Thoughts on computer security
Alfred Fuchs, HW development at Ginzinger electronic systems about CVEs
It is fascinating to follow the stories of this arms race but difficult to get an overview of all these details.
One person who has spent his whole life with this matter and written books about it is Bruce Schneier. He is well known to security insiders and author of the book "Click here to kill everybody". Whoever has read the book, sometimes gets a queasy feeling. Especially when it explains why the scenarios described in the book are not so far-fetched.
At Ginzinger electronic systems, we developers carefully examine whether a "CVE" (Common Vulnerabilities and Exposures) affects our Linux and what other precautions we take, we won't reveal at all. But in an ever more networked world, this is not enough.
After all, European politicians have brought together the basic data protection regulation, whatever one may think of it in detail. But as long as many people and managers are not aware of the risk or are indifferent to it, it will be worthwhile for all too many cyber criminals to come after us for the bits.
It is part of the professional responsibility of engineers and technicians (and the few inside) to think about the foreseeable misuse of their work. "I have nothing to hide" is a phrase that is often used. But you do! naivety and ignorance should be hidden. Or, even better, help them out. Reading this book is a first-class means to do so.
Author: Alfred Fuchs, hardware development at Ginzinger electronic systems.
Translated with www.DeepL.com/Translator (free version)