June 2009 Archives

Can we make this any harder?

Imagine if every component vendor and sub-contractor involved in the production of your automobile refined and changed their bits of your vehicle every day while you drove.  It seems obvious that sooner or later specification drift or feature improvements would cause a cascading failure of one sort or another.  Yet this is exactly how we drive our desktop computer systems here on the internet highway. 


This all started innocently enough.  A software vendor wanted to ensure that their software was protected from recently discovered flaws allowing hackers to gain access to the computer so the vendors began offering easier methods of downloading updates from their websites.  Soon it became clear that many users had neither the time nor the inclination to download and install these updates, so methods of automatically pushing them out to computers were developed and deployed.


The result is an environment where many parts of a computer's software persona can change at a moments notice in response to perceived threats.  These threats are often very real as I am sure anyone who has lost their mutual fund account password to a hacker employing a keystroke logger would tell you.  Yet from a usability perspective all this change can be unnerving.  ITIL processes for example try to rein in undocumented computer changes in their attempt to increase stability and usability.


Just off the top of my head here's a list of people that can make changes the computer I'm using to type this post:


Local IT staff

Central IT staff

Microsoft employees

Sun employees

Apple employees

Adobe employees

Symantec employees

The Firefox and Mozilla support communities

And of course any hacker that can slip something in via a malicious advertisement, malicious webpage, malicious image, or any other clever use of the software flaws discovered on a daily basis.


From a support perspective this means that the computer placed on your desk yesterday is not the computer you are using today.  And resistance is futile, for if the vendor updates are ignored, it's only a matter of time before some automated hacking automata exercises a flaw in your computer's software environment and changes your computer to meet some else's nefarious needs.

About this Archive

This page is an archive of entries from June 2009 listed from newest to oldest.

November 2010 is the next archive.

Find recent content on the main index or look in the archives to find all content.


Powered by Movable Type 4.31-en