Book Reviews

Book Reviews


Book Review: Geekonomics, by David Rice


By Stephen Northcutt

Depending on whom you ask, mankind has survived on this planet for somewhere between 10,000 and 160,000 years.[1] However, we are the first generation to be dependent on software. Geekonomics opens with a discussion of the importance of cement and how crucial it is to our civilization. From roads to sewers, cement is our infrastructure, and I could not agree more. After the driest summer since they have been measuring such things where I live, the rain has been falling and falling and falling and my farm is one big mud hole. Every unimproved road is dangerous and some of the asphalt is failing. So, I am replacing and improving with cement. It is expensive, but cement roads will outlast me, my son and his sons. Software is as important to infrastructure as cement as a foundation of civilization, asserts the author of Geekonomics,[2] David Rice, but while considerable energy has been expended to normalize the manufacture and application of cement, much less work has been done with software.

While the cement roads we are putting in will last a hundred or more years, the author points out that software is often essentially obsolete by the time the consumer takes possession of it. In fact, consumers value innovation so much that it is prized above security, even if a quick look at the news shows us the cumulative effect of software failure leading to data breach. At this exact moment, according to privacyrights.org, 216,770,536 consumer records have been lost.[3] As Rice points out, in the 1970s the criminal underground realized there was more money to be made, at less risk of being caught, trafficking in drugs than other forms of crime, so it became a big thing. In the past few years, the criminal underground is starting to focus on software, specifically vulnerabilities in software that can lead to data breaches that allow identity theft and credit card fraud.[4]

As the book explains, crime begets crime; if you have a neighborhood with broken windows, this can lead to additional problems, criminals and other worthless fellows are comfortable hanging out and doing whatever they want to do. This too, I have seen in my own life; one of my employees has had to abandon her home for a few weeks. The condominium above her had a broken window that was used to enter that home and people took up residence in the empty foreclosed home. They invited their friends, and now the entire complex is less desirable. Geekonomics lists the positive example of the New York Subway system's clean car program[5], that all cars had to be clean with no graffiti; if a car could not be cleaned, it was taken out of service until it was clean. This has lead to a major improvement in the security and user experience of the subway system. However, as the author points out, you can see graffiti; you cannot necessarily see the flaws in software that attract the criminal elements.

Another interesting comparison the book makes is the interstate highway system in the US. It was designed for safety from the beginning and is a critical part of the national infrastructure. If you want to go somewhere you can. For all its costs, having this infrastructure in place saves far more money (imagine trying to get fresh milk to market over muddy, pot hole filled roads.) However, the Internet, which is the software analog of the highway system, was not built for safety and may well not scale to growth as well as the highway system has.

The book continues with example after example to show how our legal system does not aid the consumer in receiving quality and safety from software, but, in fact, makes the problem worse. Rice does not simply dwell on problems; after strongly establishing his case, he points the way to the changes that need to take place if we, the first generation to be truly dependent on software, are going to prosper. This is an important book. It does not require knowledge of IT or software development to read; every thinking man and woman should read this book and ask, what can I do? Standards, quality, and making incentives achieve the results we want and deserve are key. As the author says, "I believe we have not gone too far down the path to alter course, but we aren't trying hard enough yet." That is the call to action, write your legislator, lobby consumer organizations, do what you can, but advocate rational software. Thank you, David Rice.

1. http://www.newadvent.org/cathen/15704b.htm
2. http://www.amazon.com/Geekonomics-Real-Cost-Insecure-Software/dp/0321477898
3. http://www.privacyrights.org/ar/ChronDataBreaches.htm
4. http://www.usdoj.gov/criminal/cybercrime/usamarch2001_3.htm
5. http://www.aic.gov.au/publications/rpp/31/RPP31-13.pdf