Wandering Thoughts archives

2008-07-10

Internet software decays and must be actively maintained

While it is true that in general software doesn't wear out, this is not true for software that interacts with the Internet. Internet software definitely breaks down over time, not because of any analog to mechanical wear but because the Internet environment it operates in keeps changing.

There are three sorts of changes in the Internet environment that matter. First, protocols and other programs that interact with you evolve over time. Second, user expectations also evolve. Third and most importantly, the Internet threat environment itself keeps changing, and not just in that people keep coming up with new attacks on your software; over time there are entirely new sorts of bad things that people try to do.

Whether the first two sorts of changes means that your software is broken is a matter that people debate, but as a minimum they are likely to make your software old fashioned and unpopular (at the worst they make it unusable). But I maintain that there is no argument about the third sort of change; at the best your software becomes less and less usable, at the worst your software becomes part of the problem.

This means that software that deals with Internet must be actively maintained. If it is not it will become more and more useless in practice over time, however much it remains theoretically correct, not because it has bugs or security holes as such but because the environment it was designed to work in no longer exists and thus the assumptions it was built on are now incorrect.

(Of course, typical software also has actual bugs that will be discovered over time. But let's imagine some software that is either quite simple or thoroughly debugged already.)

tech/InternetSoftwareDecay written at 01:11:35;


Page tools: See As Normal.
Search:
Login: Password:

This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.