top | item 37394023

(no title)

I understand your skepticism. That's why I want to see the label functioning as something like an enforceable representation to consumers. If someone wants to sell brick-proof glass, and get a sticker from the US Government saying so, it better be brick-proof.

discuss

coldpie|2 years ago

Well, my comment is predicated on the, apparently erroneous :), assumption that no glass is brick-proof. It is impossible to build a secure software product with our current tooling & development practices. The number of security flaws in every software product is so high as to make the label meaningless. I don't think there's a meaningful distinction to end consumers between "this product has 1,000 holes, 100 of which are publicly disclosed" (i.e. no label) and "this product has 900 holes" (i.e. with label).

mkoubaa|2 years ago

A car that's safe to crash in is also impossible to build, but the NHTSA has standardized crash tests that they built up over time that has meaningfully made cars safer.

daveevad|2 years ago

> the, apparently erroneous :), assumption that no glass is brick-proof

That reminds me of:

> With sufficient thrust, pigs fly just fine.

https://www.rfc-editor.org/rfc/rfc1925

landemva|2 years ago

> If someone wants to sell brick-proof glass, and get a sticker from the US Government

In a free society, why would we ask government (lowercase g) for a window certification sticker? Should government also provide condom anti-breakage stickers? If we want this, maybe UL can set the standard and ask for volunteer testers to affirm the condom or window anti-breakage quality.

Or maybe we can put the Bell System back together and let them regulate what devices may connect to the network. That led to expensive monthly handset charges.

dahart|2 years ago

Are you suggesting the stakes are the same for digital communications as for condoms? How big of an actual problem is condom breakage? How big of a problem is digital surveillance and theft? How do these two problems compare economically today?

Reasons I think we might want some government certification that has real teeth include: the freedom to protect and control our own digital data. A statistically high rate of surveillance and cyber crime with no tools to prevent it impedes the very freedom you’re defending. Absolute freedom for all cannot exist. You can’t be free to keep your money & privacy while I’m free to take it. Real certifications with enforcement teeth wouldn’t solve all problems, but it might make an actual dent. It would be nice to have national security and privacy standards, make purchasing decisions easier (actually sane), prevent some of the crime before it happens, and reduce the crime and surveillance that we know exists. That’s just from a consumer point of view. I’m sure there are many many companies and organizations who would love to be able to have some level of trust in their equipment purchasing without expensive vetting (or far more realistically for most orgs, little to no vetting at all, just hope).

Didn’t the government break the Bell system apart in the first place? When did they get back together and upcharge handsets? I don’t know what you’re referring to. Are you saying that what was needed after the Bell breakup is stronger regulatory oversight with bigger teeth?

andy_ppp|2 years ago

Because there's no such thing as a completely free society and those who believe there is or should be would be the first to be taken to the cleaners by unscrupulous or incompetent actors.

The condom comment is absolutely ridiculous because there are loads of regulations regarding condoms from the FDA. Unsurprisingly you aren't allowed to sell condoms that are likely to break.