Communities

Writing
Writing
Codidact Meta
Codidact Meta
The Great Outdoors
The Great Outdoors
Photography & Video
Photography & Video
Scientific Speculation
Scientific Speculation
Cooking
Cooking
Electrical Engineering
Electrical Engineering
Judaism
Judaism
Languages & Linguistics
Languages & Linguistics
Software Development
Software Development
Mathematics
Mathematics
Christianity
Christianity
Code Golf
Code Golf
Music
Music
Physics
Physics
Linux Systems
Linux Systems
Power Users
Power Users
Tabletop RPGs
Tabletop RPGs
Community Proposals
Community Proposals
tag:snake search within a tag
answers:0 unanswered questions
user:xxxx search by author id
score:0.5 posts with 0.5+ score
"snake oil" exact phrase
votes:4 posts with 4+ votes
created:<1w created < 1 week ago
post_type:xxxx type of post
Search help
Notifications
Mark all as read See all your notifications »
Q&A

Post History

60%
+1 −0
Q&A How should I document a product release with an inherently flawed design?

Absolutely document them and point them out to management. As Mark says, this is a business problem. As a coder myself with forty years of commercial experience, your problem is that almost any fl...

posted 7y ago by Amadeus‭  ·  last activity 5y ago by System‭

Answer
#4: Attribution notice removed by user avatar System‭ · 2019-12-19T22:13:19Z (about 5 years ago)
Source: https://writers.stackexchange.com/a/33258
License name: CC BY-SA 3.0
License URL: https://creativecommons.org/licenses/by-sa/3.0/
#3: Attribution notice added by user avatar System‭ · 2019-12-08T07:57:30Z (about 5 years ago)
Source: https://writers.stackexchange.com/a/33258
License name: CC BY-SA 3.0
License URL: https://creativecommons.org/licenses/by-sa/3.0/
#2: Initial revision by (deleted user) · 2019-12-08T07:57:30Z (about 5 years ago)
## Absolutely document them and point them out to management.

As Mark says, this is a business problem. As a coder myself with forty years of commercial experience, your problem is that almost any flaw can be exploited to the detriment and possible losses of your clients, such a password sent using GET.

Despite license agreements that disclaim any and all responsibility for such losses, lawsuits can still happen and may cost a fortune to defend and/or settle, and even worse, publicity if such a thing happens and it is clear your company knew of it can be devastating to your company's reputation, reliability, and **_sales._** If your company cannot be trusted, and you have any competitors at all, they will exploit such a flaw mercilessly.

Write your documentation; you can describe the flaw without calling it a flaw or mistake, it is just the way the product is done. Arrange it so management can excise it quickly if they don't want to let people know; that is their job, and not **every** design flaw is exploitable, as you note some are just stupidly and unnecessarily clumsy. (A good example of that is a phone system that requires the caller to identify themselves more than once, or enter an account number more than once.)

Write it up; as an addendum or final word on a feature, or whatever. Keep your copy of the documentation with that write up. Show it to your supervisor for a final decision, along with some form of the reasoning above. They can kick it upstairs or tell you to kill it, that is a business decision they have been tasked with making. Do not presume it is your role to make it for them; it lets them (rightfully) blame you for any fallout.

#1: Imported from external source by user avatar System‭ · 2018-02-14T13:28:37Z (almost 7 years ago)
Original score: 10