great article, thanks for sharing. I had never heard of Hubert. I was not aware–and I read everything–how much of our digital lives depend on un-audited code independent of proprietary in many cases…(we all know about proprietary. His thesis really harkens back to his (spiritual mentor as I see it) mentor’s '95 call for simpler code.
you will never mitigate the damage when their is too many chiefs; too many interests.
as a (hopefully) smart user I can make the right decisions to avoid much of the hard-wired bloat he describes. we already know the risks the foss stuff has.
he touched on the biggest logical fallacy many believe: “The assumption is then that the cloud is somehow able to make insecure software trustworthy.” how could it be anything but the opposite to a thinking person?
it was all about the software to Hubert but what scares the crap out of me is you can’t audit or scan or even know to to look for hardware / firmware infections. this is the biggest attack vector right now because it’s easy to get in and easy to stay invisible. mostly undetectable -to-server stuff.
But I digress. Eye-opening reading.
This will increase time to market for products, but legislation [in the European Union] should force vendors to take security more seriously.
I’d rather see shittiest software ever written but free, without union “forcing” anything.
I remember a bit of that 1995 article that was discussed around the coffee table and my Lineman master corporal had just bought a 450mhz intel Cpu and told us that it would become obsolete in a short time because software was becoming bigger and bigger …
Very good article indeed. Thanks for sharing