Monday, October 12, 2015

Do you trust that software

Software is nothing but a bunch of instructions given to the hardware underlying it. Do you know that the average car has 10 million lines of code built into it ? How do you know that it is doing things that are agreeable to you ? For example is it sending this information about the car back to companies, for them to keep improving ? Worse yet, is it sending the information to insurance companies ? Can these companies make use of the data of our car for competitive advantage and selling us newer policies ? Is there a way we can opt out ? From the dashboard of the car, we are not able to access all this intelligence built into. Some parts, yes. But what about the hidden ones ?

The operating systems like Windows, OSX and Linux are also multimillion lines of code. Somehow, we trust them to do their job correctly. But what if there are Easter eggs in it ? These software, for that matter any software, comes with a hidden payload. A lot of it is obvious to us, but a lot many are not so obvious. Besides, there can be vulnerability within the software, that can open the door for hackers. Of course, the companies send us patches, but are they effective. What if there is a zero day exploit ? By the time that they send us the patches, our machines are already compromised. How many different types of malware do we protect ourselves from. We run firewalls, antivirus software, ad blockers etc. But the sad truth is that there is no 100% solution. We are still vulnerable.

Take a look at what these e-commerce companies do. They extract every ounce of our interaction with them and run machine learning or predictive analytics software to better understand us. If they use it to improve our own services, good. But when they use our data to make suggestions to other customers also, isn’t it a violation of our privacy ? Do you know that sites like Amazon even keep track of our mouse movements to know exactly where we were hovering ? Secure encryption is a myth. Some sites even use malware like code (written in javascript mostly) to do things like SQL Injection, Buffer overflow and other types of attacks. Recently I read the news that Kaspersky, a popular antivirus provider has vulnerabilities in its own antivirus software. So where do we go ?

This all boils down to one thing : Trust. We are all social beings and we trust easily. We hope that these people who write software, do so with good intent. Big companies do not have any underlying intentions in causing us harm. But one frustrated programmer can make all the difference. Most of us do not read the EULA (End User License Agreement) or the Privacy and Protection policies, because they are long and use a lot of legal terms which all of us do not understand. But trust is the cornerstone of all our interactions. You see, we are all good people and we must not doubt others, as long as our trust is not misplaced. If by any chance we do come across a trust problem, we become sceptical.

Software is something that we have no control over, unless we are a hard core programmer. And most of us are not. Hence, we can just hope that the newer software that is released in the market, will somehow hold up the trust that we put in a individual programmer, a team or a vendor. If there is a breach, we switch our loyalties. But mind you, nothing can give you a 100% seamless experience. We are living in a probabilistic world. There is just one person who you can fully trust and that is God, and his channel to you is purely subjective and 100% encrypted. No compromises. A channel which is fully made for you, forever.

Much Love,


No comments: