Firewall Wizards mailing list archives
RE: OT - Rant on State of S/w Engr (was Re: Buffer Overruns)
From: "Doty, Ted (ISSAtlanta)" <TDoty () iss net>
Date: Thu, 23 Dec 1999 09:35:27 -0500
Lim Wei Siong Vincent <wslim () crtc corp mot com> wrote:
Well... I don't expect software with defects and I intend that laws should be in place to protect me as a consumer. My belief is that once such laws are in place, the software industry will have a shakedown.
There are many parallels between our industry and the early part of the Industrial Revolution. In the 17th and 18th centuries, bridges and houses *did* fall down, steam engines exploded, and machines killed or maimed people regularly. As people got used to the new-fangled contraptions, engineers learned how to build things that (mostly) don't fall down or explode or kill people. But this took a long, long time. Steam boilers exploded regularly through the last century. The Takoma Narrows bridge was the 1930s - virtually yesterday, when you think how long people have been building bridges. We won't have any laws (that add value to the process, at least) until there are "reasonable" expectations that the layman has about how Things Should Work with software. The historical record suggests that this takes decades to develop (see David Landis' book about the Industrial Revolution, _The_Unbound_Promethius_). Until then, the courts (here in the US, at least) are coming down on the side of caveat emptor: its your responsibility to configure your system correctly. See AT&T v. City of New York for an example. Bottom line, the technology is changing so rapidly that your only protection is to have someone with a clue, but things are changing so rapidly you can't get someone with a clue. :-( - Ted ----------------------------------------------------------------------- Ted Doty, Internet Security Systems | Phone: +1 678 443-6000 6600 Peachtree Dunwoody Road, 300 Embassy Row | Fax: +1 678 443-6479 Atlanta, GA 30328 USA | Web: http://www.iss.net ----------------------------------------------------------------------- PGP key fingerprint: 362A EAC7 9E08 1689 FD0F E625 D525 E1BE
Current thread:
- RE: OT - Rant on State of S/w Engr (was Re: Buffer Overruns) Doty, Ted (ISSAtlanta) (Dec 26)