Bruce Schneier points that filesystems sometimes get in the way of secure file deletion.
I blogged about that six months ago (second point in that bill) after checking my understanding of the question with the developer of Inferno.
I since heard about similar stories quite a few times, either from software like filesystems or recovery systems or from hardware like Flash memory putting the content of a file in arbitrary locations. It seems to be a fairly well known fact among people who spent time on the matter.
To my mind, apart from shredding entire drives when the hardware is disposed of or goes from an user to another, companies should not waste time on shredding.
Of course, I guess Bruce Schneier would argue about encryption, rather than deletion :-)
Showing posts with label geekonomics. Show all posts
Showing posts with label geekonomics. Show all posts
Thursday, December 3, 2009
Monday, June 22, 2009
Geekonomics - Reasons for the States NOT to invest in opensource
Third of the series of articles inspired by David Rice's Geekonomics. This article is not directly related with matters from the book, yet I got the idea while reading the book.
FLOSS = Free/Libre Open Source Software (as abbreviated by the European Union)
If you're like me and enjoy, use and promote FLOSS, you might be wondering why some States do not favour FLOSS in the public infrastructure.
Well, they do use FLOSS, as a matter of fact, because you can't build a whole infrastructure made only of proprietary software and if you tried, it would be extremely expensive [and potentially disastrous for compatibility issues]. So, you might be wondering why some States do not favour FLOSS more than they do, in the public infrastructure.
So far as I can understand it, most States are running a race to be in the first positions of wealth, military strength and fame. Things can be different for the top one, which would only want not to lose its rank. And things can be different for the bottom ones, who simply have too many matters to address before they will concentrate on a worldwide competition.
So, let's assume we speak about the countries in the top thirty of this world, except the very first ones. This group is made of countries like France, Italy, Germany, Russia, Brazil, India, South Africa... Why do these countries not publicly favour FLOSS more than they do?
To favour it more, they could:
FLOSS = Free/Libre Open Source Software (as abbreviated by the European Union)
If you're like me and enjoy, use and promote FLOSS, you might be wondering why some States do not favour FLOSS in the public infrastructure.
Well, they do use FLOSS, as a matter of fact, because you can't build a whole infrastructure made only of proprietary software and if you tried, it would be extremely expensive [and potentially disastrous for compatibility issues]. So, you might be wondering why some States do not favour FLOSS more than they do, in the public infrastructure.
So far as I can understand it, most States are running a race to be in the first positions of wealth, military strength and fame. Things can be different for the top one, which would only want not to lose its rank. And things can be different for the bottom ones, who simply have too many matters to address before they will concentrate on a worldwide competition.
So, let's assume we speak about the countries in the top thirty of this world, except the very first ones. This group is made of countries like France, Italy, Germany, Russia, Brazil, India, South Africa... Why do these countries not publicly favour FLOSS more than they do?
To favour it more, they could:
- Ask for documented, free to implement, data formats. This way, wars fought by software makers on purposeful incompatibility would be avoided.
- Ask for more FLOSS inside all public agencies.
- Ask for more education in FLOSS in the public education system.
- Invest directly into FLOSS development, or make a policy that some public developments will be made FLOSS after some time.
- By asking for documented, open, data formats, or by asking for FLOSS inside public agencies, the State would agree to spend money on a shift, that would probably be beneficial, yes, but the economic developments involved (more developers, maintenance contracts, etc) could be beneficial to people or companies located anywhere on Earth, because of the very nature of FLOSS. On the contrary, when a State signs with a precise, well-known, software maker, it knows where the profits will go.
- By asking for more education geared toward FLOSS, a State agrees to turn its youth to an uncertain future. While the future is obviously uncertain, there is more certainty in teaching the youth how to use what's majority and paying than in teaching them what's still minority and looks like not-so-well rewarding. So, short-sighted politicians might see education in FLOSS as a bad investment for youth.
- By investing into FLOSS developments, the State agrees to spend money on its own, while the fruit of this investment can be eaten by all. In a competition, it's bad invested money. It is more interesting, as a State, to invest in a proprietary development by a local company and see the licenses be paid by other countries.
Geekonomics - Criticism of Chapter 6 on opensource software
Second of the series of articles inspired by David Rice's Geekonomics.
I am not totally satisfied with David Rice's take on opensource software in his Chapter 6: Open Source Software: Free, But at What Cost?
While he definitely has good points as a whole, and while I see his description of some of the hidden defects of opensource projects as accurate, I am sad that he forgets to mention about real big companies taking a part in opensource developments. Companies like IBM, Sun (now Oracle) or Apple all make some opensource developments, and you cannot tell that they act as beginners or non-professionals in their development methodologies.
And I am also a little surprised to see that the author compares opensource development projects to an "idealized" proprietary development project. For instance, he says it is possible that a part of an opensource software will go unmaintained because of a lack of interested people and forgets to say that even in big proprietary developments, such things also happen, because of mediocre management or because of periods of deep stress.
I would say that Chapter 6 holds some good points but my conclusion be:
I am not totally satisfied with David Rice's take on opensource software in his Chapter 6: Open Source Software: Free, But at What Cost?
While he definitely has good points as a whole, and while I see his description of some of the hidden defects of opensource projects as accurate, I am sad that he forgets to mention about real big companies taking a part in opensource developments. Companies like IBM, Sun (now Oracle) or Apple all make some opensource developments, and you cannot tell that they act as beginners or non-professionals in their development methodologies.
