A small step for the FDA

Many of you have seen my talk about medical devices and general software safety. In fact, I’m up in the Boston area, having given a similar talk yesterday at the Women’s Leadership Community Luncheon alongside the Red Hat Summit. Well, I seem to have gotten through, at least a little! While I was giving the talk yesterday, the FDA finally admitted that there is a big problem. In their Safety Communication, the FDA says that medical devices can be vulnerable to attack. They recommend that manufacturers assure that appropriate safeguards are in place to prevent security attacks on devices, though they do not recommend how this should be accomplished. They say:

The extent to which security controls are needed will depend on the medical device, its environment of use, the type and probability of the risks to which it is exposed, and the probable risks to patients from a security breach.

As I’ve been saying for a few years and as you can see in the paper I wrote when I was at the Software Freedom Law Center, software is more secure when the code is published for review by all. Allowing device manufacturers to keep their source code proprietary prevents us from developing the societal mechanisms and review that will truly keep us safe. As a patient and as a software expert, I applaud the FDA for taking this step, and I hope they will make a real strike for safety by at least encouraging if not requiring these companies to publish their code.

Long overdue report of the GNOME.Asia Summit 2013!

It’s been a crazy couple of weeks, starting wtih the excellent GNOME.Asia Summit in Seoul, from which I went to LinuxCon Japan in Tokyo, then back to NY for the GNOME marketing team hackfest. I took two overdue days off for my uncle’s 80th birthday celebration in Florida and I’m finally back in NY for a normal day, at least before I head off to Boston for the Red Hat Summit this week. I’m speaking at the Women’s Leadership Luncheon, which is a big honor. So I’m behind on letting you know about things, but my time has been jam packed with travel, conferences and meetings. Anyway, to flash back to the GNOME.Asia Summit…

After helping with the organization of last year’s GNOME.Asia Summit from afar, I was extremely excited to attend this time. Upon arriving at the GNOME.Asia Summit, the local team kicked things off strong! Max and Haggen gave great introductions to the event, including a stirring intro video which woke everyone up, and another video from last year’s summit showing the attendees saying why and how they use GNOME and how much they love it. I really hope we can post that somewhere on the GNOME website. The organization of this conference has been great – the banners alone were very impressive. The team also put together a cool poster of sponsors logos to take pictures in front of that felt like a red carpet poster (though maybe that was due to the red rug they put in front of it). Simon and the rest of the Korean team deserve some serious thanks for all of their hard work.

I felt lucky to be able to deliver the keynote on the first the morning but the real highlight for me was getting to meet GNOME contributors who are Asia based. I was particularly excited to meet Max, who has worked so hard this year and last. Haggen and Simon too! (and I everyone else who I saw every week at the IRC meetings!) I enjoyed meeting Yu in person and hearing her talk about getting involved in GNOME with OPW, and to talk with everyone about the challenges of bringing GNOME to different Asia-based countries.

I learned about Seafile, a free software DropBox competitor, as well as a few other things that were new to me, like Ezilla. Lennart’s talk about applications development for GNOME was also a highlight.

I had the honor of signing certificates for those who completed the training sessions (which were on getting started on translations and also one on extensions).

I should also mention that I very much enjoyed Allan’s keynote. It was really interesting to hear his perspective on GNOME 3, and I actually hadn’t heard some of the stories about how GNOME 3 came about. I also had a few ideas about GNOME marketing from listening to him talk which were useful for the marketing hackfest, which I will discuss in another blogpost!

Last but not least, many thanks to our sponsors and partners: NIPA, Google, LG, Lemote, OnOffMix, Open Technet, LinuxPilot