TAG | Talking security with Bruce Almighty |
|
| by Sam Varghese | |
| Friday, 01 February 2008 | |
|
Page 6 of 6 Do you think you could do people a service by educating them to do just what you do? Technically qualified, good people... I'm not sure I can educate people how to do that. I never really think in that methodology. I'm too busy thinking about my topic, to think about my process. So I don't know if I could educate that. There is certainly value in teaching communications - to teach people how to talk to a common audience, how to talk to an uneducated audience, how to talk to an audience educated not in your area of expertise, how to generalise, how to look at things from a meta point of view, how to use examples - all these things I'm sure people teach them. I couldn't teach it. I think I'd do it but I'm not sure how I do it. You've never had people who've come to you and been attached as understudies or interns? You know, I have had employees when Counterpane was just a consulting company who would learn from me. At BT Counterpane there are people who learn from how I do things, just from my actions. People who learn how to do what I do. Lots of people are involved with that ethic, at the Electronic Frontier Foundation, the American Civil Liberties Union. I spend time but not in that way. A lot of what I do is one-to-many and I'm a lot less one-to-one. I think my value is in talking about many issues and talking to a broad audience. Influencing a lot of people a little is better math for me than influence a few a lot. Quite often you have said that companies should provide warranties that their software is safe. Can you really justify that? I think that's going to be the future whether you justify it or not. You provide it by having an insurance model behind it. It doesn't mean it's true. It just means that if it's wrong, we're going to compensate you. There are warranties all over and products are not very good, but that's not the point. The point is that there is some kind of financial backing in case there is a mistake. Do you have any examples of this? Automobiles, any consumer product. But if you compare a car to software people always laugh. They say a car is a pretty simple thing compared to a computer program. Sure. But none of this is easy, and a car is actually pretty darn complex. There's lots of parts and lots of different manufacturers. When there's an accident you have the driver, the other driver, the car, the road conditions, maybe things on the road. You have, maybe, a part that might have failed. You have all of these aspects that contribute to negligence. And the courts figure it out and there are complexities there. I don't think software is inherently worse. And certainly cars have computers and software as well. What would push software companies towards this? Is it only government regulation? Government regulation. No software company wants this regime. The only thing that will push companies is regulation. Possibly largescale buyers in the world where software is all being sold through re-sellers - they can start demanding insurance models. But government regulation must come first. You have no examples of governments who are pushing companies towards this? Not yet, there are some moves towards it. There were complaints from the industry, complaints that it would kill the software industry. But that will change eventually. It has to.
Get stories like this delivered daily - FREE - subscribe now
|
Tags
| < Next story in category | Previous story in the category > |
|---|
