this post was submitted on 18 Jan 2024
1174 points (100.0% liked)

196

16597 readers
2143 users here now

Be sure to follow the rule before you head out.

Rule: You must post before you leave.

^other^ ^rules^

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 104 points 10 months ago (2 children)

It reportedly checks subscription upon putting the vest on and supposedly won’t turn off mid ride.

[–] [email protected] 240 points 10 months ago (4 children)

And if there’s a bug in that code, you’re fucked.

Safety features should work if everything else fails. Their failure mode can’t be “fuck it, it didn’t work”. Which is directly opposite to the failure mode of a subscription based service.

[–] [email protected] 105 points 10 months ago* (last edited 10 months ago) (2 children)

This is why:

  1. The FTC needs to do its job and start outlawing all these obscene subscription business models for things that are rightfully products, not services. Where's my goddamned First Sale Doctrine, FTC?!

  2. Software Engineers working on commercial products need to be professionally licensed, so that proper consequences can be applied for unethical "fail-deadly" designs like this one.

[–] [email protected] 64 points 10 months ago* (last edited 10 months ago) (1 children)

As a software engineer, the thought of my code being responsible for someone's safety is fucking terrifying. Thankfully I'm not in that kind of position.

From experience though, I can tell you that most of the reasons software is shitty is because of middle or upper management, either forcing idiotic business requirements (like a subscription where it doesn't fucking belong!) or just not allocating time to button things up. I can guarantee that every engineer that worked on that thing hated it and thought it was fucking stupid.

Licensing would be overkill for most software as it's not usually life and death. I think in this case since it's safety equipment it really should have been rejected by NHTSA before it ever hit stores.

[–] [email protected] 39 points 10 months ago* (last edited 10 months ago) (2 children)

I can guarantee that every engineer that worked on that thing hated it and thought it was fucking stupid.

As a software engineer who was also a civil engineer-in-training before switching careers, I think one of the big overlooked benefits of being licensed is that it would give engineers leverage to push back on unethical demands by management.

[–] [email protected] 17 points 10 months ago

[email protected]

Dear manager please clarify the specifications for product. From the discussions in the last design meeting i felt the specifications to potentially be ambigious about their compliance with critical safety regulation. Please reply with the clarified specifications.

[–] [email protected] 4 points 10 months ago (1 children)

Management can always just fire the engineering team and hire one overseas. It's not like it's even that difficult to do.

[–] [email protected] 2 points 10 months ago (1 children)

I don't think you understand what being licensed means. It means the state requires that people doing that job hold a license. Offshoring would become illegal.

[–] [email protected] 1 points 10 months ago

I just don't see how it would help. It would require legally defining what is or isn't an unethical or unsafe software product, in which case why wouldn't you just... regulate the product.

That's easy with civil engineering: did the thing collapse and kill people? You dun fucked up. But bridges and buildings and tunnels don't have EULAs with liability disclaimers.

Anyone who paid for this piece of shit vest almost certainly had to accept some sort of license agreement that disclaims any liability on behalf of the manufacturer. It's a safety supplement meant to reduce the risk of a fatal injury, not prevent them altogether.

You'd also end up with a situation where an overseas team develops the software and you just have a licensed engineer on retainer to rubber-stamp it. It'd probably kill what little domestic software development we have left, because however much time and money it costs to get licensed will jack up everyone's salary requirements that gets licensed.

It would also mean heavy restrictions on the import of any software, which pretty much fucks... everyone. It'd likely kill the Internet or make it even shittier, because you could only visit websites developed by a licensed engineer. Every website visit requires the downloading of software: the Javascript frontend.

It would also effectively kill open-source, because the legal liability would override the warranty disclaimer in every single open source license. Why would you put something out into the world for free if all it would do is open you up to litigation?

Could a well written law take this all into account? Certainly. Would you realistically expect it to, though? I don't think so.

[–] [email protected] 11 points 10 months ago (1 children)

This is managements fault, not the engineers fault.

