Share this page!

Pinboard Profile picture
Twitter logo
18 Jul, 10 tweets, 2 min read
The spyware scandal in the news today is a chance to reiterate that human beings are incapable of producing defect-free software at any scale. In particular, there is no such thing as a secure online system or a secure mobile platform. This foundational issue won't go away.
Our main line of defense against malicious software is that human ingenuity is also limited, so we only find a fraction of our errors. And the malefactors go on to make more mistakes coding the malware. Incompetence is the great defensive wall securing most of our infrastructure.
The phone situation in particular is dire, and I hope we see a future where these all-in-one devices are supplemented by simpler machines that do just one thing (make phone calls, send text messages) and can't be turned into a 24/7 surveillance beacon by hacking an emoji renderer
There may be defect-free software somewhere (a very simple avionics servo or space probe) but the level of effort required to create it is so many orders of magnitude beyond what goes into commercial software that any programmer's remaining hair stands on end thinking about it
To give you an idea of how bad the situation is: one of the greatest textbooks in our field had an error in a tiny CS101 algorithm (binary search) for 20 years. This was then fixed, the fix proven to be correct, and then they found a bug in the fix as well ai.googleblog.com/2006/06/extra-…
Or there was that time three years ago when every computer more complex than a graphing calculator (and probably that too) was shown to be completely broken. en.wikipedia.org/wiki/Spectre_(…
There's a theorem in computer science called CAP which basically says, if you could have network where nothing ever went offline, you could do cool stuff. A lot of people get excited and try to do the cool stuff anyway, then rapidly discover that such a network does not exist.
We're doing the same thing in online systems. We behave as if creating secure software is possible and wire everything together so we can do cool stuff. There's no mechanism to bring the consequences of this decision back to bite the people who make it. They get externalized.
The one thing the software industry excels at is convincing people that computer bugs are a fact of life, and that the solution for them is even more complex software.
Anyway use Pinboard

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Pinboard

Pinboard Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @Pinboard

Pinboard Profile picture
18 Jul
The law he is presumably referring to is Section 230, which keeps owners of online forums from being liable for what participants post. This law allows small websites like mine to exist. Without it, we would only have the tech giants, who can afford massive legal departments.
If you or someone you love has been hurt in an online argument, and you want to bring the fun and excitement of US personal injury law to the world wide web, then Section 230 repeal is for you! You may be entitled to a cash settlement; call the number on the nearest billboard.
This view that misinformation is inflicted on an unwilling and innocent public is starting to grind my gears. The demand is driven by people hungry for more and more of it. Mark Zuckerberg is not responsible for the human condition, and linear algebra didn't radicalize your aunt
Read 5 tweets
Pinboard Profile picture
17 Jul
I watched the first episode of a 2016 Chinese police procedural called "Medical Examiner Dr. Qin" last night, and I can't recommend it highly enough. Spoilers ahead, but as you'll see it doesn't really matter.
The show starts with police finding a deep-fried human hand in a vat of illegal cooking oil. An unscrupulous vendor skimmed it from a sewer, where a criminal had just happened to dump the deep-fried remains of his two victims.
Having found deep-fried human remains of a human hand at a food market, the police decide they have 48 hours to solve the crime before the public becomes upset. For the rest of the show there is a digital counter, letting us know how the men and women in blue are doing.
Read 13 tweets
Pinboard Profile picture
17 Jul
Good example of the catastrophizing mode that is the official line on climate change. Another truth is:

1. Some places will become unlivable
2. Some new places will become very comfy
3. There's a lot of money to be made moving wealthy people from A to B

nytimes.com/2021/07/17/cli…
I understand that "DOOM! DOOM!" is an engaging headline, but we should talk some more about how to live in the coming world as a practical matter, and how to create economic incentives to help the people most affected.
Much more climate change than we're already seeing is locked in. If emissions went to zero tomorrow, we'd still see hotter summers for years. I understand the political goal of making every headline sound like we're about to die, but it's cynical and I believe counterproductive.
Read 4 tweets
Pinboard Profile picture
17 Jul
The deadline the Senate is racing to meet is that they're sending themselves on another vacation. Can senators get the legislation written in time to go off and do fuck-all in August? A nation holds its breath.
Politico calls trying to get something done before going on a month's vacation a hardball tactic. The Senate is also on vacation right now, making it harder to meet this deadline. I'm not making any of this up.
I understand the difficulty of moving bills through an obstructionist Senate, but I don't understand why Democrats don't make everyone stay and do their job for as long as it takes to produce legislation. The utter lack of urgency is infuriating.
Read 7 tweets
Pinboard Profile picture
16 Jul
Thanks so much to TechCheck for having me on! Let me expand a bit on what I think the structural China problem is. The country is basically a theocracy, but since Deng's time it has been ruled pragmatically by rulers who were willing to interpret the faith quite broadly indeed
In this framing, the Chinese state religion is Marxism/Leninism/Mao Zedong Thought. Marxism of course doesn't think of itself in those terms—it claims to be a scientific theory of history—but treating it as a religious faith gets you to interesting conclusions, so let's do it.
Until recently the modus vivendi with China was that the CCP could try however it wanted to explain that it was still a Communist Party domestically, but in its external relationships the country would fully participate in global capitalism and not get all weird on us about it
Read 16 tweets
Pinboard Profile picture
15 Jul
Fixed the headline
American policy toward the Democratic Republic of the Congo is enormously important, but no mainstream journalist would ever suggest sending troops there, or suggest that we're "losing" the DRC to China or Russia. I wish this attitude were the default in our foreign policy.
The world is full of countries with problems, and it would be nice to go back to our sensible pre-WWI tradition of staying out of them. The best way we can help people in other countries who are suffering is letting massive numbers of them immigrate, to our mutual benefit.
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @Pinboard has new unrolls!

Check out other threads from @Pinboard!

Read all threads by @Pinboard

:(