[LINK] What's a reasonable level of code-checking?

Karl Auer kauer at biplane.com.au
Thu Aug 17 17:40:55 AEST 2006 

On Thu, 2006-08-17 at 14:12 +1000, Craig Sanders wrote:
> > ...but ultimately they will.  It's a lot easier to tell the developers
> > they have to be liable[...]
>
> it may be easier but that doesn't make it right. almost anything you
> care to name is easier if you do the wrong thing rather than the right
> thing.

Actually I think it is right. Way back when, you didn't need degrees or
qualifications to build castles and bridges, you just did it. And there
were sanctions (often fatel) if they didn't work. Those sanctions
eventually became legal liability.

It starts out with no limits and anyone can do it, including shysters
and incompetents. Noone is too sure exactly how to do it right, so lots
of avenues and wild theories get explored - the snake oil stage. With
time, practitioners start to get it right more and more of the time,
consumers demand predictability and accountability, and the law begins
to change, bringing liability. The reaction to liability is insurance,
and the reaction to insurance is professional qualifications.

It just doesn't generally happen as neatly as that of course, but it's
basically what happens. At the high end of this process you have modern
medical practice. We demand the best that modern medical understanding
can provide, and we demand that people prove they have studied it before
we let them wield a scalpel.

Somewhere in the middle is computer programming, and down the far end
you have astrology :-)

> computer security is a shared responsibility between the developers,
> the distributors, AND the users.

As it is with medicine - no amount of good doctoring can help the
patient who won't take the prescribed medicine. But noone expects the
patient to be able to judge, except in the coarsest way, whether the
medecine is the right one; noone expects the patient to have a degree in
pharmacology.

> vs responsibilities may be difficult but legislating so that the entire
> responsibility is on the shoulders of the developers is just plain
> broken.

"Entire" maybe not. But the lion's share *should* be. For example, any
operating system should be delivered "closed" - no access to a local
network AT ALL, in or out. Each opening should require active
intervention by the user. It's pretty simple, but basically noone has
got it right yet.

Likewise software can check for good passwords. Software can check for
good passphrases. Software can demand that two applications do not share
a password. Software can distinguish between original installed files
and new files, and can (and should) refuse to execute or open new stuff
until the user has explicitly "blessed" it. Software can check
permissions of directories and files and refuse to operate if they are
insecure. Simple stuff; the list is endless.

Very little software actually does any of those things because the
*consumer* doesn't want the hassle. But they can't have their cake and
eat it too. That's not a responsibility issue though - it's a consumer
acceptance issue.

Regards, K.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)                   +61-2-64957160 (h)
http://www.biplane.com.au/~kauer/                  +61-428-957160 (mob)

More information about the Link mailing list