Geekonomics: The Real Cost of Insecure Software (Hardcover)

“The clarity of David’s argument and the strength of his conviction are truly inspiring. If you don’t believe the world of software affects the world in which you live, you owe it to yourself to read this book.”
–Lenny Zeltzer, SANS Institute faculty member and the New York Security Consulting Manager at Savvis, Inc.

“Geekonomics stays with you long after you finish reading the book. You will reconsider every assumption you have had about software costs and benefits.”
–Slava Frid, Gemini Systems, CTO, Resilience Technology Solutions

“Information Security is an issue that concerns governments, companies and, increasingly, citizens. Are the computer systems and software to which we entrust our sensitive and critical information, technologies that are out of control? David Rice has written an important and welcome book that goes to the heart of this issue, and points to solutions that society as a whole needs to debate and embrace.”
–Nick Bleech, IT Security Director, Rolls-Royce

“If you are dependent upon software (and of course, all of us in the modern world are) this book is a fabulous discussion of how and why we should worry.”
–Becky Bace

The Real Cost of Insecure Software

•   In 1996, software defects in a Boeing 757 caused a crash that killed 70 people…

•   In 2003, a software vulnerability helped cause the largest U.S. power outage in decades…

•   In 2004, known software weaknesses let a hacker invade T-Mobile, capturing everything from passwords to Paris Hilton’s photos…

•   In 2005, 23,900 Toyota Priuses were recalled for software errors that could cause the cars to shut down at highway speeds…

•   In 2006 dubbed “The Year of Cybercrime,” 7,000 software vulnerabilities were discovered that hackers could use to access private information…

•   In 2007, operatives in two nations brazenly exploited software vulnerabilities to cripple the infrastructure and steal trade secrets from other sovereign nations…

Software has become crucial to the very survival of civilization. But badly written, insecure software is hurting people–and costing businesses and individuals billions of dollars every year. This must change. In Geekonomics, David Rice shows how we can change it.

Rice reveals why the software industry is rewarded for carelessness, and how we can revamp the industry’s incentives to get the reliability and security we desperately need and deserve. You’ll discover why the software industry still has shockingly little accountability–and what we must do to fix that.

Brilliantly written, utterly compelling, and thoroughly realistic, Geekonomics is a long-overdue call to arms. Whether you’re software user, decision maker, employee, or business owner this book will change your life…or even save it.

The Alarming Cost of Insecure, Badly Written Software...

and How to Finally Fix the Problem, Once and for All!

Six billion crash test dummies: why you’re at greater risk than you ever imagined.

You pay the price: why consumers are legally and financially responsible for the mistakes of software manufacturers.

Broken windows: how software promotes epidemic cyber crime and threatens national security.

Who runs the show?: Why software manufacturers fought against the U.S. Food and Drug Administration’s attempts to protect the U.S. blood supply.

Protecting national infrastructure: real incentives for transforming software manufacturing.

Surviving the information superhighway: practical, must-read advice in a world of insecure code.

Preface xiii

Acknowledgments xix

About the Author xx

Chapter 1: The Foundation of Civilization 1

Chapter 2: Six Billion Crash Test Dummies: Irrational Innovation and Perverse Incentives 19

Chapter 3: The Power of Weaknesses: Broken Windows and National Security 73

Chapter 4: Myopic Oversight: Blinded by Speed, Baffled by Churn 131

Chapter 5: Absolute Immunity: You Couldn’t Sue Us Even If You Wanted To 179

Chapter 6: Open Source Software: Free, But at What Cost? 243

Chapter 7: Moving Forward: Rational Incentives for a Different Future 273

Epilogue 321

Notes 325

Index 341

“The clarity of David’s argument and the strength of his conviction are truly inspiring. If you don’t believe the world of software affects the world in which you live, you owe it to yourself to read this book.”
–Lenny Zeltzer, SANS Institute faculty member and the New York Security Consulting Manager at Savvis, Inc.

“Geekonomics stays with you long after you finish reading the book. You will reconsider every assumption you have had about software costs and benefits.”
–Slava Frid, Gemini Systems, CTO, Resilience Technology Solutions

“Information Security is an issue that concerns governments, companies and, increasingly, citizens. Are the computer systems and software to which we entrust our sensitive and critical information, technologies that are out of control? David Rice has written an important and welcome book that goes to the heart of this issue, and points to solutions that society as a whole needs to debate and embrace.”
–Nick Bleech, IT Security Director, Rolls-Royce

“If you are dependent upon software (and of course, all of us in the modern world are) this book is a fabulous discussion of how and why we should worry.”
–Becky Bace

The Real Cost of Insecure Software

•   In 1996, software defects in a Boeing 757 caused a crash that killed 70 people…

•   In 2003, a software vulnerability helped cause the largest U.S. power outage in decades…

•   In 2004, known software weaknesses let a hacker invade T-Mobile, capturing everything from passwords to Paris Hilton’s photos…

•   In 2005, 23,900 Toyota Priuses were recalled for software errors that could cause the cars to shut down at highway speeds…

•   In 2006 dubbed “The Year of Cybercrime,” 7,000 software vulnerabilities were discovered that hackers could use to access private information…

•   In 2007, operatives in two nations brazenly exploited software vulnerabilities to cripple the infrastructure and steal trade secrets from other sovereign nations…

Software has become crucial to the very survival of civilization. But badly written, insecure software is hurting people–and costing businesses and individuals billions of dollars every year. This must change. In Geekonomics, David Rice shows how we can change it.

Rice reveals why the software industry is rewarded for carelessness, and how we can revamp the industry’s incentives to get the reliability and security we desperately need and deserve. You’ll discover why the software industry still has shockingly little accountability–and what we must do to fix that.

Brilliantly written, utterly compelling, and thoroughly realistic, Geekonomics is a long-overdue call to arms. Whether you’re software user, decision maker, employee, or business owner this book will change your life…or even save it.

The Alarming Cost of Insecure, Badly Written Software...

and How to Finally Fix the Problem, Once and for All!

Six billion crash test dummies: why you’re at greater risk than you ever imagined.

You pay the price: why consumers are legally and financially responsible for the mistakes of software manufacturers.

Broken windows: how software promotes epidemic cyber crime and threatens national security.

Who runs the show?: Why software manufacturers fought against the U.S. Food and Drug Administration’s attempts to protect the U.S. blood supply.

Protecting national infrastructure: real incentives for transforming software manufacturing.

Surviving the information superhighway: practical, must-read advice in a world of insecure code.

Preface xiii

Acknowledgments xix

About the Author xx

Chapter 1: The Foundation of Civilization 1

Chapter 2: Six Billion Crash Test Dummies: Irrational Innovation and Perverse Incentives 19

Chapter 3: The Power of Weaknesses: Broken Windows and National Security 73

Chapter 4: Myopic Oversight: Blinded by Speed, Baffled by Churn 131

Chapter 5: Absolute Immunity: You Couldn’t Sue Us Even If You Wanted To 179

Chapter 6: Open Source Software: Free, But at What Cost? 243

Chapter 7: Moving Forward: Rational Incentives for a Different Future 273

Epilogue 321

Notes 325

Index 341