Software and Open Source – Page 6

September 30, 2015

The Dieselgate Crisis Management: Played by the Book

The way Volkswagen is handling the Dieselgate is a very good example of proper crisis management and seems coming from a crisis management handbook (such as “Master of disaster“): once discovered, the company neither denied the facts nor tried to hide it, announced an independent review, fired the culprits, called-in a new, serious manager started cooperating with the authorities, saved the money for the inevitable fines and damages.

This way Volkswagen has been able to keep the public outcry under control because no collateral damages – such as deep burying evidences, threatening or bribing involved people, further doctoring information etc. – have been suffered, thus helping the company recover its image – and customer base – faster.

September 24, 2015

Volkswagen’s Dieselgate and The Danger of Closed Source Intellectual Property

The not uncommon practice in the ICT/Mobile business of “doctoring”products to look good on benchmarks has find its way into the automotive (and God knows into how many others) business.

Volkswagen, though, isn’t the only to blame because, true, they cheated, but no public supervising authority? ever glimpsed at the software ran by its vehicles, only focusing on “hardware” tests. And – I guess – even if the controllers would have thought of examining the software, they would have been prevented to do so by “the need of protecting Intellectual Property” that – as the “National Security Excuse” – is a buzzphrase to stop any further investigation on controversial matters.

Volkswagen’s Dieselgate shows once more that (a certain way to think of) Intellectual Property – as well of Privacy – has neatly changed its role from being a tool to protect legitimate interests into a shield for wrongdoings.

Were the Volkswagen software released under an open source licensing model, the fear of being exposed would have forced the company to play by the book and would have allowed a true and thorough check by the competent authorities, avoiding a major damage for the industry, investors, employees and citizens.

July 17, 2015

Hacking Team: A Class Action Against Adobe?

After the Hacking Team scandal, everybody and his cousin is calling for a “death sentence” against Adobe Flash, accused of being the “vessel” that allowed Hacking Team’s malware to land on users’ PC and smartphones.

A logical consequence of this ? vulnerability and its exploiting by several malwares, including those made by Hacking Team, would be a class-action against Adobe that, as a matter of fact, released a “bugged-by-design” application.

But this is not going to happens against Adobe, as against the other (big or small) fishes of the software pond. We are much too “programmed” to accept a software fault as an act of God instead of either a mistake or a deliberate marketing choice.

Will things change after the Hacking Team scandal? I don’t think so, thus get ready for the next viral infection, information theft or denial of service: is just business as usual.

May 26, 2015May 26, 2015

Giuffrè Editore (Lexis-Nexis partner)’s Update Disturbing Policy

Lexis-Nexis Italian partner, Giuffrè Editore, is active in both the editorial and software business. One of its tool is a java application to handle the electronic document filing to the Court’s dock.

As the screenshot shows, the OSX version of this software requires on outdated java version because Giuffrè didn’t update its code. As they write on the website: “last java versions have problem. Download from here the recommended version”.

In other words: we don’t want to fix the software you paid, so stay stick with an older java version.

So ? a lawyer wanting to continue using this software faces these alternatives:

downgrade the Java version installed on his computer, thus risking incompatibilities with up-to-date application and having his computer possible stability issues,
buy a computer (or virtualize one) “just” to use Giuffrè softwares,
move to another software and start using it for scratch.

Whatever the option, the customer is the losing part.

September 18, 2014September 18, 2014

Does SHA-7 belong to the US NSA?

As everybody knows, the SHA-n is a series of cryptographic algorithm developed by the NSA and published by the US NIST. The current SHA-n lineup includes SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512.

On the contrary, SHA-7 (see this link – italian only, sorry), a “proprietary, patented encryption algorythm” developed by an Italian company doesn’t belong to the original “family”. And doesn’t have any endorsement by the scientific community.

I wonder why SHA-7 designers have choses this confusing name for their code.