Slashdot Mirror
Calling Software Reliability Into Question
phillymjs writes "CNN is running a story on software reliability, and how the lack of it may cost more and more lives as technology creeps further into everyday products. It appears a debate is finally starting amongst everyday (read: non-geek) people about vendor liability for buggy software. Some opponents of the liability push are unsurprising: Says the story, 'Microsoft contends that setting [reliability] standards could stifle innovation, and the cost of litigation and damages could mean more expensive software.' The article also says, however, that consumers' favortism of flashy products over reliable ones is partly to blame for the current state of software."
...could reliability standards stifle innovation? How hard is it to design something that works well and is extremely robust, yet, be creative and innovative in its design?
The trouble is, the more accustomed users become to bugs, the harder it is to get them reported and fixed. If my computer crashes, I just reset it and get back to work. I don't bother to investigate what caused the bug, to try to reproduce it, to contact the vendor (hah!) and try to work out the problem. Crashes occur much too frequently for that.
OTOH, if computers were reliable enough to crash only once every few years, then users might report every crash that happens, the vendor can diagnose it, and fix the bug or family-of-bugs so that it never happens again. This is roughly what happens when a mainframe crashes, I believe - it's a big event.
Imagine if when your microwave crashed, you could call some hotline, they would come and replace the microwave and take away the old one for analysis. Instead, even on complex software systems the standard first resort for the help line is 'reboot and see if it goes away'.
-- Ed Avis ed@membled.com
What's wrong with flashy stuff for somethings? I like flashy (i.e. sometimes buggy) software for my laptop. I don't mind if my beta-version browser crashes once in a while because I get the new features.
My servers, OTOH, are another story. I wouldn't use anything but Debian (for linux, that is) because it is incredibly stable. My two Debian boxes on woody stable run 2+ yr old software. Guess what? They don't crash. I didn't upgrade from potato right away, but waited a little while.
Consumers are generally willing to accept more buggy software because they don't run servers. So what if Word crashes once in a while? Most consumers are so conditioned to it that they don't think another thing of it.
I realize that mail servers, electricity systems, and space probes need stable software, but most consumers don't administer these things. They use browsers, email, and cell phones that don't cause (much) physical harm when they crash.
The company with the most to gain from this (with its unique cash reserve - Microsoft) is the company most in opposition...
Yes, I said it. I'll say it again. Microsoft could gain *alot* from this movement.
With their resources, they are the ones that could easily afford a true source-code audit the likes of which the BSDs are only beginning to approach.
They could build an operating system that fully, completely, and truly matches the concept of "secure by default" and they have the resources, manpower, and ability to do so.
But, instead, they oppose it. Building a secure system is against corporate culture, so they won't do it.
Thanks xBSD!
I have no problem with your religion until you decide it's reason to deprive others of the truth.
I've often thought about how many products use simple programs and stuff to run correctly...like traffic light systems...right now they work pretty well and everything goes together properly. However, the day that cities decide to have a central server run the traffic lights so they can...say, control traffic around accident areas...things will go wrong. The "foolproof" software will cause all sorts of problems.
I don't see this so much as software causing problems as much as the tendency we have to make what used to be simple things really complicated. One example I have in my life is a train system that runs around inside a building by the ceiling at a camp I work at. The system looks really nice..and it could work well. However, having a couple of electrical engineers volunteer their time to make the system made it very different. Now, what could have been a simple on off switch is a whole panel with an LCD display and all sorts of error lights and little IR detectors on the track to make sure the train is in the right place. It is a geek paradise...but the train NEVER works. Despite all the fancy assembly code they have running the whole thing, it doesn't work. An on/off switch would have worked..I'm certain of it!
As we complicate more and more appliances with complex software, there are going to be more problems. Heck..what's gonna happen next time your toaster oven timer crashes...you could burn down a house!
The caveman had something going for them...
The anti-salmon
Moreover, how innovative has MS (or anyone else) been about reliability? Adding new features like embedding full-length motion pictures into Word documents (apologies to Neal Stephenson) is one kind of 'innovation,' but it comes at the cost of gains in stability. One could argue, and people have, that most commercial software is derivative anyhow, and its mass adoption has stifled opportunities to create more stable products.
And finally, do we really need that many new twists on things? I'm not saying stop research or trying new things, but mainframes running COBOL code have been hosting most of the world's financial and business information for decades, and they are legendary for their stability, with low incidence of data corruption and uptimes measured in years to decades.
"Hardly used" will not fetch you a better price for your brain.
10 steps for builidng a successful software product:
1) Fire half (perhaps all) of your programming staff. Most of them don't know know the difference between a heap and a stack, don't have a clue beyond the Java language, and if faced with the prospect of learning x86 assembly language, they'd faint.
2) Hire people that *do* know the difference between a heap and a stack, perhaps have written in some assembly somewhere (even if just in college), and have figured out how to use a few more languages besides Java.
3) When doing #2, ignore college degrees. Whether or not someone has one doesn't indicate whether or not they're a good programmer, at least until our the majority of our school system can actually teach the *relevant* skills.
