|
| From: | J.B. Nicholson |
| Subject: | Re: [libreplanet-discuss] [fsf-community-team] Golden Rule Angle for Libre Software Advocacy |
| Date: | Sat, 13 Aug 2016 15:50:16 -0500 |
| User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Icedove/45.2.0 |
Marcos Marado wrote:
I recently read about a woman who has a pacemaker. It had a software bug, which frightened her. She knows /of/ it but she doesn't know it, since she doesn't have access to the software running on her own body. Furthermore, she found out that there is a functionality in it to accept OTA updates, which she cannot control. Scary. And this is not science fiction, this is a real case, current technology.
I'm not sure what story you're referring to, but Karen Sandler (a lawyer working with Software Freedom Conservancy, co-host of the "Free as Freedom" Oggcast at http://faif.us/ ) tells a similar story: she wears a pacemaker/defibrillator[1] due to her enlarged heart which is 3 times the size of a normal heart. Her enlarged heart puts her at risk of suddenly dying (2-3% annually compounding risk), thus she wears (inside her body, screwed into her heart) a $75,000 Medtronic device. She recently had a child and found a bug in her device's software during her pregnancy -- pregnant women's hearts sometimes race and thus triggered the device to deliver a shock to her because her device's software was programmed to deliver a shock if the user's heartbeat goes outside an acceptable range. This variable heartrate is completely normal for pregnant women, but the device is typically only installed in patients who are well past their childbearing years (as Sandler's doctor told her when she reported this erroneous shock).
When Sandler was first getting this device she tried to get the complete source code for the device, even being willing to sign a non-disclosure agreement for this source code (look up her name and see/hear any of her early talks about her heart to hear the full story on this). But the proprietor would not give her the source code. So, like anyone with any proprietary software, she is denied permission to fix this problem and has to hope the proprietor cares enough about her unusual case to address this bug. If the proprietor goes out of business, she's simply out of luck possibly undergoing another surgery just to change the device sold by developers who care about software freedom or her case.
In a previous talk, Sandler explained that she purposefully did not pick a pacemaker/defibrillator device that could accept updates or be read wirelessly because she could see how she is not well-served by a device programming changing ad-hoc by unknown people, or people reading her device's data remotely. She requested an older model which can only be reprogrammed and read where the reader device is physically in close proximity to her heart. Presumably she would make sure only trusted people get this close and thus that would help preserve her life and her privacy. But all of the newer devices work wirelessly over greater ranges of separation between the device and the reader. This means when she needs a new device (the batteries only last for so long, she will need a new device if she lives to around 80 years as many women do), she might not be able to get the older relatively more privacy-preserving and safer device she prefers.
This understanding of the power of proprietary software versus what society needs to operate properly -- software freedom -- converted her from "thinking open source was cool" to understanding that "software freedom is absolutely essential to our lives, to our society, and to our overall framework": "For me, this got me extremely passionate about software freedom. Where I previously thought that open source was cool, I have now come along to the view that software freedom is absolutely essential to our lives, to our society, and to our overall framework. And that has put me solidly in the free software space. [...]" (around 5m45s into [1]).
Anyone riding in or being alive near a modern car is in a more similar situation to Sandler than they think: when you're in or around any car you depend on that car to protect your life. Modern cars use proprietary software to govern emissions (hello VW fraudsters!), vet who is allowed to get in and drive the car via remote locking, and control how the car operates while in use. We're seeing how insecure this code is as people provide the public service of breaking into the car (not to steal the car or rob what's in the car) demonstrate the insecurity of that software. We now understand that car designers don't prevent the software that could create distracting & unsafe environments in cars (thus leading a driver to spend time fiddling with environmental controls instead of driving) and this could create a lethal problem for some innocent passerby when a vehicle in motion hits and kills them. Autonomous vehicles look even worse -- untrustworthy developers purposefully using proprietary software to control where the vehicle goes and how fast, and deal with sudden unpredictable changes on the road make me think autonomous vehicles are horribly unwise[2]. Then there are the huge privacy losses on top of that. We're heading in the wrong direction (so to speak) with this advance and we're all affected by this even if we walk everywhere we go.
[1] http://meetings-archive.debian.net/pub/debian-meetings/2016/debconf16/Free_Software_Companies_and_You.webm
[2] These vehicles also pose showstopping insurance imbalances that compound how thoroughly unwise these vehicles are serving primarily the proprietor class.
| [Prev in Thread] | Current Thread | [Next in Thread] |