Recent Features
| |||||||||||||
Doctorow: The coming war on general-purpose computationDoctorow: The coming war on general-purpose computationPosted Dec 31, 2011 22:06 UTC (Sat) by dlang (✭ supporter ✭, #313)In reply to: Doctorow: The coming war on general-purpose computation by ibukanov Parent article: Doctorow: The coming war on general-purpose computation
if it is a deliberate backdoor designed to allow people to get in the system, and it is kept hidden, then you have malfeasance on the part of the manufacturer.
If the backdoor is not secret, it may be a great thing to have.
but in any case, the criminal act is the exploiting of the backdoor, not the creation of it
and simple flaws in the code that end up being able to be exploited, but were not put there deliberately may be carelessness on the part of the manufacturer, but are not malfeasance
Using a real-world example, the continual flow of flaws in Microsoft products should not make Microsoft liable for hackers, but this sort of track record should make people opt to choose a different OS that does not have this track record.
(Log in to post comments)
Doctorow: The coming war on general-purpose computation Posted Jan 1, 2012 2:30 UTC (Sun) by ibukanov (subscriber, #3942) [Link]
> but in any case, the criminal act is the exploiting of the backdoor, not the creation of it
IMO the creation of the backdoor that the owner of the house is not aware of is bigger ethical problem than the theft itself. But criminal laws almost never follows ethic this days.
> the continual flow of flaws in Microsoft products should not make Microsoft liable for hackers,
Well, there is a difference in expectations. When I buy a light switch I assume that I get just that, a light switch. I presume if I follow instructions and do not do stupid things with it it should just work and do no harm. In particular, I expect that I do not get a backdoor that can be used to kill me.
With MS products at least I know that I get a general purpose computer and formally I must accept those licensing disclaimers of any responsibility. Still I think the current software industry is getting way too easy with those disclaimers in products that cost money.
Doctorow: The coming war on general-purpose computation Posted Jan 1, 2012 8:34 UTC (Sun) by dlang (✭ supporter ✭, #313) [Link]
what is the difference between a 'backdoor' that is unethical and 'hacker friendly' (in the good term of hacker) that allows the owner of the device to modify it to do useful things that the manufacturer never thought of?
you may only want the light switch to be able to be controlled by the authorized remote, but I may buy the same switch with the intent of controlling it with my computer (for all sorts of reasons)
this is why it's really dangerous to take the attitude that capabilities or functionality is 'evil' and needs to be suppressed instead of going after the people who do bad things with it.
Doctorow: The coming war on general-purpose computation Posted Jan 1, 2012 12:15 UTC (Sun) by ibukanov (subscriber, #3942) [Link]
> what is the difference between a 'backdoor' that is unethical and 'hacker friendly' (in the good term of hacker)
The difference is simple - when I buy a light switch I expect to get just a light-switch, a device with a clear defined functionality that works just like that - a light switch. If I want a general purpose computer that happens to be able also turn on and off light, I will look for that.
> this is why it's really dangerous to take the attitude that capabilities or functionality is 'evil'
Capabilities are not evil, the failure to state them in clear and ability to completely shred responsibility in case of harm is.
> and needs to be suppressed
I have not suggested to suppress anything, I just want clear statement that a particular device is not a light switch, cannot be advertised as such and that the manufacturer has absolutely no responsibility if the device does something else besides switching the light.
Doctorow: The coming war on general-purpose computation Posted Jan 1, 2012 22:01 UTC (Sun) by dlang (✭ supporter ✭, #313) [Link]
how do you define what an acceptable level of being locked down is?
the light switches that you are talking about were never intended to be general purpose devices, and arguably are not. but it's impossible to create a remote control switch and then make it impossible for it to be abused.
If you want a disclaimer on products that they may be used for something else and the manufacturer bears now responsibility for the product being abused, all that you will achieve is the addition of one more paragraph of fine print in the product documentation (and are you really sure there isn't such a statement in the product documentation now?)
this is like the California Law that requires that all buildings that contain potential Cancer causing chemicals to have a sign on the doors stating "this building contains chemicals known to cause cancer", every building I have seen contains such a statement, so it's completely worthless
Doctorow: The coming war on general-purpose computation Posted Jan 1, 2012 22:33 UTC (Sun) by ibukanov (subscriber, #3942) [Link]
> how do you define what an acceptable level of being locked down is?
I do not want to define any such level. But I do want the manufacturer to bear the full responsibility if the device can be hacked remotely and used beyond its stated area of operation. The manufacturer should not be able to waive that responsibility using a trick like of calling a device a general purpose computer that happened to be able to turn life on/off if such devices is marketed as a specialized device.
> (and are you really sure there isn't such a statement in the product documentation now?)
Not in a wireless light switches that are sold here in Norway.
> the California Law that requires that all buildings that contain potential Cancer causing chemicals to have a sign on the doors stating
Those laws are useless indeed. What may work is a law that states that if a building uses materials that have not been on the marked for, say, 50 years, then the builder should be responsible for any health-related problems that they may have caused.
|
|||||||||||||