And I am also a little surprised to see that the author compares opensource development projects to an "idealized" proprietary development project. For instance, he says it is possible that a part of an opensource software will go unmaintained because of a lack of interested people and forgets to say that even in big proprietary developments, such things also happen, because of mediocre management or because of periods of deep stress.
I would say that Chapter 6 holds some good points but my conclusion be:
- Opensource software is not a radical change from proprietary software in the methodologies.
- Opensource software is not radically more secure or of better quality than proprietary software by essence.
- The "given enough eyeballs, all bugs are shallow" argument is valid, and those opensource software which have a high number of both users and developers actually get an improvement of their quality and security.
Geekonomics - Reasons for the States NOT to fix software quality problems
First of the series of articles inspired by David Rice's Geekonomics.
As an introduction I would like to give two figures from the first chapters of the book.
David Rice's point
In the beginning of the book, David Rice argues that software developers have no incentives to make a better work. In chapter 5, Absolute Immunity: You Couldn't Sue Us Even If You Wanted To, David Rice shows that the US government is not making anything against software failures. On the contrary, the US gov gives developers the free hands and no responsibilities of any kind if they should get sued over damages resulting from the use of their software.
And he goes for a short explanation that the US system waits for citizens to become plaintiffs and sue software developers before any public authority will react. He quotes the typical reaction that you would get if you tried to make a law about software quality, through Ronald Reagan's words:
Government is not the solution, government is the problem.
My point
I quite agree with the author on the observation. The US gov does nothing, or goes against any initiative geared towards better software. But I don't agree with the far too simple explanation he gives. I guess a $180 bn issue would get a law if there were no incentives for not making a law. And I can see three reasons a country like the US wouldn't want to improve software quality.
As an introduction I would like to give two figures from the first chapters of the book.
- An estimate of the US losses coming from software failures (both quality or security) at the scale of the whole country: $180 bn a year. (yes billion, not million)
- Deaths occur from software failures. Multiple times per year, if they are not numerous enough to make statistics [yet].
David Rice's point
In the beginning of the book, David Rice argues that software developers have no incentives to make a better work. In chapter 5, Absolute Immunity: You Couldn't Sue Us Even If You Wanted To, David Rice shows that the US government is not making anything against software failures. On the contrary, the US gov gives developers the free hands and no responsibilities of any kind if they should get sued over damages resulting from the use of their software.
And he goes for a short explanation that the US system waits for citizens to become plaintiffs and sue software developers before any public authority will react. He quotes the typical reaction that you would get if you tried to make a law about software quality, through Ronald Reagan's words:
Government is not the solution, government is the problem.
My point
I quite agree with the author on the observation. The US gov does nothing, or goes against any initiative geared towards better software. But I don't agree with the far too simple explanation he gives. I guess a $180 bn issue would get a law if there were no incentives for not making a law. And I can see three reasons a country like the US wouldn't want to improve software quality.
- "Don't worry, be crappy". This maxim by Guy Kawasaki summarizes well the way software companies get into the subject. They try to output something they can sell, whatever the quality. But this reasoning also goes for countries. Software is a global trade good, and a big software maker as the US doesn't want to slow down the sales by making quality restrictions. If a law were passed, it would probably impact the economy of the country. Same goes for other developed countries.
In the same train of thoughts, if a law were passed, maybe some development companies would offshore developments. - We are still in an early phase of software deployment. Though it is recognized that a big company now has to do better IT rather than more IT, it is still important for many countries, including the US, to do more IT, even at the cost of not doing it better. I mean, a country like the US gets a competitive advantage from doing more IT, getting more automated stuff in its services, agencies, its companies, etc. and would "competitively speaking" lose time by concentrating on the improvement of quality and security.
- As is long argued in the book, there is an underground market for security vulnerabilities. This market is the fact of underground hackers, but if the underground does it, there are good reasons to believe that the "official" intelligence services do the same. If so, it is rather possible that intelligence services from the typical countries such as the US, France, Israel, Russia or China (which are coincidentally the biggest software developers) have good interest in keeping a high level of not public, unpatched vulnerabilities. They want to know the vulnerabilities themselves, be able to penetrate a lot of places, especially for industrial eavesdropping, and they absolutely do not want software makers to patch the vulnerabilities.
Sunday, June 21, 2009
Articles about Geekonomics to come
Following the return of my copy of Geekonomics: The Real Cost of Insecure Software, by David Rice, I am in the process of writing a few articles about the ideas from the book.
Go read the book if you're interested in understanding the phenomena around and beneath software insecurity and bad quality.
Since I do not want to plunder the author's content by making a detailed summary or quoting the most interesting excerpts, I am selecting a few subjects and trying to explore them a little further than the book. Which will be very hard since I do not have all the investigation sources that Rice may have had, nor patience, skills and experience. For short: I will give some opinions from my understanding of matters in or around the book.
Go read the book if you're interested in understanding the phenomena around and beneath software insecurity and bad quality.
Since I do not want to plunder the author's content by making a detailed summary or quoting the most interesting excerpts, I am selecting a few subjects and trying to explore them a little further than the book. Which will be very hard since I do not have all the investigation sources that Rice may have had, nor patience, skills and experience. For short: I will give some opinions from my understanding of matters in or around the book.
Sunday, March 22, 2009
Articles about Geekonomics - delay
I told to some of my readers that I would write a series of articles on Geekonomics: The Real Cost of Insecure Software, by David Rice. This excellent book attacks the macroscopic questions of why software is so insecure and how to secure it.
I have lent this book and will be late (gosh, I am already late), till I get it back.
I have lent this book and will be late (gosh, I am already late), till I get it back.
Subscribe to:
Posts (Atom)
Posts
