A "Food and Drug Administration (FDA)" for computers is urgently needed TODAY

    The current state of affairs in computers is so utterly baffling, as to be described as a repetition of the historical cycle.  North Americans, as it were, have forgotten their history and are blindly repeating it once again.   

    Consider the following.

    If I were to try to sell you food that was contaminated with the most vile products--hands which had been cut off during the meat processing, you would immediately call the Food & Drug Administration to report me.  Or consider a less grotesque scenario. Today we have come to expect that all items that are to be ingested by the public require that each be labelled accurately with its active ingredients, as well as the limitations to their use.  But in fact, at the beginning of the 20th century, neither of these public regulatory institutions and laws existed, giving rise to the worse abuse and scandals.  It was the writing of "The Jungle" by Upton Sinclair, detailing such abuses that led to the creation of the FDA, and at around midcentury, the development of a labeling system.  When Rexford Tugwell in the US called for such a labeling, today the most normal procedure, it was berated by food and drug companies as a socialist imposition on the capitalist enterprise.

    The state of affairs in computing TODAY, right this very moment (february 22, 2014) is similar as that which the food industry found itself around a century ago.

    It is shocking that a product which has become so central to our lives: used to store precious family images, undertake financial transactions, or communicate with business and/or employment contracts, be ridden with so many egregious flaws.  If you read about the computer industry, the list is so long, that it would require a multivolume tome to explain the dynamics in that industry, so I will mention just a few.

    It was recently announced that iOS version 6 and recent versions of MacOSX apparently had faulty SSL programming, which to put it in the most simple terms, removed any security from online transactions.  There have been numerous exploits on third party apps by Adobe (Flash and Reader), which also make systems vulnerable; but these are nothing when compared to the vulnerabilities of JAVA, a multi-platform language that cuts across all operating systems and has been routinely used for hacking.  When it comes to Windows, the most recent vulnerability is Cryptolocker; it was recently reported that a law firm lost ALL OF IT DOCUMENTS because of it. And by all, I mean everything: customer personal information, court case filings, etc etc.  One can presume that the law firm, in light of this, simply went bankrupt and closed its doors.

    If that were not bad enough, new connected home products are starting to enter the market that have even WORSE security vulnerabilities. Manufactures of 'the internet of things' have so quickly rushed to the market, that little if few security protocols were implemented. So door locks, motion sensors, cameras, ovens, refrigerators etc can all be easily hacked, giving direct access into the personal and private lives of its users.  This makes the recent vulnerabilities of a great number of consumer grade routers look like a small 'walk in the park'.  It is almost as bad as the predominantly available UPNP protocol in so many new television, routers, and media devices. While used to easily transfer multimedia between devices, it also exposes all such devices to the internet.  A recent study was found that 81 million devices could be readily accessible because of UPNP. 

    It is clear that a series of conditions in the past promoted the absence of regulatory oversight in the computer industry.  Most computers tended to be expensive products that could only be used by a few selected 'geeks'; in the 1960s/1970s they were not as pervasive to the vast majority of consumers at all, so regulation was not really needed.  Also, the pace of change in the industry was such, and the promise of future products had reached such a particular point, that any regulation would have certainly reduced the pace of innovation in the field.  Also there really was no need to regulation per se: the internet had not yet been created. The mere suggestion of  a type of 'open public highway system' where one could easily travel from one place to another (computer) was just an ideal dream given the great diversity of computing systems that existed in the market at the time.  

    But that was then, and today's atmospheres calls out for a 'radical change', which is really more of a return to prior institutions.

    In light of these preponderant security vulnerabilities, it is clear that the computing industry needs an FDA type of institution to evaluate the security of all computing devices, regardless of what they might be.  


Discusiones sobre el mismo tema

URL de retroenlace : https://www.ictal.org/index.php?trackback/627

Fuente de los comentarios de esta entrada