One thing I've learned over the last few months is that nothing happens quickly or easily in a company of over 125.000 people.
My rewrite effort has been bogged down in security certifications and other time-consuming stuff, so I've been unable to sit down and do much actual code.
In stead, I've been reading Modern Perl again, and trying to wrap my head around PCI security standards compliance, and reading a whole stack of blogs and books about Perl (thanks, guys!).
I can't say I understood anything beyond the basics. "Stop people that don't need access to credit cards from getting at them." Where I'm from, we don't need a 9001 page document to say that, but I guess they want to cover every base.
I'm just wondering how much these endless phone conferences, meetings and delays have cost.
Not just of my time, but several people that make twice as much as me, and a couple that make at least five times as much.
What did we end up with in the end? Pretty much the same thing proposed back in May.
The difference is, that it's now been vatted by Security, and approved. I see why that was needed, but at the same time I don't understand why I was involved. I have a good grasp of security on the code level, such as never ever trusting user input, and all that, but I haven't contributed much to the whole security discussion.
On top of that, I can't really write much code until the development model is approved, or I'd risk having to rewrite it all every other week.
I'm just very glad I've had so much to read and do outside writing code so I haven't degraded into silliness, but I can't help thinking this has been rather unproductive on the whole.
Can I just do my job now, please?