A Beautiful Software Development Advice

My note on LinkedIn recently about my worry about CI/CD being potentially responsible for the repeated appearance and disappearance of bugs in software systems sets the backdrop for this follow-up note. My previous note described a bug that I encountered while working with the LastPass password manager on the Edge browser on the Fidelity.com website.  On that note, I suggested that Continuous Integration and Deployment of code might be compromising the software quality and might be causing the intermittent bugs seen on deployed software. I also suggested that since modern software is used by millions of people around the globe simultaneously, the software industry should not underestimate the total cost of such bugs.

I as a user don’t need to investigate software developed by major corporations, but this incident reminded me of one of the best pieces of advice about software development that I have ever received.   I have used this advice in my career in the software industry (and in my personal work) and others may also benefit from the advice. 

Nearly three decades ago I was working with a colleague of mine on a piece of software system that we were responsible for developing. The software exhibited some mildly strange behavior that did not seem to require immediate attention. We both noticed the defect but before we could decide to address or ignore it, my colleague inadvertently said something that was etched in my mind forever.  My colleague said, “Let us not let that bug go to waste.”

If our goal is to produce software with zero defects that never fails (or, never fails in the hands of the end-users) software bugs are our biggest assets. Every bug left unattended might manifest itself in unknown situations and every bug fixed as soon as possible takes us closer to the coveted zero-defects goal. 

This advice will be useful for many but what about the bug that I mentioned in my note? I did not want to manually type my passwords at Fidelity repeatedly, so I had no choice but to investigate it further. I was able to reproduce it at Schwab.com and a few other sites also. So, Fidelity turned out to be innocent. Like all interesting software bugs, this one was also intermittent. It appeared sometimes and then it seemingly disappeared without a reason.  

I was eventually able to reproduce and bypass it at will (on or around March 23, 2023). Here is how it happened: 1. Log in on LastPass so it is ready to fire. 2. Start a new instance of Edge. 3. Go to the Fidelity.com login page. 4. Click on the three red LastPass dots and start counting: 1 one thousand, 2 one thousand, … 1000 one thousand … (Your user id and password should appear in the login boxes, but they won’t.) 5. Repeat step 4 and still, nothing will happen. Bravo, you have reproduced the bug. But don’t give up. Just press the plus sign on the browser to start a new browser tab and get ready for the magic. 6. After the new tab shows up, go back to the old tab. Guess what? Your user-id and password will be exactly where they should be. You can now log in and resume your work. You have learned to bypass the bug!

I do not know if this bug is due to LastPass or Edge or a combination of the two. To investigate it further is not my interest. But I hope that someone somewhere follows the advice that my colleague gave me decades ago and does not let this bug go to waste.

Neeraj Bhatnagar, 3/23/2023