It is great to see that open source projects are not limiting themselves to just software.
Once started, most open source projects tend to generate a life of their own. Unfortunately it is also a current trend that once started, the movement hits a stalemate where no further progress is made. It will be interesting to see if this happens to the Arduino movement, or if, as everything is looking at this moment, the movement will just plow through the stalemate and continue giving the community more and more resources and fresh ideas to continue growing.
It only makes sense that the timing is right for open-source controller platforms given the rise of open source software in nearly every major application category and the growing popularity of the open Web (i.e., social networks and community-oriented sites). I'm hoping, as Jason notes, that the movement rides out or bypasses any stalemate and keeps the hobbyist innovation engine rolling. That could lead to good things.
The momentum of some of these grass roots hobbyist movements is amazing. The First Robotics competition has a huge following and the Make It competition created a big buzz at the recent Freescale Technology Forum. If there's a similar carryover for Arduino, it could enjoy some serious growth.
If it's beginning to take off, I'd like to see someone take security seriously from the beginning of a concept. Open source means the nefarious types will eventually be using the openness to discover attack vectors.
You know, I think about this all the time. I once emailed MIT about their open courseware program whereby all of their grad courses are published online. There *are* people who would like to do away with us. Hmm. Is it really wise to give them the means so easily?
I am grateful for this type of Open Source movement as a way to help me develop assistive techology devices for blind people, but you are right. I like to say that technology empowers us to do whatever we desire. Has anyone noticed that human desires are sometimes a bit dark? No? Looked at the news anytime lately?
How could we make designers aware of this kind of issue?
More practically, how can designers actually incorporate security as you suggest? I'd be an advocate if I knew what that might look like. If you have suggestions, I'd love to hear from you and spread the word that it's advisable!
It's pretty bad out there. At this year's Black Hat Security Conference, Jerome Radcliffe demonstrated how to hack his own wireless insulin pump.
The development of cyber-security closely follows classic warfare. Pointed sticks were stopped by leather armor. Bow and arrow defeat that armor, so various metal armors were developed. Gunpowder weapons, heavier armor, until you get to present day, with main battle tanks with reactive armor going against self-forging penetrators.
We see the same sort of circular development in cyber security, with ever more sophisticated defenses and attack vectors. That's what the Black Hat conference is all about: trying to come up with better, novel approaches to security.
One answer might be to make the punishment for such a hacking crime be sufficiently steep. I remember a teacher in college talk about minimax optimization. He used the punishment for exceeding the speed limit for his example. If the penalty for exceeding the speed limit were death, then no one would drive faster than the posted limit. The penalty is relatively minor, so everyone speeds.
Stiffer penalties, maybe. But your question was how to prevent it through inital design. I don't think it's possible.
Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.