Slashdot Mirror

← Back to Stories (view on slashdot.org)

Who Is Liable For Software With Security Holes?

Posted by Hemos on from the are-you dept.

securitas writes "Interesting article over at eWEEK that asks who is and should be legally responsible for insecure software. Some say it's the manufacturer. Currently software is exempt from product liability as we've come to know it in the physical world. Others say the software licenses should make users responsible if they don't install patches and updates. Infosecurity czar Richard Clarke said in his speech at RSA that Nimda cost US companies an estimated $2 billion. Imagine if Microsoft was legally liable and a $2 billion suit was filed. Now extend that to the other jurisdictions outside the US. What does this mean to open source software, which is being used to a greater extent in corporate environments? Food for thought."

3 of 439 comments (clear)

  1. Two sides to every coin by Sivar · · Score: 1, Troll

    "Imagine if Microsoft was legally liable and a $2 billion suit was filed."

    Yes, now imagine if Linux Torvalds or the FreeBSD Foundation were liable for that same $2 Billion. They would be SOL. Microsoft would just be annoyed.

    --
    Computer Science is no more about computers than astronomy is about telescopes. --E. W. Dijkstra
  2. Wrong issue by ClosedSource · · Score: 1, Troll

    The question should not be who is responsible for insecure code but rather what can be done to discourage people from vandalism and how to track down and punish those who choose to break the law.

  3. Help! The liberals are taking over! by Caspuh · · Score: 0, Troll

    Your problems are always someone else's fault.