funsec mailing list archives
Re: truth is for Admins
From: chris () blask org
Date: Mon, 26 Oct 2009 16:18:12 -0700 (PDT)
--- On Mon, 10/26/09, Nick FitzGerald <nick () virus-l demon co uk> wrote:
Is that really any kind of an excuse for the perpetrators of what is increasingly, and laughingly, called "software engineering" to continue to execute the extremely crappy "art" that is still their stock-in- trade, despite decades of "whoops, we should have seen that coming" history?
"No-one gets killed by our shite software so it's pretty much OK".
I'm fairly certain that's exactly not what I said. Look, designing a security system for a given large network that at all times accounts for every single possible combination of the manifest imperfections of both users and non-security engineering activities would require - in my estimation - systemic advances akin to those required to fully automate and render accident-proof (not "accident-resistant") the national highway system. That would mean: rendering each vehicle (end device) redundantly independently fail-safe from accidental, intentional and incompetently dangerous behavior; making each road and intersection (network segment and connectivity device) fully aware of all contingent traffic conditions and their implications and able to communicate with and enforce behavior of all pertinent vehicles; management systems (management systems) that are both holistically capable of comprehending the totality of the past and present states of the highway system and simultaneously incapable of issuing any incorrect directive to any part of the system at any time, even when compromised. Such traffic systems will, in the end, come into existence. I just wouldn't hold my breath (or anything else) waiting for them. The point is not that it is OK to build shite cars (or software), the point is that we will have to do the best with what we have despite the shortcomings we are presented with at any time. That will include engineering the best solutions we can, providing the best training we can, putting anti-phishing slogans on coffee mugs and doing whatever else we can think of. Finally, I specifically did not say "No-one gets killed by our shite software", or that that would be "pretty much OK". Shite software does in fact kill people in some rare cases even today, and we are more and more moving into a world where shite software (and shite implementations) will increase the risk of - as well as the actual occurrence of - people being killed by computers. There is specifically nothing "OK" about that. However, there is nothing "OK" about people dying in cars, either (including the cars that will increasingly kill people due to shite software in them). But until the aforementioned flawless cybernetic traffic system is completed (after I am well dead and buried) those who choose to attempt to limit death in motion will have to live with the fact that they will be experiencing non-zero failure rates. So will we. -chris _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- truth is for Admins RandallM (Oct 23)
- Re: truth is for Admins Valdis . Kletnieks (Oct 25)
- Message not available
- Re: truth is for Admins Valdis . Kletnieks (Oct 25)
- Re: truth is for Admins John Bambenek (Oct 25)
- Message not available
- Re: truth is for Admins RandallM (Oct 25)
- Re: truth is for Admins Valdis . Kletnieks (Oct 25)
- Re: truth is for Admins Valdis . Kletnieks (Oct 25)
- <Possible follow-ups>
- Re: truth is for Admins Les Bell (Oct 25)
- Re: truth is for Admins Rich Kulawiec (Oct 26)
- Re: truth is for Admins chris (Oct 26)
- Re: truth is for Admins Nick FitzGerald (Oct 26)
- Re: truth is for Admins chris (Oct 26)
- Re: truth is for Admins Rich Kulawiec (Oct 26)