You know how some appliances have an extra prong on the cord that plugs into the wall? That’s a grounding wire and it’s to keep you from electrocuting yourself if something goes wrong. It’s potentially much cheaper to omit this wire, but we demand manufacturers add it anyway. 1/
Similarly, seat belts in automobiles are so ubiquitous that we'd find it strange if they were absent. But it was not always like this, of course. When Ford first offered seat belts in 1955, only 2% of customers opted to pay for them. Today, nearly everyone willingly "buckles up".
It's sometimes difficult and always more expensive to implement things like grounding wires and automotive safety equipment. But we do it anyway because appliances and automobiles are commonplace in most of our lives, and we want the security of safety when using them.
Yet, here we are in 2021—a time when software has burrowed deep into our lives and controls or at least monitors many of our daily interactions in a VERY pervasive way—and we still somehow accept that it's "too hard" or "costs too much" to do things not only right, but *better*.
EULAs and Terms of Service agreements still protect software publishers from many types of liability that would be laughable if instead of our ISPs "accidentally" compromising our identities, it was a toaster delivering line voltage through our torsos every time we touched it.
I fear the SolarWinds disaster (and I do mean *DISASTER*) will end with nothing more than a firm slap on the wrist, and we all know that Equifax didn't exactly *suffer* from their unfathomable 2017 compromise of such a giant slice of the population's identities.
This must change, and we—the relative-to-the-population-at-large few who understand this stuff—must be the ones to drive it. If we don't, then it will still be regulated, but by the same people who think encryption should get an otherwise-secure math loophole for convenience. 🙄
(There was an interesting discussion with @sggrc and @leolaporte on Security Now last week that touched on these concepts (Underwriters Laboratories, seat belts, SolarWinds); transcript here: https://www.grc.com/sn/sn-803.txt  ) /end
You can follow @coates.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
Those who think consciousness raising & movement building are disconnected, or even a distraction from electoral politics have not paid attention to the history of social change.In this thread, we
Read more
The 2020s will be known as the Remote Work decadeA few predictions of what is likely to emerge[ a thread ] Third Space: Office and Working from Home will
Read more
1/29: Have you ever had a concept explained to you that helps frame complex issues you’ve been wrestling with and opens your eyes to new possibilities? A concept that I
Read more
By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.