SoylentNews is people
SoylentNews
from the and-then-we'll-welcome-you-to-obfuscated-code-contests dept.
Secret code is everywhere—in elevators, airplanes, medical devices. By refusing to publish the source code for software, companies make it impossible for third parties to inspect, even when that code has enormous effects on society and policy. Secret code risks security flaws that leave us vulnerable to hacks and data leaks. It can threaten privacy by gathering information about us without our knowledge. It may interfere with equal treatment under law if the government relies on it to determine our eligibility for benefits or whether to put us on a no-fly list. And secret code enables cheaters and hides mistakes, as with Volkswagen: The company admitted recently that it used covert software to cheat emissions tests for 11 million diesel cars spewing smog at 40 times the legal limit.
But as shocking as Volkswagen's fraud may be, it only heralds more of its kind. It's time to address one of the most urgent if overlooked tech transparency issues—secret code in the criminal justice system. Today, closed, proprietary software can put you in prison or even on death row. And in most U.S. jurisdictions you still wouldn't have the right to inspect it. In short, prosecutors have a Volkswagen problem.
Interesting article with implications for Open Source.
(Score: 5, Informative) by CirclesInSand on Sunday October 18 2015, @12:58AM
Similar article: [arstechnica.com]
Defense attorneys have routinely asked, and have been denied, access to examine the software's 170,000 lines of source code in a bid to challenge the authenticity of its conclusions.
...
[Cybergenetics] discloses its "underlying mathematical model" to enable others to understand its genotype modeling mechanism.
170,000 lines of code just to implement a mathematical model? Bullshit. This isn't airplane wing design, they aren't using supercomputers to model complex optimized code for optimization of fluid dynamics problems. It's just some probability formulas and maybe a database lookup.
170,000 lines of code isn't a mathematical model, it is story telling. What the hell are you doing that can't be done in a few hundred (if even that many) lines of Haskell? And who actually believes that any of this code is bug free?
170,000 lines of unaudited code being used to put people in jail for capital crimes, or even executed. I thought the unchallengable DUI fake-science was bad, but after reading this article, I've had my perception of bad legal policy completely moved.
(Score: 2) by gman003 on Sunday October 18 2015, @05:25AM
Presentation logic, probably.
On the software product I work on, when we hit our first release, the VP of marketing asked us for a lines-of-code count. I think it was about 200K, because that counted all of the HTML/CSS/JS for the presentation layer (and one of the developers had the weird habit of double-spacing his code - literally every other line was empty).
Our actual business logic is probably about 70KSLOC, mostly because of all the different systems we tie into, and some rather redundant architecture. It could probably be brought down to 30KSLOC if we could rearchitect some of that away, and remove the deprecated stuff.
(Score: 2) by frojack on Sunday October 18 2015, @06:39AM
Oh come on, you've been around long enough to know that a line code has no specific meaning.
Lines of assembler can number in the hundreds compared to the equivalent lines of a high level language.
Its meaningless, why are you getting all bent out of shape about a silly number?
No, you are mistaken. I've always had this sig.
(Score: 2) by CirclesInSand on Sunday October 18 2015, @02:00PM
If it really is low level code (ASM or C/C++), then it isn't reliable enough for convictions. If someone said "hey I've solved this math problem, it took 170k lines of code", would you really believe them?
(Score: 2) by frojack on Sunday October 18 2015, @07:05PM
No, because math problems are seldom solved by code, whereas code problems are often solved by math.
Like I said, the mythical Line of Code is totally meaningless. Does it include comments? Does it include library members, headers, etc included by reference? Does it include library routines supplied by the compiler or OS environment?
http://c2.com/cgi/wiki?LinesOfCode [c2.com]
No, you are mistaken. I've always had this sig.