Tuesday, 25 February 2014

Openness


In my previous post I discussed Apple's mega fuck-up, a catastrophic failure that compromised (and in many cases, still compromises) the security of all Apple devices since at least June 2013 and probably much longer. The question is, how could such a disaster take place in the first place, and what can be done to prevent it from happening again?
With regards to the first part of the question, Edward Snowden has provided us with ample material to raise suspicions of some conspiracy aimed at allowing authorities to track all Apple users up. And you know what? I wouldn't dismiss such speculations off hand. I will, however, note that regardless of conspiracies, software defects happen all the time; they are a statistical inevitability.
The more important part of the question is therefore that second part, how do we prevent such disasters from happening again. I will tell you how we shouldn't go about: we should not go about the way Apple had done so far, keeping its code in secret in the hope that this secrecy would improve users' security. "In the hope"? Apple has been known to rave about its security for years; we all remember those "I am Apple" vs. "I am PC" ads, where Mr Windows PC was mocked for his insecurity. Clearly, the last laugh is on Apple's behalf (or more accurately, its users behalf).
Fact is, again and again we witness how security through secrecy just doesn't work (did I mention Snowden?). Luckily for us, we do have a model that works and works well, and that is the open source model: instead of keeping one's secrets in the dark, one publishes one's code and lets the entire world scrutinized it for weaknesses; and when those weaknesses are found, they are advertised so everyone can learn how to protect themselves. More importantly, when these weaknesses are advertised they also tend to be quickly addressed.
No, I do not expect Apple to reveal its source code to the public any more than I expect it to cease its tax avoidance schemes. However, us users do not have to wait around for Apple; we can just turn to the open source alternatives that are already available for us to use.


Image by J. Albert Bowden II, Creative Commons licence

No comments: