> They reflect the assumption that most of their users will be benign, with only a few being preternaturally stupid
I think most systems have been written with the assumption that most users were "folks like us." (Trusted, professional, benign, reasonably knowledgeable.) Now nearly every system is to some extent accessible to every bad guy in a basement in Russia. Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of John Gilmore Sent: Monday, May 13, 2013 10:47 AM To: [email protected] Subject: Re: Business politics and software development Plus ça change, plus c'est la même chose. This is a pervasive mainframe problem too. I have not heard the term used recently, but for obvious reasons IBM marketing people used to prize what they called 'hardware hawks' very highly. A hardware hawk was a customer executive whose unvarying response to any and all problems was to throw more hardware at them. In the short term this tactic often works. In the slightly longer term its use yields systems that become progressively harder and harder to maintain and all but impossible to replace. Looking at the litany of vulnerabilities documented in the posts I receive from us-cert.gov has convinced me that almost every application and all systems software needs to be rewritten ab initio. They were designed, to the extent that they were designed, in a simpler time. They reflect the assumption that most of their users will be benign, with only a few being prerternaturally stupid and a few others bent on theft. The only appropriate assumption now is that all users are bent upon subverting and/or destroying the systems they use. This assumption is of course hyperbolic: some users will always be too lazy or too unimaginative to do much damage. It is nevertheless necessary. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
