Software Vulnerabilities

Author: Jesse Young

Date: April 7, 2011

Link: https://www.digitalethics.org/essays/software-vulnerabilities

First Impression: Based on the title, I think the essay is generally about software vulnerabilities and what may happen to a system once it has been exploited.

Quote: “Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.”

Review: 

A software vulnerability is a glitch, flaw, or weakness present in the software or in an Operating System. The severity of software vulnerabilities advances at an exponential rate. Of course, there is no system that has no vulnerabilities. The thing is whether or not they’re exploited or cause damage. One of the possible dangers of a system’s vulnerability being exploited is that it could be abused if it went to the wrong hands. The term used for this is exploit which means that once a system has been attacked by a hacker and takes advantage of the vulnerability with the help of tools and certain techniques. When someone discovers a flaw in the software, there are several paths that can be chosen by this person. The first would be is to simply do nothing and let it be, by not doing anything about the discovered vulnerability, this will either be found by someone else and is able to do worse things. Another path would be to contact one of the personnel of the system and inform him/her about the flaw in the system, but this could also lead to accusations of intrusion. Even though the goal is to do good and help the system fix the flaw or vulnerability, there are still chances of getting into trouble. Since the person is completely anonymous to the company and they have no idea who he is and what he could have done with the vulnerability, little did the company know that this person was not the hacker that exploited the vulnerability, he was just told to tell the company about it. 

5 Things That I’ve Learned

1. I learned that, before deploying a system, a company must make it pass through different quality assurance testing.

2. I learned that not only programmers or software developers can find a system vulnerability, but anyone can.

3. I learned the importance of Information Security to a system.

4. I learned that 

5. I learned that

5 Integrative Questions

1. How can a company be sure that their system is 100% ready for deployment?

2. What quality assurance testing does a system have to go through before deployment?

3. How many systems with big names have flaws that they do not know of?

4. Do people abuse the flaws of a system once it is discovered?

5. Is not doing anything about a system’s discovered vulnerability, for your safety,  the right thing to do?