Software Vulnerabilities

Jesse Young

April 7, 2011

https://www.digitalethics.org/essays/software-vulnerabilities

"How Soft Is Your Software's Defenses?"

First Impression:

Every creation has its vulnerabilities, even if it's state-of-the-art. Software vulnerabilities is a very popular topic in technology these days, for it's a problem that creates a whole new set of problems involved within like for one, anyone online these days could hack into anyone's computer remotely due to a flaw in their target's software. Everyone should be really careful with this sort of thing these days, whether it's for good or for bad purposes involved. 

Quote: 

"When someone discovers a flaw in software, he or she can choose one of several paths.."

Reflection Proper:

Every creation in this world, including us, as I found out through out life, has its flaws. But one such topic always comes to my mind, especially with the modern era turning into a techno-centric world, is software vulnerabilities. See, these days, as the essay states, and I agree with this: when someone discovers something wrong in the software like a bug or a flaw, he or she can take either of the following choices: do nothing and leave it as it is, resulting in leaving the software in a vulnerable state waiting to be found or exploited by anyone; notify the vendor, which is a good idea in order to fix the found problem but can sometimes unexpectedly lead to something like multiple accusations of intrusion and a hundred thousand lawsuits at one's doorstep; or publicly state the findings of said problem through something like the media, a blog, or at DEF CON which is really the riskiest path for many reasons that should be left unsaid. To put it simply, those choices are unique, which makes it debatable of what exactly is the right thing to do, even if there are good intentions involved. As I read the essay through and through though, I discovered that when it comes to the topic of software vulnerabilities and acting upon fixing them, many effects can happen in either a good manner or a bad one, like for instance, as stated in the essay: the New Yorker, during October 2010, had to make two security updates to its website: first was its password policy change which involves many subscribers to reset their passwords and email out new ones --- however there was confusion afterwards among those who tried logging in, and some even questioned the authenticity email involving the password change update, and a week later, there was a security blunder in the form of a method that allowed users to read articles on the magazine's website without paying; in other words, there isn't a stable paywall that the New Yorker is using, and a paywall is basically a security measure by itself: to let certain users in and others out. So, to summarize my thoughts about this, I would say that people should really come to terms in updating their software and making sure that there aren't any consequences that spite out unspeakably horrible events that are too tough to handle; or to put it simply, look before you leap.

5 Things Learned From Article: 

1. I learned about software vulnerabilities.

2. I learned that when someone discovers a problem within a software, there are many choices that includes consequences that can be risky on a scale of 1 to 10.

3. I learned about people doing solutions to strengthen "the security of the digital edition".

4. I learned that it's best to be vigilant to this sort of thing nowadays and know which path will be most pleasant to take upon.

5. I learned about the importance of a paywall in most websites as a security feature.

5 Integrative Questions:

1. Do you ever notice any flaws in your computer software?

2. What's your opinion on the different choices and linked consequences when it comes to finding flaws in software?

3. Why do people haven't created software that is 100% fool-proof and secured to the highest level?

4. What suggestions can you give to software developers regarding their respective software's vulnerabilities?

5. If you were a software developer, what measures would you take to prevent vulnerabilities from popping up?