Or are we? This paper, submitted to the Rogers Commission in response to the Space Shuttle Challenger disaster in 1986 by Richard Feynman on the reliability of the Shuttle is full of fascinating insight, not only on NASA procedure but also on the philosophies of adequate robustness and error tolerance in design.

Illustrating benefits of incremental, bottom-up design and the importance of reducing features before reducing quality, Feynman sounds like he could be writing about application design for 37signals.

The proper way to save money is to curtail the number of requested changes, not the quality of testing for each.

In other words, it's better to release half a product than a half-assed product. Of course, usually no one dies when your webapp crashes. So it is astounding that the discrepancy between reliability estimates from NASA management and from engineering is 1000:1. Apparently the managers didn't study their statistics long enough to realize just how impossible it is to prove such an infinitesimal probability as 0.001% in a relatively tiny number of trials. And sadly, time has proven even the engineers' estimate to be optimistic. Whether you look at the casino or at Cape Canaveral, it seems to be a profoundly human trait to overestimate the importance of an insignificant number of trials in ill-fated attempts to predict the future.

For a successful technology, reality must take precedence over public relations, for nature cannot be fooled.

But O how often she does such a fine job of fooling us.

(From Confused of Calcutta via Alex Bisceglie)