Software Product Liability?

← Back to Stories (view on slashdot.org)

Posted by michael on Sunday June 16, 2002 @11:54AM from the sign-on-the-dotted-line dept.

ben writes "Reuters just ran a story about the increasing number of calls for liability on the part of software developers, with a not-too-suprising focus on Microsoft and its uber-fallible IIS webserver. Given that many other engineering disciplines have some sort of accreditation and licensing body to enforce codes of professional ethics, I'm curious what impact the demand for such a creature in the software industry could have on Open Source developers, especially the part-time hobbyist ones. That is, establishment of some sort of Software Developer's license means the developer is potentially liable for whatever havoc his bugs may wreak, and traditionally the only environment with legal resources adequate to deal with such liability has been the megalithic corporate one."

6 of 428 comments (clear)

Min score:

Reason:

Sort:

Software liability by ezs · 2002-06-16 11:56 · Score: 2, Informative

From my own experience most software vendors actually limit their liability by way of the EULA (End User License Agreement).
Of course having to undo the shrinkwrap to read the EULA, and by having read in the EULA that by undoing the shrinkwrap you therefore agree with it.. that's another issue altogether

--
Evil ZEN Scientist
Classic Microsoft Quotes in the Article by tupps · 2002-06-16 12:04 · Score: 5, Informative

Couple of quotes in the article I like:

The products are even less buggy than others, in terms of per capita usage, Microsoft Chief Executive Steve Ballmer has said.

So does that mean that because more people use Microsoft software they can have more bugs in it? This sort of statistic is like using "Revenue over number of employees named Frank" as an accounting measure for companies!

And the other one:

Mundie said. "Microsoft can't control that process. If the printer driver tanks the system, who do you hold liable?"

Now *that* explains what caused all those holes in my locked down IIS server!

--
Go out and get sailing!
1. Re:Classic Microsoft Quotes in the Article by person-0.9a · 2002-06-16 13:17 · Score: 3, Informative
  
  > "Microsoft can't control that process. If the
  > printer driver tanks the system, who do you
  > hold liable?"
  
  On drivers specifically, this is a valid complaint . While I don't suggest that Windows is a highly stable OS, the image of Windows instability is partially undeserved.
  
  There are many badly written (non-microsoft) printer/file filter/device drivers that make things go horribly wrong on Windows, and near as the end user can figure, it's just Windows crapping out.
  
  Such a liability law would likely require Microsoft to increase it's legal department just to keep up with the number of cliams wrongly filed against it --- if Microsoft's business practices remained unchanged.
  
  This problem is relatively straight forward for Microsoft to get around. Come up with an exhaustive certification program for all Windows drivers, offer no MSI support for uncertified drivers, and change their increasingly restrictive EULA to state that the use of uncertified drivers is a violation of the "agreement."
  
  As a side effect, such a program might make Windows too expensive of an OS for companies to develop for, and then we'd get flood of devices and low quality drivers showing up on Linux.
  
  ( I can't believe I just came out in defense of Microsoft... I've got to go take a shower now )
Est. $60,000,000,000/yr in USA. by Black+Parrot · 2002-06-16 12:13 · Score: 5, Informative

The NIST commissioned a study (sorry, 1.4Mb .pdf) that analyzed the cost of bugs^w "inadequate software testing infrastructure" in a couple of industries and then estimated how the cost scaled up to the entire USA. Result: $60 billion per year.

If you don't want to download the report, there's a brief summary in RISKS Digest 22.11, on comp.risks. If you do download the report, the final numbers are on p.174

--
Sheesh, evil *and* a jerk. -- Jade
Re:Code is free speech by caseydk · 2002-06-16 12:18 · Score: 3, Informative

I think the premise of code = free speech was defeated in the DMCA case in NY. Remember, code in executable form was considered a breach. Any other form was okay...
Re:Comparing Software "Engineering" to others... by Martin+Spamer · 2002-06-18 22:55 · Score: 3, Informative
- You simply cannot have the expectation that software will *NEVER* crash.
- Wrong, formals method can ensure that it is possible to claim that software will always fail in a predictable provable way.
  
  If they can't solve a problem with an existing, proven solution (or a mild derivation of such), they probably wouldn't take on the job. Programmers do not have this luxury.
  
  Wrong, Design Patterns are designed to make Software Engineering predictable in the same way that other Engineering is.
  
  We are inventing these solutions on the fly and we will make mistakes.
  
  Wrong, the Capability Maturity Model is designed to avoid, or catch mistakes and prevent the need to 'invent on the fly'.