Down & Brown
since 1998

Cannon fodder.

Bruce Scheiner is writing for Wired and although I know who he is and my esteemed friends and colleagues acknowledge his importance in the field I wouldn't go looking to read his thoughts on security.

Fortunately though, his articles on Wired are well within my news radar and today his article has illustrated not something vitally important about security but rather something about how we are seen by lawyers and politicians : cannon fodder.

Howard Schmidt another security expert has suggested that software developers, individually should be responsible for ensuring that their work is free from vulnerabilities. Scheiner argues against this, rightly suggesting that it is the responsiblity of the companies who are hiring these individuals to create this software to have the process and dilligence to ensure the products they release are minimally defective (I'm sure this is / will become an industry term ;-).

The litigious activity of the RIAA illustrates how easy it is to go after individuals; they're poorly equipped to fight back - essentially an easy target. Popping an unlucky few will send a message back to the rest of you!

Going after a company though is tricky. They're evasive, much better equipped with both finance and resources to fight back if cornered so if you're going to go after them you better have your case nice and tight - and that's hard work.

Much easy to go after the smaller targets...