Archive for July, 2015

all software sucks

Wednesday, July 22nd, 2015

The only thing that surprises me in this article is that the attack took until mid-2015 to happen:

[…] The attack […] can compromise those Uconnect computers—an optional upgrade feature that doesn’t come standard in the Chrysler vehicles—through their cellular Internet connection to tamper with dashboard functions and track their GPS coordinates.

For 2014 Jeep Cherokees in particular, [the attack extends] to the vehicle’s CAN bus, the network that controls functions like steering, brakes, and transmission.

Attacks like this become a safety critical issue — rather than just an annoyance — due to two factors.

First, all software sucks, with consumers failing to demand the kind of qualities in software that they now routinely expect in hardware (mostly, to be fair, because consumers don’t know to ask — or how to ask).

Worse, most engineering reliability analyses don’t know how to model software reliability, so it gets neatly tuned out of a hardware failure modes analysis — meaning that it’s then easy to make the incorrect assumption that the software can’t fail, let alone take hardware out with it.

Engineers and other technical types might not make that assumption, but they’re not the ones generally making the decisions on what and where to cut the budget. Which brings us to the second factor: businesses are attuned to looking for maximum profit at minimum cost.

That means in turn that obvious safety considerations, such as not having any form of physical link between safety critical systems and online entertainment systems, are foregone because it’s an easy way to cut costs. One set of connectivity is cheaper than two, particularly when the safety critical systems already have sensors and the like which the entertainment systems can then utilise.

on alternative government

Wednesday, July 22nd, 2015

It doesn’t matter which “side” of politics is best represented by this essay; true democracy comes from truly alternate viewpoints being correctly represented in government:

The Overton window — it’s the political theory that, at any point, there are policy ideas within the window that are seen as acceptable. Mainstream. Anything outside that particular window is seen as mad, bad, or dangerous. Not acceptable. Not to be taken seriously.

It’s my opinion that the Overton window has been significantly pushed to the right over the past couple of years. […] There is a sense that what were once overly punitive ideas are now meat and potatoes.

You know the kind of thing — punishing immigrants, demonising them, even. Cutting benefits from those who need them most, dismantling the NHS, shackling the unions — that kind of stuff. The kind of policies that would have previously raised eyebrows — and blood pressure — are now greeted with a nod and a muttered ‘quite right’.


You need brave people. Unselfish people. Ready to stand outside, prepared to be mocked. Passionate, committed and determined. I don’t see that in many of our politicians.

Last night, I heard a lettuce-fuelled Labour leadership hopeful tell a TV reporter that he is re-evaluating the ‘core values’ in the eyes of the electorate, as if by merely saying those words with his mouth, then the answer will turn up in a taxi.

Let me tell you the core values, sunshine. They are to stand up to inequality, punch hard for those who cannot, and REFUSE to be bowed in the face of battle. Save yourself the money you were going to spend on shiny leaflets. You won’t need them. Just stand up, charge forward and bloody fight.

Labor — the Australian one, that is — was and is wrestling with this same issue; I infer it’s a common problem in all “western” democracies at the present. They still haven’t figured it out, and they started struggling with this so-called problem while they were nominally in charge. Now they’re trying to be functionally the same as the current government, which for all intents and purposes means we’ve got a one-party system.

Thing is, I’m fairly sure that the average voter, when not being told what to think by the media establishments, would be quite happy to see a genuinely alternate viewpoint represented by an opposition party with significant size to it.

Without it, we’re heading well down the path toward an entirely less compassionate society.

defective thinking

Wednesday, July 15th, 2015

Software sucks for many reasons, all of which go deep, are entangled, and expensive to fix.

This isn’t a new problem. Not even remotely. Moreover, the tools to improve the state of play have been around in various forms for at least three decades: Carnegie Mellon University, among others, has been trying treat software development more like an engineering discipline since the 80s.

It’s a problem that’s getting worse with time, too: we’re increasingly dependent on complex systems underpinned by software, and increasingly unable to circumvent these systems when they do fail. Case in point: Toyota, as recently as 2010, were using outdated software development processes, while simultaneously building cars ever more dependent on reliable software. It’s clear how their approach to software design hasn’t worked out for them — and while their problems are now public knowledge, I don’t believe any other manufacturer would be any better off.

The problem is thus: it’s not sexy to fix software issues before they arise, no matter how critical the software is. Further, the “invisible hand” of the market will tend toward minimising costs, and designing systems for safety is a costly exercise with no obvious (to management) payoff.

Instead, it’s better to pretend problems don’t exist — for example, many failure modes analysis tools treat software as having no failure modes, while making no such assumption about the hardware platforms on which the software runs — and instead spend time hand-wringing when, inevitably, the house of cards collapses.

Open source software is argued by many to be the panacea to this problem. It isn’t, and the many recently uncovered issues with OpenSSL demonstrate this conclusively.

Nothing short of treating software development to the same rigour applied to any engineering field will consistently improve the state of play.

on debt and economics

Monday, July 6th, 2015

Two, related, articles today of note; worth reading if only to trigger reflection.

In Europe it has frozen Germany into a fixed position in relation to fiscally stricken countries such as Greece over what is reasonable behaviour in relation to debt. In much of the Anglosphere the concept of persuadable political adversaries risks being supplanted by that of implacable enemies engaged in brutal winner-takes-all politics.

In Australia, too; this essay more than accounts for this.

While enthusiasm for Keynesian stimulus is by no means universal among economists, almost none of them think that cutting government spending when the economy is slowing is a good idea. […] Two other Nobel Prize–winning economists, Joseph Stiglitz and Paul Krugman, have argued repeatedly that cutting spending while the economy is slowing is proven to increase unemployment. They have also pointed out that policies increasing inequality rarely produce long-term social or economic benefits.

This last point — emphasis mine — is important: someone who is selfish enough to believe the winner-take-all, fuck-the-poor approach to social services is the right one, is ultimately doing themselves no service whatsoever.