4) Plan. Plan. Plan. Document. Plan. Flowchart. Plan. Plan. Discuss. Plan. Discuss. Plan. Document. Plan.
5) Code.
6) Discuss. Test. Fix. Discuss. Test. Fix.
7) Refactor
8) Repeat 6-7 until all the software has been reduced to the simplest, most error-free possible codebase for its functionality.
9) QA. (Yup, this happens *after* the testing in (6)!)
10) Ship.
-- sigs cause cancer.
no, but you could at least get a second opinion from a better educated source.
Right now, with CSS (Closed Source Software) all you have is second opinions based on ancidotial evidence. The evidence that software X will work for you is only as good as what other people have done with it. At least with OSS, you can pay an expert to help you get an educated second opinion, and see if the software can work for you.
OSS is not the solution to the problem but rather it can help you decide if software can work for you. And probably for the general case, most people can trust the MS verdict on what their software can and can not do. But if you are doing something strange and experimental with say MSSQL, you can't rely on what they say. In that case it might be a better choice to use an OSS product that you can see the source and have a better indicator for predicting what the software will do.
I guess I've had a different experience with reliability than most of the posters here have had.
Given a piece of software that has both Windows and Linux versions, the Windows version is almost always more reliable/less buggy.
The Linux version usually seems to have been done as an afterthought, and most of the development work goes into the NT product.
I'd like to choose the Linux version everytime, but for most software, the Linux implementation just isn't there yet.
As long as companies like Microsoft are around to pump money into lobbyist firms and election campaigns, we'll never see a software-reliability law that's actually beneficial to consumers.
I'm pretty much willing to settle for some sort of truth-in-software-advertising law... so when William H. Macy's voice tells us that Microsoft's server software is totally secure and reliable, it also has to tell us that Microsoft's EULA says that if this turns out not to be so, tough shit on you for believing it in the first place.
~Philly
I agree. Most software is very reliable. More aircraft crashes are caused by mechanical problems than software issues. If there is a life threatening fault in a piece of software, this usually results in a recall. The only software that's really unreliable is consumer level, and you are quite unlikely to die from Word crashing (even that doesn't happen to me much).
I started using computers ca. 1979, when my dad got a TRS-80. I don't remember ever encountering a single software bug on that system, although the hardware certainly had its problems.
But does that mean that quality is getting worse? The OS on that machine was on ROM, and was about 4 kb. A modern OS weighs in at many, many megabytes. It's possible that the number of bugs per line of code has actually been going down.
Another possible metric is how often the user encounters a bug. By this metric, non-OSS consumer-level software has certainly been getting much, much worse. I switched to Linux from MacOS, and my average number of bugs encountered per day went from maybe 5-10 to some number less than one.
Some things have definitely changed since 1979:
Find free books.
"Because software needs to be thoroughly tested before it can be called reliable. "Cutting edge" software tends to be poorly (relativly speaking) tested, since it hasn't had that much time in the real world."
This is circular. You nearly imply "cutting edge" is not reliable by default. This is a mistake. If there is a market demand for reliability on the consumer level, then it may need a cutting edge solution: New diagnostics or testing mechanisms. Perhaps OSS is that cutting-edge methodology and it simply has not caught on everywhere.
..the notion that vendors would be liable for *bugs they know about* has some merit. Think about it. If the large companies-we'll pick on MS because it's such a good example-were forced to fix bugs in a timely manner, then they would need to accept bug reports. They would also have to release bug reports as soon as they knew about them, ie, they couldn't sit on a critical exploit and let people hang out in the wind for months and months. Once a report was made to them, it would then become an official bug they couldn't ignore. They'd have two choices then, switch to open source to find as many bugs as possible in the shortest time, or keep paying claims forever because they ignored bugs. Either way they would release less of better quality, not really a bad idea. If they wanted to hire professional beta testers, so what? More paid jobs. I don't see that as being all that bad. Nope, I don't.
Open source -FOSS- is in a unique position because it's "free". There can't be any damages if you haven't paid for it, or at least that could be part of "the law" written into it.
Normally I'm against new laws, but instituting some sort of consumer protection should be in order, if these companies want to make serious profits all the time. There are very few examples of consumer products out there that have no liability at all attached to them. With just a short time reflection on it, I can't think of any off hand, just *some* software. Eventually it's going to happen, so better to sort it out now, it really should have been sorted out 30 years ago, IMO. I tell you what will cause it too, if it's not done voluntarily in advance and adhered to, the first uber killer mass virus or trojan that makes code red or slammer look like a case of the sniffles, a net-killer. You'll get ten times worse legislation out of washington if the software community waits until that happens.
I'd say it's bound to happen sometime, too. The article cites 50 some odd billion a year already in losses due to either bad or insecure programs, you have something bad happens that does ten times that in one day or something, you WILL see the mother of all knee-jerk reactions from "the software consumers".
