This is a transcript of a recent presentation at a secret Fortune 500 meeting (courtesy of Edmund Slowdown).
————————
There is a great deal of anxiety about the Heartbleed bug (explained here) that, for the past two years, made 30% of the internet servers vulnerable.
A single line of code that is responsible for giving unwanted access to the server’s memory was introduced by a German Ph.D. student working on the program. It appears that it was a simple human error missed by all of the three unpaid volunteers that developed this particular software, and millions of users who opted out of examining the code. The introduction of the bug was also quietly applauded by our friends who make a living by snooping around (laughter). Nonetheless the rumor that these days the student drives a red-hot Ferrari with license plate THXNSA are largely exaggerated, it is only a used 1999 Kia with a license plate that says OOOPS.
(laughter followed by a thoughtful pause)
The public is asking how can it be that the internet security is entrusted to software that undergoes so little scrutiny? And why so many of us, Fortune 500 companies, use it anyway? And how come there are no resources to audit it and iron out the bugs?
Well, the allure of using somebody’s hard work for free is very strong and one should never look a gift horse in the mouth (a loud yiihaa is heard from Mr. Bezos).
But seriously, we will have to address these questions in due time but for now let's try to formulate our own perspective. This whole issue is connected to:
The law of unintended consequences
(the title flashes on the screen and the presentation begins in earnest)
Regarding the most noticeable outcome, unintended consequences fall into two basic categories: collateral damage and collateral benefit.
Collateral damage is fairly well understood. In case of the Heartbleed it consists of non-functioning websites, weak security, stolen passwords and identities, and general misery of users affected by issues beyond their control. Over the years we prepared the society to accept collateral damage in case of wars, climate change and, as in this case, poorly written software. Consequently, today nobody looses sleep about it anymore and it is understood that often someone gets the raw deal.
(vigorous nodding in the audience)
So let us discuss the other topic because this is where we may be at odds with the remaining 99% of the society.
(room goes quiet and the lights go dim)
In a nutshell, collateral benefit is a silent assassin of economic growth, unpredictable and the least understood.
(words flash on the screen with "assassin" and "unpredictable" pulsating ominously)
Collateral benefit occurs when our actions might be beneficial to society as a whole but not necessarily to us.
(the word "us" slowly balloons to mega-font size and eventually covers up the rest of the sentence, a pregnant pause follows)
Debugging software that everybody uses is certainly a good thing for most people but I do not see Mr. Ellison providing this service for Mr. Page ("It would be ok Larry" one can hear Mr. Page say, "screw you Larry" Mr. Ellison responds). In other words, how do I know that my competitor will not come up as a real winner as a result of it? Or worse, that this will not awaken some sleeping giant and my company will end up like Enron?
(heads are nervously turning around as a ghost of Ken Lay is seen floating in space)
Take research in financial mathematics; it may be beneficial for the society to understand better what is going on in financial markets. But is it better for Chase? Almost certainly not! I am more likely to be eaten by sharks than to become one.
(I am a shark! roars Mr. Dimon clearly offended by this example and the room quiets in anticipation of the storm of accusations)
The main source of collateral benefit is research and innovation, and the worst and most unpredictable kind is the basic science - aimless foraging of a curious mind.
Collateral benefit is a tidal wave that sinks too many boats!
(speaker's voice reaches crescendo at this point and the screen shows a cartoon depicting Einstein surfing a gigantic wave descending on the tiny fishing vessels with logos of Google, Amazon, Oracle and so forth)
We need to fight the plague of collateral benefit and protect ourselves against it! We need to end playing Russian roulette with the economy and stop aiding foreign competitors!
(the speaker's voice raises and he hammers each sentence like a nail into the coffin of basic science)
We propose to use our collective might to clamp down on science and develop initiatives that will channel it in the direction of a safe and pointless inquiry!
(the slide shows the webpage of a leading funding agency littered with incomprehensible acronyms and solicitations)
We have been preparing to mothball the educational system for decades, and our nearly bankrupt university system will soon collapse under the weight of its own administration!
(on the screen one sees a gravestone saying “RIP Harvard: born: 1636, dead: not soon enough")
Our people are fully deployed and we are poised to finally put the economy on a sure footing of predictable and incremental progress!
