Let The Market Work Its Magic

Most computer users probably assume that their computers are secure. They don’t see the complexity and brittleness of the hardware, the operating system, the network, and the applications because it’s hidden under a pretty user interface with abstracted toy operations. They never considered evaluating security when purchasing software; they assumed it would just work. It’s understandable if they get upset when something goes wrong.

It annoys me, however, when lawmakers see this and decide to fix the problem from their end. They make laws outlawing things like exploiting security vulnerabilities so they can have something to show their constituents. Don’t get me wrong, I think exploiting security vulnerabilities is unethical, but making these laws takes away the motivation for software vendors to improve their products that the market would normally give them. They can use the law as a crutch to support their faulty products instead of innovating better ones. Rather than preventing consumers from being victimized, laws patch up the damage after the fact. What’s sad is that most people think this is acceptable. This is why denial-of-service vulnerabilities won’t be fixed for a long time, if ever.

Yet these kinds of laws have been made before, are made now, and will be made in the future. But I think that as the layperson gains more understanding of what software is and how it’s made, we’ll get back some of that market pressure to innovate.