It's pretty bad out there. At this year's Black Hat Security Conference, Jerome Radcliffe demonstrated how to hack his own wireless insulin pump.
The development of cyber-security closely follows classic warfare. Pointed sticks were stopped by leather armor. Bow and arrow defeat that armor, so various metal armors were developed. Gunpowder weapons, heavier armor, until you get to present day, with main battle tanks with reactive armor going against self-forging penetrators.
We see the same sort of circular development in cyber security, with ever more sophisticated defenses and attack vectors. That's what the Black Hat conference is all about: trying to come up with better, novel approaches to security.
One answer might be to make the punishment for such a hacking crime be sufficiently steep. I remember a teacher in college talk about minimax optimization. He used the punishment for exceeding the speed limit for his example. If the penalty for exceeding the speed limit were death, then no one would drive faster than the posted limit. The penalty is relatively minor, so everyone speeds.
Stiffer penalties, maybe. But your question was how to prevent it through inital design. I don't think it's possible.
You know, I think about this all the time. I once emailed MIT about their open courseware program whereby all of their grad courses are published online. There *are* people who would like to do away with us. Hmm. Is it really wise to give them the means so easily?
I am grateful for this type of Open Source movement as a way to help me develop assistive techology devices for blind people, but you are right. I like to say that technology empowers us to do whatever we desire. Has anyone noticed that human desires are sometimes a bit dark? No? Looked at the news anytime lately?
How could we make designers aware of this kind of issue?
More practically, how can designers actually incorporate security as you suggest? I'd be an advocate if I knew what that might look like. If you have suggestions, I'd love to hear from you and spread the word that it's advisable!
If it's beginning to take off, I'd like to see someone take security seriously from the beginning of a concept. Open source means the nefarious types will eventually be using the openness to discover attack vectors.
The momentum of some of these grass roots hobbyist movements is amazing. The First Robotics competition has a huge following and the Make It competition created a big buzz at the recent Freescale Technology Forum. If there's a similar carryover for Arduino, it could enjoy some serious growth.
It only makes sense that the timing is right for open-source controller platforms given the rise of open source software in nearly every major application category and the growing popularity of the open Web (i.e., social networks and community-oriented sites). I'm hoping, as Jason notes, that the movement rides out or bypasses any stalemate and keeps the hobbyist innovation engine rolling. That could lead to good things.
It is great to see that open source projects are not limiting themselves to just software.
Once started, most open source projects tend to generate a life of their own. Unfortunately it is also a current trend that once started, the movement hits a stalemate where no further progress is made. It will be interesting to see if this happens to the Arduino movement, or if, as everything is looking at this moment, the movement will just plow through the stalemate and continue giving the community more and more resources and fresh ideas to continue growing.
The first Tacoma Narrows Bridge was a Washington State suspension bridge that opened in 1940 and spanned the Tacoma Narrows strait of Puget Sound between Tacoma and the Kitsap Peninsula. It opened to traffic on July 1, 1940, and dramatically collapsed into Puget Sound on November 7, just four months after it opened.
Noting that we now live in an era of “confusion and ill-conceived stuff,” Ammunition design studio founder Robert Brunner, speaking at Gigaom Roadmap, said that by adding connectivity to everything and its mother, we aren't necessarily doing ourselves any favors, with many ‘things’ just fine in their unconnected state.
Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.