Excerpted from Glyn Moody:
“It is not just an issue for life-saving medical devices that can kill as well as save: it is about our increasing reliance on embedded software in everyday life, in developed countries at least.
Clearly, we can’t. If the code is not available, then it necessarily limits the number of people who have looked at it. And as Linus’ Law reminds us, given enough eyeballs, all bugs are shallow. That doesn’t mean opening up the code guarantees that all bugs will be found, but it certainly increases the probability. The corollary is that keeping it closed decreases the chance of someone finding such bugs.
But there’s a problem here. As we move from the realm of “pure” software – that is, programs running on generalised computers producing essentially digital output (even if that is converted into analogue formats like sounds, images or printouts) – to that of “applied” software, there is a new element: the device itself.
For example, in the case of the pacemakers, having the software that drives the computational side of things is only part of the story: just as important is knowing what the software does in the real world, and that depends critically on the design of the hardware. Knowing that a particular sub-routine controls a particular aspect of the pacemaker tells us little unless we also know how the sub-routine’s output is implemented in the device.
What that means is that not only do we need the source code for the programs that run the devices, we also need details about the hardware – its design, its mechanical properties etc. That takes us into the area of open hardware, and here things start to get tricky.
Phi Beta Iota: Governments have all failed to be responsible about understanding complexity and understanding the role of integrity as a foundation for sustainable properity. Proprietary does not scale. Closed kills. It’s time now for open everything and no compromises with respect to intelligence and integrity.