A Tale of Software Security

A crowd approaches a lone developer
“Hey, developer!”
“Uhhh, hello, ominously large group of users.”
“We just wanted to tell you how awesome this new gun you built us is.”
“Oh, cool. Thanks. It’s great to hear feedback.”
“Yeah, it’s amazing. You can shoot anything out of it, even other guns!”
“Mmmm, it’s not really designed to do that…”
“Oh yeah, we just love it. We’ve shot so many things and we’re coming up with a bunch more things to shoot.”
Voice in distance “My Little Pony, represent!”
“Oh, and Frank just loves the custom skins. That’s great. Thanks for taking that suggestion.”
“It looks like most of you have the default skins.”
“Your design is so good, what can we say! The thing is though, a few of us have, on occasion, shot ourselves in the foot, and we were wondering if you could, you know, make it so we don’t do that anymore. Think you could help us?”
“I was thinking about this already, and my first thought is a safety. Just turn it to “safe” when you are not using the gun. When the safety is on, the gun won’t fire. Ta-da! No more shooting yourself in the foot.”
Crowd murmurs disapprovingly
“Ahh, ok… No. Thing is, if we can choose to turn the safety off, we’re probably just going to leave the safety off all the time. Then it’s like it doesn’t even exist. I mean, I’ll remember about the safety but I can’t promise all these boneheads will.”
Crowd murmurs in self-deprecating approval
“Plus if we ever need to shoot something really spur of the moment, we’ll forget to turn off the safety and miss our chance.”
“Sure, makes sense. Fine, let’s try this. What are you doing when you shoot yourself in the foot?”
“We were messing around and figured out this super cool thing where you spin the gun around really fast and then put it in the holster, like those old westerns. But sometimes the gun goes off unexpectedly.”
“Could you maybe just not do that?”
“Definitely we will keep doing that. It’s probably one of the best things about having a gun. So what we think is that you can make the gun only shoot when we want it to shoot.”
“How does the gun know when you want to shoot?”
“Good question. First, it should only fire if a person is using their own gun.”
“Hrm, ok, well do you ever use each other’s guns?”
“Yeah for sure. So we need to be able to put in a list of people who can use the gun.”
“So like each person has a password for each gun.”
“Noooo way. We’re never going to remember that many passwords. How about you use like, facial recognition or dna testing or something.”
“Uhh, ok…”
“But you know, if we let our friends use our gun and our friends turn bad they could shoot us with our own gun and we don’t want that. So make it so you can’t use the gun to shoot the owner, or anyone on the list, unless we tell the gun we want it to. But only the owner can tell it that.”
“Hey, yeah. The same list of faces could be used for both features!”
“Exactly! Problem is, if our friend suddenly freaks out on us we don’t want to have to tell the gun to let us shoot them. We just want it to know they’re bad.”
“How does the gun…”
“Know they’re bad? Great question.” hands over a stack of papers “We’ve compiled a list of scenarios in which we think the gun should be able to tell someone is bad.”
“Bitten by a vampire? Turned into a zombie? Has transitioned or is transitioning to become a werewolf? Really?”
“Yeah, those are easy ones. No reflection. Decaying flesh. Excessive hair… be careful of beards though. Fred’s growing a mean one”
Growl from crowd
“You tell ’em, Fred. Anyway we think this list should be enough. Let us know if you have any questions. Thanks!”
Crowd rapidly disperses. Developer is left alone with stack of papers.
Five years and 5 billion dollars later…
Developer: “All right. The new gun has been completed and deployed to all of our users. All that’s left is to sit back and let the praise start rolling in.”
Frantic crowd of users descends upon developer
“We’re being invaded by a shapeshifting alien species that can perfectly duplicate any persons’ physical characteristics! All of these guns you designed are useless. You’ve doomed us! What did you just waste all of this time and money on? This is garbag…”
Crowd disintegrates into piles of dust
“Awww hel–”
One final disintegration and blackness descends