photo RSMAtnWebAdRed13.jpg

Programmers Are Human, Too

The Computer Corner

By Charles Miller

In French the word “exploit” can translate as “achievement” or “accomplishment.” This is exactly what computer hackers or crooks must feel every time they discover a new vulnerability they are able to exploit and through it to infect computers with their malware. Some people who lack understanding of computer software may ask why those vulnerabilities were there and why the software makers did not fix them earlier. In other words, “Why can’t programmers write perfect computer code with no bugs?” Perhaps readers might better understand this as I experienced it several decades ago. In Washington, DC, in the 1980s, a computer system called LOCIS, the Library of Congress Information System, was being developed. Credentialed researchers could go through an orientation process and then be allowed into the computer lab to use the new system. This was part of the process of testing LOCIS before the system was made available to the public, and for me this was more interesting than spending more days visiting the Smithsonian. The orientation consisted of several hours of the computer programmers explaining what LOCIS could do, or at least what they understood it could be made to do. At a computer terminal, I went to work exploring the library database and discovered it included Dewey Decimal System cataloging, a system with which I was familiar. I wrote a search script to parse out some geographic identifiers from Dewey that were not found in the Library of Congress Classification System. When I was debriefed, the LOC programmers were fascinated, saying, “We never thought of that.” I was fascinated that these professionals who knew more about computers than I did had not thought of it either. They took copious notes about my little discovery and my experience probably resulted in the voluminous documentation for LOCIS, including one small paragraph explaining my search method. The point of this story is to underline that the engineers and programmers who create computers and software do not always understand the limits and capabilities of their own creations. Once any new system is exposed to millions of creative minds, somebody always seems to find new capabilities the original makers did not realize they had included. Every time you use your computer to browse a web site, certain things are supposed to happen. Sometimes, though, in the process of handling legitimate communications, your computer will be victim to an arbitrary code execution or commands that cross the line between what should be permitted and what should not. This is one of the ways the bad guys trick your computer into installing viruses or other malware. Stopping arbitrary code execution from happening is not always easy to do without also stopping legitimate commands from being executed. Fixing newly discovered vulnerabilities is why Apple and Microsoft release dozens of updates to their software every year. And this is the reason it is important to keep all your devices up to date with the latest security updates. Failure to do this is to put you at risk.

Charles Miller is a freelance computer consultant, a frequent visitor to San Miguel since 1981 and now practically a full-time resident. He may be contacted at 044 415 101 8528 or email FAQ8 (at) SMAguru.com

 

Comments are closed

 photo RSMAtnWebAdRed13.jpg

Photo Gallery

Log in | Designed by Gabfire themes All original content on these pages is fingerprinted and certified by Digiprove