Thursday, January 11, 2007
More on the Acer laptop scandal
Acer had not responded to requests for comment the last time I checked. So they haven't explained why they sold computers with software installed that allows any web page you visit to completely control the computer.
There is a broader lesson here.
When you buy software or anything that has software in it, how do you know there isn't a stupid or deliberate security hole? Lots of technies advocate using only "free" or "open source" software for which you can examine the source code (the way you get a copy of the blueprints when you pay for a building). Even that's only a partial answer. Even if you know how to read computer programs or can afford someone who does, it's a huge and error-prone effort to audit something as big as today's software packages.
The best a normal person can do for now is to include security in purchasing decisions. Avoid companies which have a record of abusing their customers.
|
There is a broader lesson here.
When you buy software or anything that has software in it, how do you know there isn't a stupid or deliberate security hole? Lots of technies advocate using only "free" or "open source" software for which you can examine the source code (the way you get a copy of the blueprints when you pay for a building). Even that's only a partial answer. Even if you know how to read computer programs or can afford someone who does, it's a huge and error-prone effort to audit something as big as today's software packages.
The best a normal person can do for now is to include security in purchasing decisions. Avoid companies which have a record of abusing their customers.
# posted by Frederick @ 9:25 AM Email to a friend:
Haloscan: they provide trackback