On 2016-05-27 8:38 PM, Cameron Kaiser wrote:
You can hardly blame windows for the stupidity of people. This could also
happen w/ discreet stupid devices
One word: Therac.
Therac is not the same threat at all. What seems to be missing from the
process that leads to specifying Windows is, indeed, threat modelling.
The threat of a virus scanner disabling the machine is not the same as a
virus disabling the machine, and so on (a proper enumeration of threats
would be quite long).
The point is that the threat model for a "discrete stupid device" is
VERY different from the threat model for Windows. Human error obviously
appears in both lists (and can be mitigated!) And these aren't the only
2 options, either...
I think we can all agree that when the outcomes are as bad as this, then
the engineering process was faulty. A virus scanner (or virus) is a very
easily foreseen problem.
--Toby
