Computer Security: blame the victims
"The Sorry State of Security" pokes fun at everyone involved in the "security" business but they blame the victims the most: us users. The biggest hammer should be swung at OS (operating system) writing companies (Microsoft, Apple, etc.) not the users. OS needs to be rock solid, no matter what. Programs should be solid (maybe not as rock solid as OS, depending on the application) but OS should be able to recover from anything fatal.
I guess virtualization technology would help keep every program isolated rather than co-mingling various programs in one virtual memory space (file system is equally accessable by all programs).
But the arrogant attitudes of software developers from OS to various programs are unacceptable. And what's worse is that bugs are introduced by the developers yet us users are told to deal with it and wait for a patch or even pay for the fix! And then we aren't even allowed to fix on our own!
Granted, open soure allows more control to the underlying programs but due to babel of programming languages, you can't just fix it -- you have to learn the programming language, the programming development environment/tools and then the program itself before you can fix it.
Even if the programs were stable, programs are written by programmers for programmers so the usage are never intuitive. I know because my wife drives me up the wall trying to do something as simple as attaching photos to her email (the email program is where I'm frustrated not her -- she's got every right to her expectations: the programmers never think about usability in a real way). My wife and I complain about too many men (or women who do not have children) designed stuff that just aren't well made (like sinks which are made flat at the top surface such that water always pools there rather than draining down in the sink or worse drain way from the sink). Idiot engineers! (I'm not guiltfree but at least I'm painfully aware of these issues.)
I guess virtualization technology would help keep every program isolated rather than co-mingling various programs in one virtual memory space (file system is equally accessable by all programs).
But the arrogant attitudes of software developers from OS to various programs are unacceptable. And what's worse is that bugs are introduced by the developers yet us users are told to deal with it and wait for a patch or even pay for the fix! And then we aren't even allowed to fix on our own!
Granted, open soure allows more control to the underlying programs but due to babel of programming languages, you can't just fix it -- you have to learn the programming language, the programming development environment/tools and then the program itself before you can fix it.
Even if the programs were stable, programs are written by programmers for programmers so the usage are never intuitive. I know because my wife drives me up the wall trying to do something as simple as attaching photos to her email (the email program is where I'm frustrated not her -- she's got every right to her expectations: the programmers never think about usability in a real way). My wife and I complain about too many men (or women who do not have children) designed stuff that just aren't well made (like sinks which are made flat at the top surface such that water always pools there rather than draining down in the sink or worse drain way from the sink). Idiot engineers! (I'm not guiltfree but at least I'm painfully aware of these issues.)
Labels: software security, virtualization