[conspire] (forw) [OCLUG] Why Do Keynote Speakers Keep Suggesting That Improving Security Is Possible?

Rick Moen rick at linuxmafia.com
Thu Aug 23 22:57:19 PDT 2018 

Quoting Ross Bernheim (rossbernheim at gmail.com):

> Business and society have created perverse incentives the depreciate
> the concepts of bug free and security. Rewarded for speed of
> development and flashiness and bells and whistles and how many
> advertisements and how much data the program can collect are not a
> recipe for quality and secure programming.

Indeed!  Another of my favourite essays:
https://www.stilldrinking.org/programming-sucks

  [...]
  All programming teams are constructed by and of crazy people

  Imagine joining an engineering team.  You’re excited and full of ideas,
  probably just out of school and a world of clean, beautiful designs,
  awe-inspiring in their aesthetic unity of purpose, economy, and
  strength.  You start by meeting Mary, project leader for a bridge in a
  major metropolitan area.  Mary introduces you to Fred, after you get
  through the fifteen security checks installed by Dave, because Dave had
  his sweater stolen off his desk once, and Never Again.  Fred only works
  with wood, so you ask why he’s involved, because this bridge is supposed
  to allow rush-hour traffic full of cars full of mortal humans to cross a
  200-foot drop over rapids. 

  Don’t worry, says Mary, Fred’s going to handle the walkways.  What
  walkways?  Well Fred made a good case for walkways, and they’re going to
  add to the bridge’s appeal.  Of course, they’ll have to be built without
  railings, because there’s a strict no-railings rule enforced by Phil,
  who’s not an engineer.  Nobody’s sure what Phil does, but it’s definitely
  full of synergy and has to do with upper management, whom none of the
  engineers want to deal with, so they just let Phil do what he wants.

  Sara, meanwhile, has found several hemorrhaging-edge paving
  techniques, and worked them all into the bridge design, so you’ll have
  to build around each one, as the bridge progresses, since each one means
  different underlying support and safety concerns.  Tom and Harry have
  been working together for years, but have an ongoing feud over whether
  to use metric or imperial measurements, and it’s become a case of
  "whoever got to that part of the design first."  This has been such a
  headache for the people actually screwing things together, they’ve given
  up and just forced, hammered, or welded their way through the day with
  whatever parts were handy.

  Also, the bridge was designed as a suspension bridge, but nobody
  actually knew how to build a suspension bridge, so they got halfway
  through it and then just added extra support columns to keep the thing
  standing, but they left the suspension cables, because they’re still sort
  of holding up parts of the bridge.  Nobody knows which parts, but
  everybody’s pretty sure they’re important parts.  After the introductions
  are made, you are invited to come up with some new ideas, but you don’t
  have any, because you’re a propulsion engineer and don’t know anything
  about bridges.

  Would you drive across this bridge?  No.  If it somehow got built,
  everybody involved would be executed.  Yet, some version of this dynamic
  wrote every single program you have ever used, banking software,
  Web sites, and a ubiquitously used program that was supposed to protect
  information on the Internet but didn’t.
  [...]

People from outside the industry tend not to believe me that this is a
reasonably accurate pastiche-picture of just about every software firm 
that's ever existed on this planet, yet it is.

More information about the conspire mailing list