
Writing Software That Can Kill - hlieberman
https://blog.setec.io/articles/2016/01/07/software-kill.html
======
officialchicken
I've worked in highly regulated environments - and you can't reach out the EFF
or ACLU without being sued into oblivion after signing the typical contracts.
Get a lawyer is your only option - and only on their advice should you contact
anyone else.

As for specific examples - what about SCADA, SWIFT (finance), Biologics
(genomic pharma), or anything that actually could impact someone's life or an
entire community? RS-485 double drops vs PoE for a factory is one example.
External auditing of back office / risk management / fixed income software is
another. Simulated modeling of genomic drugs and FDA phase II trials is
another. And then there's Barnaby Jack vs Medtronic... lots of great examples
out there better than tor/encryption.

~~~
hlieberman
Very true! I excluded SCADA and most biologics because they are not
necessarily intrinsically harmful in the way I wanted to discuss. There are
people far more qualified than I am -- yourself probably included -- who can
discuss how to safely build those kinds of systems.

I wanted to touch on a slightly different problem; deciding to build something
which is fundamentally impossible to do safely, rather than something which is
very difficult to do safely.

------
hlieberman
Full disclosure: I am the author of this post.

~~~
raddad
I'm glad somebody else enjoyed Sneakers.

~~~
hlieberman
So much. Treats tech pretty accurately, too, for the most part. Teaches some
good security lessons as well, about social engineering and infiltration.

