The Heartbleed Hack and Misunderstanding the State of Our Tech Infrastructure

The state is bad. Before we get to the Heartbleed security hack, which was exploited by the NSA, it’s worth revisiting our usual plaint regarding the state of science infrastructure:

One of the ridiculous things about many depictions of science in TV and movies is the notion that there’s this huge infrastructure: shiny labs (which are always neat and spacious), high-tech this and that, and an army of workers to solve a problem. The reality is that much of our scientific knowledge in any subdiscipline is held by a few people who are operating on shoestring budgets with inadequate resources. To put it bluntly, we often lose considerable knowledge and materials when an older faculty member or researcher dies or retires (in my own subdiscipline of microbiology, there are several valuable collections that would be lost if a single freezer broke for an extended length of time).

So we were saddened but not surprised to read this about the Heartbleed hack (boldface mine):

What’s amazing, however, is that the code that contained this bug was written by a team of four coders that has only one person contributing to it full-time. And yet Henson’s situation isn’t an unusual one. It points to a much larger problem with the design of the internet. Some of its most important pieces are controlled by just a handful of people, many of whom aren’t paid well — or aren’t paid at all….

The sad truth is that open source software — which underpins vast swathes of the net — has a serious sustainability problem. While well-known projects such as Linux, Mozilla, and the Apache web server enjoy hundreds of millions of dollars of funding, there are many other important projects that just don’t have the necessary money — or people — behind them. Mozilla, maker of the Firefox browser, reported revenues of more than $300 million in 2012. But the OpenSSL Software Foundation, which raises money for the project’s software development, has never raised more than $1 million in a year; its developers have never all been in the same room….

In some ways, there’s a bug in the open source ecosystem. Projects start when developers need to fix a particular problem, and when they open source their solution, it’s instantly available to everyone. If the problem they address is common, the software can become wildly popular in a flash — whether there is someone in place to maintain the project or not.

But our awesome economic system is doing an excellent job of mobilizing and allocating resources. Or something.

Perhaps there’s a cost to high frequency trading after all?

This entry was posted in CIA Spy Shit, Funding, Internet. Bookmark the permalink.

1 Response to The Heartbleed Hack and Misunderstanding the State of Our Tech Infrastructure

  1. Horace Boothroyd III says:

    I can’t believe how gullible you people are. Seriously, it’s harming the country so knock it off.

Comments are closed.