(thunderous and long applause after which guests retreat for the banquet)
————————
There is a great deal of anxiety about the Heartbleed bug (explained here) that, for the past two years, made 30% of the internet servers vulnerable.
A single line of code that is responsible for giving unwanted access to the server’s memory was introduced by a German Ph.D. student working on the program. It appears that it was a simple human error missed by all of the three unpaid volunteers that developed this particular software, and millions of users who opted out of examining the code. The introduction of the bug was also quietly applauded by our friends who make a living by snooping around (laughter). Nonetheless the rumor that these days the student drives a red-hot Ferrari with license plate THXNSA are largely exaggerated, it is only a used 1999 Kia with a license plate that says OOOPS.
(laughter followed by a thoughtful pause)
The public is asking how can it be that the internet security is entrusted to software that undergoes so little scrutiny? And why so many of us, Fortune 500 companies, use it anyway? And how come there are no resources to audit it and iron out the bugs?
Well, the allure of using somebody’s hard work for free is very strong and one should never look a gift horse in the mouth (a loud yiihaa is heard from Mr. Bezos).
But seriously, we will have to address these questions in due time but for now let's try to formulate our own perspective. This whole issue is connected to:
The law of unintended consequences
(the title flashes on the screen and the presentation begins in earnest)
Regarding the most noticeable outcome, unintended consequences fall into two basic categories: collateral damage and collateral benefit.
Collateral damage is fairly well understood. In case of the Heartbleed it consists of non-functioning websites, weak security, stolen passwords and identities, and general misery of users affected by issues beyond their control. Over the years we prepared the society to accept collateral damage in case of wars, climate change and, as in this case, poorly written software. Consequently, today nobody looses sleep about it anymore and it is understood that often someone gets the raw deal.
(vigorous nodding in the audience)
So let us discuss the other topic because this is where we may be at odds with the remaining 99% of the society.
(room goes quiet and the lights go dim)
In a nutshell, collateral benefit is a silent assassin of economic growth, unpredictable and the least understood.
(words flash on the screen with "assassin" and "unpredictable" pulsating ominously)
Collateral benefit occurs when our actions might be beneficial to society as a whole but not necessarily to us.
(the word "us" slowly balloons to mega-font size and eventually covers up the rest of the sentence, a pregnant pause follows)
Debugging software that everybody uses is certainly a good thing for most people but I do not see Mr. Ellison providing this service for Mr. Page ("It would be ok Larry" one can hear Mr. Page say, "screw you Larry" Mr. Ellison responds). In other words, how do I know that my competitor will not come up as a real winner as a result of it? Or worse, that this will not awaken some sleeping giant and my company will end up like Enron?
(heads are nervously turning around as a ghost of Ken Lay is seen floating in space)
Take research in financial mathematics; it may be beneficial for the society to understand better what is going on in financial markets. But is it better for Chase? Almost certainly not! I am more likely to be eaten by sharks than to become one.
(I am a shark! roars Mr. Dimon clearly offended by this example and the room quiets in anticipation of the storm of accusations)
The main source of collateral benefit is research and innovation, and the worst and most unpredictable kind is the basic science - aimless foraging of a curious mind.
Collateral benefit is a tidal wave that sinks too many boats!
(speaker's voice reaches crescendo at this point and the screen shows a cartoon depicting Einstein surfing a gigantic wave descending on the tiny fishing vessels with logos of Google, Amazon, Oracle and so forth)
We need to fight the plague of collateral benefit and protect ourselves against it! We need to end playing Russian roulette with the economy and stop aiding foreign competitors!
(the speaker's voice raises and he hammers each sentence like a nail into the coffin of basic science)
We propose to use our collective might to clamp down on science and develop initiatives that will channel it in the direction of a safe and pointless inquiry!
(the slide shows the webpage of a leading funding agency littered with incomprehensible acronyms and solicitations)
We have been preparing to mothball the educational system for decades, and our nearly bankrupt university system will soon collapse under the weight of its own administration!
(on the screen one sees a gravestone saying “RIP Harvard: born: 1636, dead: not soon enough")
Our people are fully deployed and we are poised to finally put the economy on a sure footing of predictable and incremental progress!
(thunderous and long applause after which guests retreat for the banquet)
No comments:
Post a Comment