IT Employment investigate

Linux.conf.au 2012: cyborg lawyer demands source

Lawyer Karen Sandler's heart condition means she needs a pacemaker-defibrillator to avoid sudden death, so she has one simple question: what software does it run?

Podcast

Download the podcast

Yet it turns out that it's impossible for her to see and understand the technology that's being installed into her own body and upon which her life depends. Regulatory authorities don't see or review the software either.

She simply has to trust that the vendor is telling the truth and doing things right.

In this third of four daily podcasts from Linux.conf.au 2012 (LCA) in Ballarat, you'll hear Sandler discuss the real-world implications of this very personal software story.

How do we know the software works as advertised? How do we know it's secure? And what will happen if something goes wrong and the vendor tries to cover up the flaws, or if the vendor just goes bankrupt and the software stops being maintained?

Sandler also discusses legal cases where the prosecution's evidence was unreliable because it relied on software that turned out to be flawed --- yet another practical reason to demand the source.

You'll also hear part two of our look at FreedomBox, a project to create a platform for privacy-enhancing social networks. Following on from yesterday's episode, FreedomBox Foundation board member and developer Bdale Garbee gives us a status update on the project's software stack.

There's also a conversation with Mary Gardiner and Valerie Aurora about the Ada Initiative, a project to increase the participation of women in open technology and culture. Also, Linux kernel developer "Rusty" Russell and geek-advocate Pia Waugh explain why the Ada Initiative and other work won Mary Gardiner this year's Rusty Wrench award for services to the Australian Linux community.

Running time 42 minutes, 45 seconds

"Metal Free Software Song 2: This Time It's Personal" by Jono Bacon is based on the original "Free Software Song" by Richard Stallman, used under a Creative Commons Attribution ShareAlike licence.

5 comments
dogknees
dogknees

If you want to see the software, you'd need to see the full hardware design as well. The interaction between the two would be the place to look for problems. Given it's not realistic to expect a company to make publicly available all it's hardware designs, why would expecting them to show your the software be any different? The fact that you're "in the software business" doesn't change your right to access propriety or commercially sensitive information.i

david.hunt
david.hunt

I heard of someone in our town that was recently hospitalised ( transferred by air ambulance ) when his installed pacemaker / defibrillator started firing randomly. Of course we will never know if it was software or hardware that was at fault, but it had to be replaced..... urgently. I wonder if the replacement was the same make / model? If you were the patient, how would you feel afterwards?

dogknees
dogknees

While it's understandable that one might want to review software that supports ones life, there is a lot of other software that should it fail to operate as it should could cause harm to many people. One that immediately comes to mind is auto-pilots in passenger jets. A friend an I were talking about something a few days ago that is pertinent. We were reading that the university entrance standard for doctors is no longer the highest for any course, leading to a discussion about whether it should be. I made the observation that when a doctors messes up, one person dies. If an engineer messes up, it can kill dozens or even hundreds of people. So, is it more important that a doctor knows their job or that an engineer knows theirs? Is it more important for me to know what code is running in a medical device, or what is controlling the aircraft you and others are flying in?

HAL 9000
HAL 9000

Remember the Old Saying Civil Engineers Build Targets and Mechanical Engineers build things to destroy them. ;) Once upon a Time I used to be able to say [b]No Matter how badly you mess up no one is going to die.[/b] That's no longer true in a lot of the things that I do and as you correctly point out I'm not going to just kill the one person but several to many depending on what it is I stuff up. However on the up side what I do doesn't have the finial say on anything it is always reviewed by others. I'm just glad I'm not the one doing the Finial Approval any more. Though to be perfectly honest its much more fun working out ways to destroy things than it is to build them. :0 Col

AnsuGisalas
AnsuGisalas

well, that is what we know as SNAFU :p