Your Code Has Impact

As an engineer, sometimes it’s easy to forget why we are writing programs. Deep in a bug hunt, or designing a new feature it’s really easy to focus so hard on these small things you forget the bigger picture. I’ve even been there and made this mistake.

Recently I made a change to Directory Server: to allow password hashes to be upgraded over time as cryptographicly better methods are developed. This is good as the impact on administrators is less work to secure their software, and on users because they will not be exposed during the next “yahoo style” md5 breach. I want to provide multiple layers of defence to those who don’t even know they rely on me.

I was told by someone in another project that changing the default was not needed because “we have nthashes in another part of the application, so why bother?”. Following this, I was told the neglect of the password hash default (SSHA1) was intentional, not accidental. If DS were compromised that means our users, who don’t even know they are trusting us, their accounts are probably going to be compromised. SSHA1 is not secure - We cracked SSHA1s for fun when we had access to a GPU HPC. AWS now sells this for cheap, and is accesible to anyone with a credit card.

It’s our responsibility as engineers to treat our code as safety critical. It’s our responsibility as managers to ensure we direct engineers to properly design safe systems. We need to respect our users, their privacy, and their safety. Because without this, our software, our designs, our work is meaningless.

Sure, we can focus on the tiny details: A compiler error here, or a design decision there, but we must measure this against the impact on real human lives. Software without users has no place - This argument can not be ignored. If we want to be responsible for the security of users and their identities, we need to start treating that with the respect it deserves, and the trust we have placed in us to secure and protect those identities. To do otherwise shows the highest level of contempt and disrespect to our users - many of whom do not know they rely on us, or do not have a choice but to rely on us.

Remember: What you write and the decisions you make, have real tangible effects on humans. Are you going to rise to that responsibility? Or are you going to ignore it?