Developer Stress, when your software can get someone killed

If you haven’t followed the amazing collapse of the Haystack project I’ll try and update you on the details. Haystack is a network used to circumvent the censorship in Iran and allow people to communicate and use the Internet without restriction. It’s a wonderful idea and a lot of people all over the world need something along those lines.

The problem? Because of the secrecy, lack of transparency and downright cockiness of Censorship Research Center (CRC) the Haystack network could easily get people in Iran’s lives ruined, get thrown in jail or far worse. There an old saying, the road to hell is paved with good intentions. Sayings don’t become that because they aren’t true. On 9/13 the EFF issued a statement telling all Haystack users to stop using the network immediately.

John Graham-Cumming has been writing about Haystack for a while and it’s because people like him that peoples lives may have been saved. Think about it for a bit, if Haystack went live and got adopted like crazy in Iran it’s possible Iran’s government could have exploited the network and seen everyone who was using the network. They could have waited and watch and then in one swoop silenced a large number of political dissidents.

Don’t make the mistake and think Iran is a backwards country, they are very technological literate and very smart. We know from Danny O’Brien that there were already established security issues with Haystack, and if they knew about them and launched it would only be a matter of time before the Iranian government did.

I’ve never written software that could affect someone’s life outside of being supremely disappointed and wasting a couple of hours. But if your developing software that controls a nuclear reactor there’s a lot of testing, controls, and outside analysis that’s goes into it. From the outside observer the CRC had a few good and dedicated developers but no outside security research help or transparency. If your developing software that can have that type of impact on peoples lives, check your ego at the door.

But something very positive and good can come from this process. With a hole being created developers like Dan Colascione, Danny O’Brien and security experts like John Graham-Cumming can help another project, perhaps a reincarnated Haystack that is open and transparent and will hopefully give voice to those around the world who don’t have one.

You never know, we might need something like that here in the US soon.

Tags:

About: Shawn Jackson

I’ve spent the last 18 years in the world of Information Technology on both the IT and Development sides of the aisle. I’m currently a Software Engineer for Paylocity. In addition to working at Paylocity, I’m also the Founder of Resgrid, a cloud services company dedicated to providing logistics and management solutions to first responder organizations, volunteer and career fire departments, EMS, ambulance services, search and rescue, public safety, HAZMAT and others.