> They should be fined out of existence for such breaches and they would quickly change tune.

Looks like this is a great opportunity for an object lesson. Let’s see how it goes…

As far as certification stuff…

Civil engineering has had licensing forever. That’s because Bad Things Happen, when they make mistakes.

I do think that it would be a good idea to score/certify critical infrastructure stuff. That might involve certification of the people that make it, but it should certainly involve penalties for the people responsible. That might include the authors, but it should probably also include the folks that decide to use the bad code.

I know that ISO 9000 is an attempt to address this kind of thing. In my opinion, it’s kind of a mess. I’ve worked in ISO 9000 shops, and it’s not much fun. The thing you learn, pretty quickly, is how to end-run the process, as it’s so heavy, that it basically stops all forward progress. It doesn’t have to, but often does.

Mistakes get made. If you design carefully, these mistakes won’t cause real damage.

I just figured out that an app I wrote, that’s been out for two years, has an embarrassing bug (mea culpa). I’ll get it fixed today.

Because I’m pretty careful, it doesn’t affect stuff like user privacy. It just introduces performance overhead, in one operation, so the fix will mean that the app will suddenly speed up.

I’m not sure that certification would have solved it. My security mindset is why user privacy wasn’t affected, and that comes from experience.

> Good judgment comes from experience. Experience comes from bad judgement.