Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
David Kramer wrote: > The more I read 2600, the more I feel that cracking is a people problem, not a > computer problem. People who rely on known-buggy software, people who do not > use firewalls, people who do not keep their software updated, people who do > not pay the money to hire smarties to protect their company against > others.... That was an appropriate approach to take for the first, say, 1 million or even 10 million computer users. It doesn't scale to 100 million or 1 billion+. Take two common products, a Sony camcorder and a Linksys wi-fi hub. Which is the more-complex product? Probably the camcorder, but that's neither here nor there. The point is that if you called up Sony and asked them for a firmware update to correct a design flaw, they'd laugh at you. On the other hand, if Linksys didn't have a firmware-update download page, you'd laugh them off and choose a different supplier. I think something is wrong with this picture. When consumer-electronics companies launched their products back in the 1940s through 1960s, a whole industry of 3rd-party service shops was spawned. The products weren't bug-free, and consumers expected things to break--but they also expected to find a reasonably-priced service shop available whenever a problem came up. So long as the TV or stereo kept working, they had no reason to check a newsletter or call a support line or schedule a service checkup--just use it 'til it breaks, then get it fixed a few times, then scrap it once it's too costly to keep fixing. In the 1970s and 1980s, the service-shop approach ceased to scale. Consumer electronics companies (and car companies) were forced by economics to make products that didn't break. Service shops found fewer customers, and are now a quaint echo of the past if you can find them anywhere anymore. Current-generation products have few, if any, field-replaceable parts owing to the rise of the IC. (Yesterday's news gave me a poignant reminder about what can happen if an industry fails to address reliability scaling. Light aircraft never got the same level of reliability innovation that passenger cars did, mainly because the manufacturers got sued almost out of existence in the 1970s and therefore stopped making planes from about 1978 until 1996. A Beech 1900 is a typical product of that pre-1978 era, and there aren't any cost-effective alternatives developed in the 25 years since. I gave up private-piloting years ago when too many friends got killed or injured in obsolete Cessna and Piper aircraft.) What we're witnessing now, I think, is a comparable collision of consumer demand with a scaling problem in software reliability. Anyway, I ramble with analogies which go well beyond the Microsoft-Linux rivalry in today's headlines. Patterns of consumer behavior (and litigation) seen in other industries should make clear what has to happen next with software. Individuals simply are not going to take recommended precautions; the device they pick up at a store simply has to work in its default configuration without thinking about it. Period. -rich
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |