QOTD by David Rice

Because software creates the environment of cyberspace, small elements of disorder in software (like software bugs), may lead to greater elements of disorder (like exploitation of vulnerabilities), which ultimately lead to more serious forms of crime (like cyber crime and cyber espionage). Historically, software manufacturers have not been liable for broken windows (software defects), even though software applications have been—and continue to be—shipped with an unknown number of latent and preventable weaknesses. Software does not 'break' in use, as do physical products. Software is shipped by the manufacturer already broken (with the extent of the 'brokenness' discovered at some later, unknown time). -- David Rice, author of Geekonomics: The Real Cost of Insecure Software
This is one of my favorite mental images for understanding the nature of software and cybercrime.

Src: Broken Windows Revisited: Why Insecure Software and Security Products Hurt the Global Economy - CSO Online - Security and Risk

No comments: