Insecure at Any Speed
Monday, February 1, 2010 at 10:18PM This tweet from Chris Espinosa got me thinking:
"the personal computer is a petri dish for malware. It's a terrible consumer product. You wouldn't accept that flaw in any appliance"
..followed by:
Control over code execution is just a part of 21st century digital consumer products. You can argue with *how* Apple does it, but not *why*
What if someone at Apple looked into the future and saw computer vendors in the dock for knowingly selling defective products to the unknowing consumer in the same way that tobacco companies have done in times past?
Sounds like a great resume-builder for any hungry young DA, no?
I have absolutely no doubt that the major OS vendors know of serious security bugs in various parts of their products, but have decided that the task of fixing them all is far beyond the cost/benefit curve.
What if "starting over" (conceptually, if not literally) is the only way to demonstrate good faith?
Reader Comments (5)
I don't quite follow. Are you saying that open platforms are defective by design? I've been surprised before, but I don't think the trade bureaus of many "enlightened", democratic nations would get mad at an OS vendor just because they didn't require all code to match a centrally signed provisioning profile. (On second thought, the Motherland Security bureaus might, but that removes certain qualifiers in the previous sentence.)
He's more likely to be saying that the developer/vendor could be held accountable (or share accountability) for any consequence of what he distributes.
As in an OS vendor/developer being held accountable for damages a third party application may cause (at least if the application misbehaves because of an OS bug). And the existence of a potential problem was known, that could be even worse.
It may sound crazy that a bug (potentially just a missing punctuation character in multiple million lines of code) could make you accountable for potentially unlimited damages. But we do have patents on software, and that is even crazier.
@natevw I'm not saying Operating Systems are defective _by design_, but they do have flaws - in some cases serious flaws.
Mr. Fraser Speirs,
The only problem with your tobacco analogy is that tobacco never was defective. Everyone always knew it could kill you but they liked how it made them feel so they smoked iit anyway. It did what it was supposed to do. Cigs were called "coffin nails" long ago. Wasn't there a Turkish sultan who cut off smokers' heads? So it definitely annoyed the over-sensitive centuries ago. Now smokers are claiming to have been deceived in some way because idiot tobacco company executives tried to deny what tobacco could do. They should have pointed out that they never made anyone smoke it and decried the hypocrisy of the politicians like Al Gore who grew tobacco as his father did, then attacked the companies. Same with alcohol. Is there really any drinker who doesn't know he might become an alcoholic and die of liver failure?
Anyway, I love your iPad article. It is a game-changer and will help people do more things they want done more easily and with less fuss. I couldn't believe the wankers who complained that you couldn't print from the iPad. Print?? On paper? Why should you when everyone has an iPad? Those comments are going to look screamingly funny in a very few years.
Oh, by the way, I did wonder, you being from Greenock on the Firth of Clyde and all that, if you'd ever run into members of my dad's family who used to have a farm on the Isle of Arran? His father was a gunlayer on warships made in Glasgow who brought his family to Boston, America, in 1924. Then, somehow, I wound up doing property tax law in Tallahassee, Florida. Life is unpredictable. And it will be more fun with an iPad.
With tobacco, people knew it was dangerous yet still got pretty far with claims against the manufacturers. How much more so when the OS vendors keep saying "More secure! More stable! Safer!" every release?
Interesting about the name connection, but I don't know of any of relatives in Arran :-)