Geekonomics: The Real Cost of Insecure Software by Rice David

Author:Rice, David [Rice, David]
Language: eng
Format: mobi, epub
Publisher: Addison-Wesley Professional
Published: 2007-11-28T16:00:00+00:00

To put this problem in context, when concrete is used for a roadway, it increases the speed cars are permitted to drive. When crumple zones are added to vehicles it does not make the car go slower, nor do the addition of seat belts or airbags degrade a car's performance. Just about every safety feature added to vehicles not only avoids detrimentally affecting the possible speed achieved but increases the speed at which cars can travel safely. In contrast, the security products used to protect our software—firewalls, intrusion protection systems, anti-virus, anti-spyware, and so on—all negatively impact the performance of the network, the computers, or both. This slows everything down, inhibits information people are willing to share, and promotes mistrust of an already mistrusted system.

The argument in software oversight is not that government cannot innovate at market speed, nor even that government cannot provide services better than the private sector. The argument is much more subtle. The problem is that government might fail to regulate the correct things in software production. But the same can be said of the software industry. It is not like the software industry cannot innovate or provide services that support the population as a whole, but that the software industry might fail to innovate on matters that do not have an overwhelming and immediate economic upside but are critical to national and economic well-being nonetheless.

Robust construction increases the velocity at which people, products, and money may travel. Software is certainly faster than manual processes, just as a Ford Model-T is faster than a horse, but like a Model-T, current software development practices are failing to deliver the speeds and safety comparable to the capabilities of a modern, five-star rated automobile. As for the network, well, our two lane farm road does not help matters any.

The question is not whether regulation will come to software. The question is what form oversight will take. But, as David Whyte reminds us, stopping to ask this question means we "might not like the self-appraisal stopping would require." But of course, the thinking is we cannot stop to ask this question because not only might the self-appraisal be unpleasant, but we just might mortally wound our economic well-being, hinder the inevitable march of technology, and endanger all the utopian advantages technology may yet provide.

To be clear, there is nothing intrinsically wrong with traveling at high speed, but the infrastructure must be able to support it and the safety of those who seek it. The triumvirate of cyberspace—the network, the applications, and the people—requires no less oversight than the triumvirate of transportation. The Interstate should teach us that much at least.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.