug' rather than 'poorly written code', though at some point no matter how you classify the problems it makes me nervous to submit my information because I wonder what security holes are waiting to be discovered along with the other problems.

[0]http://www.bloomberg.com/news/2013-10-02/untangling-obamacar...

[zachrose]

Your descriptions of the painful bugs are all apt, your absolutely right that it should deter anybody from feeling like their data is in good hands.

But just as you can find a bug deep in the code, you can also go up the stack and ask how it got there: how were the specs for a valid username defined and published? Where were the tests—or at the very least, QA procedures—that should have encoded and verified those specs? Where were the managers that should have made sure those tests existed? Where were the manager's manager that should have delegated resources to the manager to get those tests written? Where was the manager's manager's manager who knew how to hire someone who would value quality control? Who was on the government procurement panel that did not adequately assess their contractor's ability to deliver quality?

[hga]

We've reached ... some sort of level when Drudge includes a highest level (most prominent on the page, at the very top left) link to a page of its Javascript: https://www.healthcare.gov/marketplace/global/en_US/registra...

It's titled "Crazzzzzzzy code..."

[adolph]

Over half a billion spent and they couldn't afford jslint?

Or view StackOverflow on multiline text in JavaScript?

http://stackoverflow.com/questions/805107/creating-multiline...