Programming Ethics 101
A few days ago on StackOverflow, someone posted the question, How can I keep Task Manager from killing my program? The first comment asks a very good question: “What legitimate reason do you have for doing this?”
It reminded me of the guy who wanted to know how to make a file that can’t be edited or deleted by any means. Both of these guys seemed to have honorable intentions, but just hadn’t thought the ramifications through all that well.
As programmers, we often have near-absolute power on a computer. We have access to everything that’s not specifically denied to us by system security, and with that much power comes great responsibility. It’s important to remember what I consider the first principle of programming ethics: When you write a program for someone else to use, the computer they are running it on is their property, not yours, and your program needs to behave itself accordingly.
There’s a negative corollary to the Golden Rule that applies here. Do not unto others as you would not have them do unto you. Much like a surgeon whose power over a patient in his care is similarly near-absolute, we have the implicit responsibility to “first, do no harm.” Your program needs to behave itself as an invited guest in someone else’s home. You do not walk in and act like you own the place, and this has implications far beyond simply avoiding virus-like behavior.
For example, unless you’re writing for a very old computer, or for a few particularly backwards modern devices, such as the iPhone or most game consoles, your program is going to have to share the system with a bunch of other programs, and they need to execute too. This means that you need to be careful to accomplish your task while using as few system resources as possible so you don’t end up hogging resources that another program may need. If possible, keep your CPU and memory usage low. This also means, for example, that it’s a very bad idea to use a garbage collector that’s designed to build up as much garbage as possible before collecting. That’s like never putting anything in the dishwasher until you have no clean dishes left in the house. (And I’m sure some of you out there have kids that do exactly that. Doesn’t it drive you up the wall? Do you really want a program doing that on your computer? If not, don’t do it to other people’s computers.)
Then there’s “protection.” Most programmers tend to be pretty good about this sort of issue, until the idea of someone doing unauthorized things with their program comes up, and then all rational thought, not to mention consideration for ethics, goes right out the window, seemingly replaced by testosterone-driven outrage from coders who are usually rather mild and easygoing. “What?!? They’ll never get away with stealing my program!” And then they proceed to do all sorts of blatantly evil things to other people’s computers.
Like most emotional knee-jerk reactions, this approach ignores the actual facts of the matter. For example, empirical evidence suggests that, in the absence of any enforcement, almost 90% of people tend to be basically honest. That’s pretty darn good, even before you figure in the additional cost of actually providing the enforcement.
Also, copy protection simply does not work, due to a combination of two factors. First, in order for the program to actually run, or for protected data to be read by a program, there has to be a “door” in the copy protection someplace. Not a secret “backdoor,” just the ordinary variety that lets the authorized user through. Thing is, if that exists in a computer-readable format, some user can find it and figure out how it works. There are some coders out there who can read assembly as easily as you and I can read the language of our choice, and if one of them tries to find a hole in your protection, it won’t last long, and this is a very important point.
DRM proponents often say that a copy-protection scheme doesn’t have to be perfect; just good enough to discourage casual hackers and “keep honest people honest.” The part about keeping honest people honest is nonsense, of course. Either someone is honest or they aren’t. But the thing is, so is the part about it not having to be perfect. That might have been true twenty years ago, but today a copy-protection scheme has to be absolutely perfect, because if it’s cracked once, by anyone anywhere, it’s all over. The crack will be posted online and any of those 13% or so of dishonest people out there who wants to use your program for free will have immediate access to it at the cost of just a little bit of searching.
And then there are the ethical issues involved. In any other context, an external programmer taking control of the functionality of a computer away from the computer’s owner and using it against the owner’s interests is known as computer hacking, (or cracking if you prefer to use the term “hacker” in its original, positive context,) and is quite illegal. Why all the special pleading in the case of DRM? Because there’s lost revenue involved? When did ensuring revenue become more a important consideration than not committing a crime? Follow that line of reasoning far enough and you end up with Enron and Bernie Madoff, or the Sony rootkit.
We’re beginning a new year, and it’s traditional to set resolutions. I hope everyone involved in programming will resolve to try to hold ourselves to the high standard of not writing code to do anything on another person’s computer that we wouldn’t want done on ours, and also to the even higher standard of actually thinking through the implications of what we try to do to figure out whether or not it would end up doing something bad. Then maybe we’ll end up with a few less questions like that on StackOverflow, and I won’t have to keep posting the same answer to them. 🙂
Happy New Year, everyone!
Great article! Couldn’t agree more with your main points…
You’re basically rephrasing Raymond Chen’s six year old post on the topic 🙂
http://blogs.msdn.com/oldnewthing/archive/2004/02/16/73780.aspx
I love garbage collector, no more stall pointers (theese were nasty bugs), don’t have to think about who will free objects, etc. I think that your argument that GC is bad idea is some sort of early optimization, and we all know that that is a root of all evil.
Moritz: Interesting article. I hadn’t seen that before. Thanks for the link!
Miki: I’d have to respectfully disagree. The use of garbage collection is the premature optimization here. In fact, it’s a meta-optimization: it optimizes for developer time, instead of anything you’d usually want to optimize for, such as system performance. That makes it even more evil. 😛
“When you write a program for someone else to use, the computer they are running it on is their property, not yours”
Amen, Brother! I’m sick of apps that assume they are the sole resident of a machine. Esp apps that do things like install services that run automatically on startup (I’m looking at you, Google and your ‘Update’ service).
Excellent article. I’m with JersyGuy with a couple of comments:
1) YOU [software vendor] do NOT decide where software or Start Menu items goes on MY machine.
2) Keep your insignificant CRAP out of my registry! Use an INI or XML file for all the inane little bits that have to be persisted between sessions.
3) If you write to the registry clean up after yourself [delete your root key] when I [and I will … count on it] remove your software.
Actually I just realized that I’ve got several more so I’ll stop there …
Really enjoyed the read, thanks.
“in the absence of any enforcement, almost 90% of people tend to be basically honest.” I am afraid that when it comes to software, the percentage is reversed, especially among home users. I am just looking at a poll about the French decision to cut Internet connectivity to people dowloading illegal copyrighted contents. There’s a perception that stealing “immaterial” goods is not really stealing, especially in some countries where prices are higher (and the average income lower), and the impact on customers higher.
But I agree with everything else – I just had a talk with an HP rep about their latest printer software – a 140MB download full of software useless to me, and with just a little link to the “custom” software installation. And every software you install is happy to install a service and a couple of “run” entries just in case you’re unable to check for updates yourself (hey, wouldn’t you run a two week old version of your printer drivers, would you?) and to enable some rarely used functionalities – never asking you if you need them and agree. Someone is becoming smart enough to use “scheduled tasks” to check for updates (at least you don’t get a process running uselessy all the time), but most developers and project managers are never trained to build well-mannered applications – it’s one of the issue I usually incur when I look at my early developers’s work – their main aim is to make the application work, cost what it may! And often is lack of knowledge about other proper ways to accomplish the same task.