We have to implement the requirements we are given. If we don’t, we get fired and they hire someone else who will do it.

[–] [email protected] 8 points 10 months ago (1 children)

If we don’t, we get fired and they hire someone else who will do it.

If we were licensed, any replacement would be similarly ethically bound to refuse and that tactic wouldn't work.

[–] [email protected] 3 points 10 months ago

who's doing the licensing and do they share my ethics?

[–] [email protected] 7 points 10 months ago (1 children)

My dad worked for AAA. Once he got a call because a lady’s car errored out and thought she didn’t have her seatbelt buckled mid-drive, so it shut the engine off. On the freeway.

Even without a subscription, failsafes should always fail safe.

[–] [email protected] 5 points 10 months ago

Thorium reactors have a cleverly dumb failsafe. If reactor control fails, there’s a plug that melts and drains the contents into a container that’s not fit for runoff neutron generation.

That’s an example of a failsafe that fits its purpose. It’s still possible to fuck it up, but it would take a lot of effort to do so.

[–] [email protected] 5 points 10 months ago

Pop verification neck to continue.

[–] [email protected] 2 points 10 months ago

And if there’s a bug in that code, you’re fucked.

If there's a bug in your car's airbag, you're also fucked.

[–] [email protected] 61 points 10 months ago (1 children)

The problem is the subscription, not how it was implemented

[–] [email protected] 55 points 10 months ago (2 children)

Yes, but also from an implementation perspective: if I'm making code that might kill somebody if it fails, I want it to be as deterministic and simple as possible. Under no circumstances do I want it:

  1. checking an external authentication service.
  2. connected to the internet in any way.
  3. have multiple services which interact over an API. Hell, even FFIs would be in the "only if I have to" bucket.
[–] [email protected] 26 points 10 months ago (2 children)

If the customer is dead, they definitely can't renew.

Who wouldn't tout your service if it saved them?

But also.. why the fuck does this require a sub?

[–] [email protected] 28 points 10 months ago

But also… why the fuck does this require a sub?

Because "fuck you, we're rent-seeking and you can't do anything about it," that's why.

[–] [email protected] 15 points 10 months ago (1 children)

The argument the company makes is that it allows them to sell the device for cheaper upfront, which means that more people can afford to have one. They sell them for $400. But also fuck them, nobody ever died from HP disabling printers.

[–] [email protected] 8 points 10 months ago

Also, if they genuinely wanted to make it more affordable up front in order to get the safety device in more hands, they could charge a chunk initially and then a regular payment plan for so many months. Not paying in perpetuity or we disable it.

[–] [email protected] 1 points 10 months ago (1 children)

It checks the service when booting up before a ride. After that it doesn’t connect to the internet. If you’ve gone past your grace period of 60 days it won’t boot up at all, and it will alert you that the device isn’t active.

Don’t get me wrong, I hate the idea of the subscription but it’s important to have accurate information. Did you even read the product page?

[–] [email protected] 2 points 10 months ago (1 children)

That information changes none of my issues; if you don't see the plethora of potential implementation bugs involved, either you don't code professionally or you shouldn't be.

[–] [email protected] 1 points 10 months ago (1 children)

I code professionally, specifically I develop very resilient medical software. From a software perspective, as long as the developers are competent I have no issues with the device. There are so many other things you could take issue with when it comes to the vest, but I’m telling you software just isn’t one of them.

[–] [email protected] 2 points 10 months ago

I'm sure the developers are competent, but the reason I care about the design decisions is the same reason the electric brakes on cars don't interface with its infotainment system; the interface inherently creates opportunities for out of spec behaviour and even if the introduced risk is tiny, the consequence is so bad that it's worth avoiding.

If you have to have an airbag be controlled by software (ideally the mechanism is physical, like a pull tab), it should be an isolated real time device with monitoring your accelerometer and triggering the airbag be it's only jobs. If it's also waiting to hear back from another device about whether your subscription ran out before it starts checking, the risk of failure also has to consider that triggering device.

It can be done perfectly, but it's software so of course it has bugs.