This was written in 1999, I wonder if his opinion on software engineering practices have changed. I've never worked in industry, but based on what I've read there are some pretty good processes that are supposed to have some empirical support, just not many people adopt them. Like I read a paper from 2002 in which basically no companies would consistently use good processes.<p>Most of the material in my Software Engineering course is outdated, but I imagine most companies still try to get away with minimum security and slack on good software engineering practices, like code reviews and static analysis and thorough security requirements, or what have you. Using these processes in general tends to force simpler systems. Iterative development with clear thought out implementation per iteration etc.