REVIEW: "Geekonomics: The Real Cost of Insecure Software", David Rice
- BKGKNMCS.RVW 20080207
"Geekonomics: The Real Cost of Insecure Software", David Rice, 2008,
%A David Rice david@...
%C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
%G 0-321-47789-8 978-0-321-47789-7
%I Addison-Wesley Publishing Co.
%O U$29.99/C$32.99 416-447-5101 800-822-6339 bkexpress@...
%O Audience n+ Tech 2 Writing 3 (see revfaq.htm for explanation)
%P 362 p.
%T "Geekonomics: The Real Cost of Insecure Software"
In the preface, the author states that the only pre-requisite for
reading the book is a "hint of curiosity." This is because the work
explores the issue of insecure and unreliable software from a
sociological and economic perspective, rather than giving the topic a
purely technical examination.
Rice's book is readable, informative, and makes important points. I
enjoyed it. Normally such an assessment comes at the end of the
review, but I want to state this up front, because, in the remainder
of the commentary contains a number of critical comments. For the
most part, though, these apply to components that Rice has not
included, and which would tend to support his contention, rather than
detract from it.
Chapter one repeats a lot of the material in the preface, sometimes in
greater detail. Rice compares software with cement, in terms of the
infrastructure of modern society, and also introduces the economic
concepts of incentives and utility. The emphasis, in the analysis of
software flaws, is on intrusions and networking, but the examples
cited concentrate on concerns of reliability, rather than intrusions,
somewhat weakening the overall argument. The lack of software
standards, and the fact that unregulated markets militate against
quality and safety, are addressed in chapter two. The text also
specifically explores the problems involved in the ubiquitous practice
of patching software faults. Rice's reasoning on the matters, while
generally sound and extremely convincing, does have some odd quirks.
For example, he repeats the widely held belief that building secure
software in the first place must necessarily be more expensive, or
companies would be doing it. (A relevant counter-example in the world
of non-computer technology would be that of refrigerator doors. For
years fridge door latches were a danger to children when old fridges
were abandoned. Children playing around the fridges could enter them,
and then become locked inside. It was only after appliance companies
were forced to change the door locking mechanisms that they turned to
magnetic closures--and found that not only were those mechanisms
safer, but also cheaper and more energy efficient. Thus, companies
may sometimes need to be forced into practices that may actually be to
their advantage. Overall, consideration of such additional elements
only serve to strengthen Rice's basic premise that insecure software
is unnecessarily costly.)
In chapter three, Rice notes the extremely low rate of prosecution for
computer crimes, and moves from there to the statement that
professional cybercrime is not just a criminal matter, but that the
issue of software unreliability is of concern for national, and even
international, economic security. He concentrates, again, on software
vulnerabilities, failing to fully assess investigative weaknesses (and
the economic pressures preventing law enforcement agencies from hiring
and retaining trained forensic staff), the inherent risks of
information warfare (to the attacker as well as the target), and the
difficulty of establishing and validating trust relationships. He
correctly identifies the problem with paying bounties for
vulnerabilities (which many have forgotten). Noting the deleterious
effect of allowing visible dilapidation to go unrepaired, he asserts
that the invisible imperfections of software are even more important,
but his argument appears incomplete.
After reiterating the point that speed of innovation and time-to-
market is important to software developers, chapter four appears to
lose focus, finally seeming to make the point that we need some kind
of licensing for software development. Chapter five's review of tort
law tends to overshadow the more significant message that software
developers enjoy an unparalleled immunity from lawsuits, and thus have
no motivation to produce software of high quality. Various
characteristics of open source software, and related development
processes, are used to point out, in chapter six, differing economic
forces both for and against software reliabity.
Near the beginning of chapter seven Rice admits that he proposes no
ultimate answers to the question of code quality. He does, however,
list arguments that can be used to start further discussion on the
possible approaches to revise the incentive environment in order to
promote quality software. The list of potential approaches includes
allowing the "free market" to deal with the problem (in other words,
do nothing), promote litigation, license software engineers, create
standards, or impose some form of vulnerability tax on developers.
Towards the end of chapter seven, the author states that "[t]his book
has argued, no matter how imperfectly, that incentives are key to
changing the story of software." Despite my minor quibbles, Rice's
case is solid, and his thesis is important. This work should be
required reading for all involved in matters of technology policy,
from managers and security professionals responsible for application
development, to politicians. If this publication is successful
enough, the publisher might have an incentive to ask the author to
update his text for a second edition, at which time Rice might tighten
up his arguments and include some of the missing bits. Then this book
should be required reading for all developers and programming
copyright Robert M. Slade, 2008 BKGKNMCS.RVW 20080207
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... slade@... rslade@...
In terms of paradigms, shift happens.