The Next 50 Years of Computer Security: An Interview with Alan Cox
Pages: 1, 2

ED: Can security in software development be meaningfully incorporated into tools, so it doesn't end up stifling the productivity of developers?

AC: The current evidence is yes. Many of the improvements actually increase programmer productivity by taking away tedious tasks like memory management, or identifying potential bugs at compile time and saving the programmer from chasing bugs for days, and because many of them use labeling techniques where you have to indicate when you mean to do unusual things--actually making code easier for other humans to analyze.

There is no evidence that sparse has slowed kernel development, tainting features have hindered Perl, or that Java memory management harmed most productivity.

The tools are doing by machinery what is hard to do by hand. Bad tools could slow people down, but good tools do not.

ED: Isn't there a fundamental level at which security concerns and the freedom of individuals to innovate are opposed? Is there an end in sight to open source software created by small numbers of people?

AC: There are areas where they come together--obvious ones are safety critical systems. It's just possible that you don't want nuclear power station employees innovating on site, for example.

There are 'security' systems such as 'trusted computing' that can be abused by large corporations to block innovation, and unfortunately the EU ministers seem to want to help them, not their citizens. Whether the EU commission is corrupt, incompetent, or just misguided is open to debate but the results are not pretty. We've seen that with the X-Box. Microsoft sells you a product and threaten to sue you for using it to its full.

Those same tools, however, are valuable to end users, providing they have control over them. The same cryptographic techology that will let Apple lock their OS to apple branded x86 computers is there for me to keep personal data secure if a future laptop is stolen. It is a tool, unfortunately a tool that can be easily abused.

To a homeowner a secure house is generally good. but if you lose control of the key, it can be a positive hindrance. TCPA is no different.

ED: Where is the ultimate driving force for implementing secure software going to come from? It seems that regulatory enforcement, such as in the pharmaceutical industry, might be the only way to properly protect the consumer.

AC: At the moment it is coming from the cost of cleaning up. Other incentives come from statutory duties with data protection, and also from bad publicity.

In the future they might also come from lawsuits--for example, if an incompetently run system harms another user--or from Government. In theory as we get better at security the expected standard rises and those who fail to keep up would become more and more exposed to negligence claims.

The bad case is that someone or some organization unleashes a large scale internet PC destroyer before we are ready and legislation gets rushed through in response. That will almost certainly be bad legislation.

Edd Dumbill is co-chair of the O'Reilly Open Source Convention. He is also chair of the XTech web technology conference. Edd conceived and developed Expectnation, a hosted service for organizing and producing conferences. Edd has also been Managing Editor for, a Debian developer, and GNOME contributor. He writes a blog called Behind the Times.

Return to the O'Reilly Network