Slashdot Mirror

← Back to Stories (view on slashdot.org)

Software Product Liability?

Posted by michael on from the sign-on-the-dotted-line dept.

ben writes "Reuters just ran a story about the increasing number of calls for liability on the part of software developers, with a not-too-suprising focus on Microsoft and its uber-fallible IIS webserver. Given that many other engineering disciplines have some sort of accreditation and licensing body to enforce codes of professional ethics, I'm curious what impact the demand for such a creature in the software industry could have on Open Source developers, especially the part-time hobbyist ones. That is, establishment of some sort of Software Developer's license means the developer is potentially liable for whatever havoc his bugs may wreak, and traditionally the only environment with legal resources adequate to deal with such liability has been the megalithic corporate one."

4 of 428 comments (clear)

  1. Re:Michael Sims by Anonymous Coward · · Score: 0, Funny
    You are violating my copyright. I demand that you cease and desist from spamming this parody.

    Best wishes,

    Raymond Davies

  2. Re:i've said it 100 times by alexburke · · Score: 4, Funny

    They were sued because the tires malfunctioned of their own accord.

    In actual fact, I think most of the vehicles affected were Explorers.

    (Sorry.)

  3. Oh dear, the printer driver again! by vogon+jeltz · · Score: 1, Funny

    "Microsoft can't control that process. If the printer driver tanks the system, who do you hold liable?"

    I, for once, would blame the moron that put lpd in group "root" rather than "lp" ;-)

  4. Re:``AS IS'' by RetsamYthgimla · · Score: 2, Funny

    Plumbers aren't liable if someone comes around after they have installed central heating and heats up the joints (or drills a hole, etc) to create a leak, so why should software engineers or companies be liable when someone tries to break the code?

    I beg to differ. A more fair analogy is if you hired a security firm to install a security system, and then you later found out that the cameras couldn't see criminals wearing green. Suddenly, once this is figured out, people in kermit the frog costumes start breaking in and stealing your stuff, and the cameras never saw a thing.

    Far-fetched and silly example, yes. But it underscores the difference between your analogy and the real situation. If IIS or Internet Explorer has a hole that allows a remote root attack on your system, comparing it to a plumber's job is a very bad analogy.

    Now, if you compared it to a plumber that decided to run all the pipes along the outside of the building to save money, instead of running them underground and in the walls, and then a "criminal" came along, tapped into the outside line, and fed poison into your drinking supply, then that plumber should be liable. As long as "reasonable" measures were taken to prevent that, then there's no liability (i.e. internal plumbing, and a criminal got hired as a janitor, and got access to the plumbing in the basement, then tapped into the system, then that's not the plumber's problem...)