Thursday, July 15, 2021

Hard truths about cyber-security


We Already Know How to Stop SolarWinds-Like Hacks

We currently have a situation where users expect software to have bugs, and programmers are encouraged to rush software out the door first and fix it later. Instead of penalizing the manufacturers for security bugs, we treat them almost as natural disasters—no one’s fault. The way that updates are easily distributed and automatically installed over the Internet encourages this, but it’s a major problem when it comes to security. Until this situation is changed, we can expect to keep hearing about security breaches despite PUFs and other exciting new technical tools.
Millions of computer users have paid a high price so that Bill Gates could become insanely rich and hangout with Jeffrey Epstein.

The Threat

Back in the early 1990s, for example, if you visited the Microsoft campus in Redmond and you pointed out that something people were working on had a flaw or could be done better, they’d say, “No, we’re going to ship it Tuesday and get it right by version three.” And that’s what everybody said: “Ship it Tuesday. Get it right by version three.” It was the philosophy. IBM and the other established companies were really down on this. They were saying, “These guys at Microsoft are just a bunch of hackers. They don’t know how to write proper software.”

But Bill had understood that in a world where markets tip because of network effects, it’s absolutely all-important to be first. And that’s why Microsoft software is so insecure, and why everything that prevails in the marketplace starts off by being insecure. People race to get that market position, and in the process they made it really easy for people to write software for their platform. They didn’t let boring things like access controls or proper cryptography get in the way.

Once you have the dominant position, you then put the security on later, but you do it in a way that serves your corporate interests rather than the interests of your customers or your users.

Bill Gate’s most brilliant coup was to export the ethos of a hobbyist sub-culture over to the business and consumer marketplaces.

Related:

The 100 billion dollar idea

No comments: