Yea, every time I read one of these articles, I can’t help but think: “A software engineer sat down and wrote this remote kill switch." We, as a profession are responsible for this shit, or at the very least, complicit. Regulation is one thing, but also, software engineering as a profession is in dire need of ethical standards. Just because we can code something doesn’t mean we should.
I remember one of Asimov's stories involved a human defeating the Laws of Robotics by distributing work among multiple robots with imperfect information. I wonder if something analogous doesn't happen with software engineers nowadays.
When it comes to something like a "remote kill switch" for software, it's hard to imagine any alternate beneficial use. But generally I assign the blame to the users of software who put it to a malicious use, not to authors.
There was an anecdote shared on HN of someone claiming to be ethically employed by the military to develop a system for planes to automatically land on unmarked runways without engine power.
They didn't tell her the planes were elongated spherical and filled with powerful explosives and the runways weren't flat - at least not before the plane landed on them.
>When it comes to something like a "remote kill switch" for software, it's hard to imagine any alternate beneficial use.
The obvious alternate beneficial use is the ability to immediately disable the hardware in case a serious safety issue (the kind that triggers product recall) is discovered.
One of the great and terrible things about the software industry is that there's no certifying body, no professional ethics code to sign and adhere to, no government regulation around how you can sell your services.
This is one of the best parts: many software people have gotten in through circuitous routes, have no formal training, and have done great things despite that.
On the other hand, because of that, we don't have any consensus and ability to shun or disposess companies that act unethically.
Quite frankly, I don't think any board of ethics would step in here. I don't see anything in the IEEE code of ethics that would be clear here. I don't think that professional licensing or better professional organizations are the way to stop this behavior.
I think disabling the firmware in circumstances that are clearly defined but not disclosed to the customer is very much outside existing IEEE ethical rules.
And making a Professional Engineer sign on to the software release before the release would be a good way to prevent shit like this.
To have what you're asking for requires transparency.
It wasn't just a faceless and nameless software engineer it was a real human being with a name.
Until it is mandated that public infrastructure is developed in the open so we know precisely who attempts to add features to render a product defective by design we will not be able to fix this.
