Gregory's Server@q3k @redford @mrtick @zaufanatrzeciastrona is anyone getting sued at least?
Because this is ridiculously anticompetitive behaviour.
|
32 comments
@AlgorithmWolf @q3k @redford @mrtick @zaufanatrzeciastrona unfortunately, it is usually the security expert detecting the issue, or the whistleblowers who get sued… @dukp @q3k @redford @mrtick @zaufanatrzeciastrona true indeed... Hopefully the EU cripples this manufacturer somehow.  @AlgorithmWolf @dukp @q3k @redford @mrtick @zaufanatrzeciastrona Yes, the manufacturer should be excluded from EU contracts for the next 10 years. @UlrikNyman @AlgorithmWolf @dukp @q3k @redford @mrtick @zaufanatrzeciastrona - was Volkswagen crippled or excluded from the EU contracts after they cheated on pollution tests? @tom_andraszek @AlgorithmWolf @dukp @q3k @redford @mrtick @zaufanatrzeciastrona No. I am only saying what I think would be a fair consequence. @AlgorithmWolf - the US fined Volkswagen, the EU did not "cripple" Volkswagen or exclude them from contracts, as far as I know. Whoever did this at Newag needs to be charged and servicing companies and customers need to be compensated for the loss of revenue. I wonder if making programmers go through certification/registration process like engineers would limit unethical behaviour. If a programmer was personally responsible for the damage their code does, through negligence or international. @tom_andraszek https://www.ft.com/content/0c594b02-6f91-4b9d-bab7-11992f116316 Yes it did. Do you not really think being forced to recall (and fix for free) potentially hundreds of thousands of cars is a punishment? VW made zero money from it, and all their customers now have a less powerful engine.  @tom_andraszek So what would you have the programmers do? Immediately quit if their boss tells them to do something immoral, no matter if it means they can't pay their rent any longer? It's COMPANIES that need certification/registration, not individuals, and when they misbehave, the blame should start at the TOP, not at the bottom. @Denian - what do civil engineers do when their bosses tell them to do something illegal? The certification would be required at both levels, same as with civil engineering: the company would have to certify that the software was built/updated by certificated programmers and to work as a professional programmer you would need to finish a certified course at a university, and join a professional association. @tom_andraszek That's part of the problem right there. Not all good programmers have the mindset to finish university, and not all those who finish university turn out to be good programmers. In fact, many of the best are self-taught or "only" went through job training. The mental skillsets needed for either just aren't that congruent. @Denian @tom_andraszek I abandoned my studies because I started working as a programmer very early on and found limited value in both, content of courses and title itself so I am a little on the fence here, but some professional course on moral and legal aspects followed by certification that leads to increased legal consequences should be mandatory for being a part of critical infra software projects. IT is morally and legally immature when it comes to sw that creates threat to the society @Denian @tom_andraszek also, viable insurance service for such employees should be at play here @chodzikman @tom_andraszek A standalone certification course is certainly an option, but I still say the far more important step is to require certification for the companies involved. And the companies should also have to pay any certification fees for new employees that don't have that certification yet. Also, in this case, I'd argue that the order to add those killswitches likely came from the customer, so a requirement to report illegal/immoral requirements in such projects is needed, too. @Denian @tom_andraszek I believe that as a company you need ISO26262 to do railway related software, just as you need ISO13485 to do medical, I am more familiar with the latter and here conpany is obliged to train employees as well but from my exp it is a bit fictional (to various degree) - mandatory external training and cert could improve it IMO @tom_andraszek @Denian also there should be a way to file compliance violations anonymously. @Denian @tom_andraszek Yes, if something is immoral, abhorrent or illegal, we generally expect the people asked to do those things to blow the whistle.  @tom_andraszek @AlgorithmWolf @AlgorithmWolf @dukp @q3k @redford @mrtick @zaufanatrzeciastrona they're going to lose so many contract bids from this (this happened to transit companies who delivered substandard busses).
https://www.nytimes.com/1984/02/08/nyregion/all-grumman-buses-to-be-put-off-streets-in-city-permanently.html @AlgorithmWolf @q3k @redford @mrtick @zaufanatrzeciastrona So far, the Polish Railway Transport Authority said that it is a matter for a civil dispute between the purchaser and the manufacturer and is washing its hands of it, but the news only broke, I really hope someone goes to jail pour encourager les autres. @Leszek_Karlik It feels a little bit like when VW had its cars detect whether they are on a test stand or not. I wonder if in this case the higher-ups will also pretend that they knew nothing about this code.  @AlgorithmWolf @q3k @redford @mrtick @zaufanatrzeciastrona it looks worse to me, it looks like they deliberately sabotaged the operation of public transportation vehicles. I hope it gets elevated to a criminal offense, this is worse than if a passenger got in a train and disabled it, which they would definitely go to jail for.
@AlgorithmWolf @q3k @redford @mrtick @zaufanatrzeciastrona Bordering on sabotage, methinks. @AlgorithmWolf @q3k @redford @mrtick @zaufanatrzeciastrona sounds anti-consumer too. Manufacturer's just straight up sabotaging these trains? @AlgorithmWolf @q3k @redford @mrtick @zaufanatrzeciastrona yes, Newag, the company that made the trains is talking about suing the hackers |
@AlgorithmWolf
I belive, this could be used by a competitor. Unless they do the same.
@q3k @redford @mrtick @zaufanatrzeciastrona