Nice blog post about code review. Most of his comments are very true. When you audit a product the first thing that you have to face is, criticize.
At Google, no code, for any product, for any project, gets checked in until it gets a positive review.
Some good points:
1) Having a second set of eyes look over code before it gets checked in catches bugs.
2) Code reviews spread knowledge.
3) It takes some time before you get good at reviewing code.
4) The most common mistake in code review – the mistake that everyone makes when they’re new to it – is judging code by whether it’s what the reviewer would have written.
5) Your job as a reviewer of a piece of code is to make sure that the code as written by its author is correct.
6) If you constantly go hunting to try to find something to criticize, then all that you accomplish is to wreck your own credibility.
7) You shouldn’t rush through a code review.
8) The biggest advantage of code review is purely social. If you’re programming and you know that your coworkers are going to look at your code, you program differently.