[KLUG Members] Link on OS security problems

[Peter Buxton]

On Tue, Jan 06, 2004 at 01:18:26PM -0500, Robert G. Brown was only escaped
   alone to tell thee:

> Even the premise bothered me: "we would not expect car manufacturers
> to have made little progress on the safety of their cars, would we?"

If you read Lee Iacocca's autobiography, you can read about him
participating in Ford's '50's campaign to sell safety. It bombed. It
turned out that car purchasers did not like to think about having their
car destroyed under them -- or with them. It took years of gory NHTSA
safety films showing that even large cars were vulnerable before people
accepted that seat belts were necessary.

Aircrew attitudes towards bomber construction in WWII were similar.
Engineers found that the airframes were generally overdesigned. The
frames could be lightened, leaving more capacity for heavier armor and
guns. The aircrews refused to hear of it. The possibility of death at
the hands of the enemy was easier to accept than that the pile of
riveted sticks they rode on through the air might come apart around
them.

I expect that is the cause of many security breaches. People do not like
to think their network is insecure, so they don't.

> Um, it was over 60 years, and extensive government regulation (in the
> USA) that finally got car makers to make really good safety features
> standard, even though they knew these features were needed.

Also consider that adding safety features is a mixed bag. If you want
car manufacturers to add air bags, you have to consider how many
lawsuits adding them would create. For one thing, designs need to be
tested in the real world, not in labs. They still detonate without
reason and cause minor burns whenever they go off, but at a much lower
rate than they did when they were still relatively untested.

-- 
Rah! My re-tox weekend has been declared
a success! -- James Coates, 29 Oct 2001.