NYCPHP Meetup

[inforequest]

Peter Sawczynec ps-at-pswebcode.com |nyphp dev/internal group use| wrote:

>I believe that the defacto standard for out of the box product and
>programming will become more like "locked down, instant secure setup", "data
>encrypted", "all SSL" and "no anonymous access".
>  
>
If that wish came true, there would be an immediate market for new 
systems that are not locked down. "Find a need and fill it" is a truism 
of free markets (and even not-so-free markets).

>I can only hope. Because I really want to use and trust the internet for
>banking, personal storage, controlling my home and appliances, and using a
>"safe" ATM without concern that my PIN is being scarfed by the staff behind
>the counter.
>  
>
In my OPIONION, there in lies the error. Where there is TRUST there will 
be exploitation, so whatever is behind the lock must be additionally 
protected against the inevitable exploitation.

IMHO those who are LICENSED or otherwise REGULATED (in other words, 
those who have been granted a public trust -- like bankers) should be 
help accountable for the consequences of exploitations of systems which 
they have "trusted". That is the missing link, and until it is found 
should "we" be putting valuable assets (e.g. info) online?

If my home appliances can be turned on remotely, they should not turn on 
unless I myself did it. If they do turn on and I didn't do it, I should 
not be responsible for the consequences. Who should? How can that 
accountable party make sure it was ME turning them on? Until technology 
can solve that, we should not make my home appliances part of the public 
internet. Until you are prepared to license the internet, it may be best 
NOT to trust it. Heresy... you bet!

>That dealing with your own bank has become caveat emptor.
>  
>
You have ALWAYS been wise to deal carefully with your bank. Sometimes I 
think a few generations of Americans raised by post-war parents were 
spoiled with a mythical trusted government/trusted "system" belief, and 
that the recent world events are not so much highlighting a new problem, 
but conradicting the false hopes put forth in that upbringing. Welcome 
to reality, and I am sorry to here you were misled.

>I'd certainly like to hear from more programmer's who believe that insecure
>programming methods can still be endorsed in any way.
>  
>
I often arrive at the same conclusion on these issues: grant partial 
ownership (and subsequent accountability) to the coders. Secure 
programming is needed to the extent that the product behind the lock 
needs protection. Place the burden of PROTECTION onto the people 
building the locks, and the whole world changes.

Consider what would happen if you held locksmiths accountable for losses 
whenever a lock was picked or otherwise evaded. What would happen? A 
whole slew of locksmiths would refuse to put locks onto doors, because 
they knew the locks would not prevent theft. They would need to know 
WHAT WAS BEING PROTECTED, WHAT OTHER ACTORS PARTICIPATED IN THE 
ENVIRONMENT, and would want some asurances that the system would not be 
used for other purposes that that for which it was designed and 
approved. Now consider programming.....

I don't believe we could advance if we didn't build imperfect systems 
and analyze them. I don't think we could achieve social security without 
experiencing exploits and learning from them. I also don't believe we 
should trust these systems when we know they are not trustworthy (!)  I 
leave the "why we do that anyway" as an exercise for the reader ;-)

Suggested reading: RISKS Digest (mailing list), Systemantics (book), 
Translucent databases (concept and book), HIPAA (code of federal 
regulations -- good luck)

-=john andrews
www.seo-fun.com