Some Simple Solutions
There is a simple solution to eliminating patent and copyright trolls. Because the rights associated with patents and copyrights are solely statutory and not embedded in local customs or common law, the protection rights should not be transferable. That is, if a patent or copyright ownership is transferred then the statutory rights to protection do not transfer. If ownership rights can be transferred, then by statute they should be dramatically limited, say to two years.
A simple solution to some security problems with software could be resolved by requiring all software that is declared end of life (EOL) to be published in full as open source code. At the very least, declaring software to be EOL should negate DMCA and EULA protections against reverse engineering and disassembling code. While EOL declarations are not the same as abandoned property as the term is used legally, there are some loose similarities to the concept. When a vendor no longer wants to support software they are in some ways abandoning the software. Perhaps a better analogy is such code sits in the attic untouched and forgotten, useless to any anybody. Again, this is only a loose comparison, but the incentive here is declaring software EOL means abandoning all security updates too, to which users should have rights to maintain on their own.
Now that the Internet of Things has proven to be a nightmare for security, there should be a voluntary review process of all such products. Something similar to Consumer Reports or Underwriters Lab. The review process need not be complicated, but would check for basic security precautions. Any device not listed by this voluntary review process would be considered insecure and not recommended. One of the review items would be whether the firmware source code is open source and hence, reviewable for security. To receive high grades in security reviews when the code is not open source, vendors would have to demonstrate proactive efforts to ensure the closed source software is maintained and actually secure.
Vendors of firmware could solve many of their security challenges by using a common open source core. They could further reduce security challenges by publishing their modifications. They won’t do that because then they would be exposing their backdoors and data mining efforts. Of course, simply producing a high quality product is something marketing wonks seem to have forgotten.
Posted: Category: Commentary, Usability Tagged: General
Next: 90 Percent of Everything
Previous: Blocking Microsoft Domain Names