Well, OK, say that "something" is needed - What would be reasonable, but still not stifle development? One would be outright sales of software, not just renting -licensing of software. You buy it, you OWN it. You get it at such and such a date, as of that date it worked as advertised, after that date, well, up to the vendor then, anything "new" that needs to be added is up to them, from free unlimited patches and updates to pay-for individual bugfixes and exploits as you go, forever. Could be a yearly lease thing, whatever. For-profit vendors would get on the ball pretty quickly then if they charged too much or it didn't work all the time. they'd be forced into auditing as the most important part of production. Hmm, is this a bad idea really? The software is sold as "works on this and this, won't work with that and that". Yes, that would make software developers tend to work around just a few pieces of hardware and one or two OSs max no doubt. It would also be very expensive. Very expensive. Maybe people would go to the no liability but free stuff then? And I can see various versions in between those two extremes.
Could there be set limits per incident? Perhaps. Max liability, perhaps.
How about classifications of software?
"Entertainments" might be of lower criticality (so less liable in terms of maximum cash) then say the pacemaker software, or auto-controlling software. "Communications" like browsers and email and chat would be in the middle someplace in those terms of criticality. If your business depends on UPS or FEDEX to ship widgets, and they constantly don't get there or they are smashed, those companies would be sued out of existence. but if your widgets are electronic, well? It's just your tough luck as the consumer then, the software and the infrastructure has let you down, but they all get to say
Forcing companies to disclose bugs in this way could only serve to allow users to make more educated purchasing decisions on the basis of software reliability.
Imagine that I wrote some software that I *knew* was buggy, and then sold it to a hospital or into another situation where people's lives were at risk. Imagine then that one of the bugs I knew about before selling the software killed someone. Why shouldn't I be responsible for that?
Lots of people don't even WANT reliable sofware - at least, they don't want to pay for it. I'll happily accept my software crashing once a week if it saves me $300 on the cost of what would otherwise be $100 software. The last thing we need is to have the software industry start to look like the healthcare industry, where everyone pays 3x what they should to cover the insurance in case someone needs to sue someone else.
If you need absolutely, positively reliable software for some purpose, than contract with a company who is willing to provide it, and pay the price it takes to get it. But Joe Blo software user should have to foot the bill because someone ELSE wants to force ALL software to be reliable under penalty of multi-million dollar lawsuit. If I sell an operating system designed to let you play MP3s and video games and browse the internet for $99, and you use it you run your mission-critical application that causes you to lose $100 million when it crashes, why should I be liable because you used my (albeit buggy) tool for a $100 million mission critical ap? It's YOUR job to assure that you are using the correct tools for the job, NOT the guy who makes the tools!
It's like cars - just because your transmission goes out doesn't mean you get to sue the manufacturer. You get your transmission fixed if you've purchased a car with warranty terms that allow it to be fixed, and otherwise you pay for it yourself.
paintball
What they should do is remove any legal weight from clauses along the lines of "This software comes with no warranty of any kind, including fitness for any particular purpose..."
If you're taking my money for it, it should be fit for something, just the same as any other product, and just the same as any other sales pitch, I should be given a fair and accurate description of what the software I'm paying for is or isn't fit to do.
Part of the problem here is that most people on this thread seem to be thinking in absolutes: "if Word crashes, I can sue MS for [evil grin and pinkie finger to mouth] one million dollars!" It's not about 100% reliability, it's about reliable enough. A word processor doesn't need to be bug-free, it just needs to be reliable enough to write my documents under normal circumstances. MS might reasonably be expected to pay some compensation for excessive downtime due to their carelessness with the recent product activation issue, but not if Word crashes because of some incompatibility with other software on your machine about which they can do nothing.
Surely it should all come down to fair and reasonable marketing claims (don't say it's 100% reliable if it ain't) and fair and reasonable compensation when those claims are found to be erroneous (if you said it was in good faith, but it turned out not to be, you give me back some reasonable amount in compensation, depending on how effectively you addressed the problem once it was discovered).
If you want 99.99999% up-time for your server, you can buy from someone who claims to provide it, paying whatever the going rate is for it, and expect to get it (or compensation). However, you aren't entitled to assume that WinXP is suitable for running operating theatre laser surgery algorithms "just because" and then sue MS when it doesn't live up to the job you've foolishly given it.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
why should an electronic engineer who designs a program to operate the gears be exempt?
As an electronic engineer, I make my system based on some OS, so either I or the OS manufacturer (which, I add, licences an OS, if it is used against the license terms, it is my liability) has the liability.
What are you really? electronics engineers build circuits and hardware. Programmers build on top of an OS. Unless you got a RTOS, you almost certainly got no claim of correct operation. You really want to warrant that MS or Sun makes a bug-free product?
"We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
Programmers build on top of an OS
Not always. There are alot of embedded applications where there is no operating system at all. Each program would function as its own operating system. There is overhead with OSes and sometimes you don't need the functionality. When you have simple hardware with a simple interface, dropping the OS is a good option.
Also, I'm pretty sure the software that runs air traffic control or cars has a chain of responsibility going back to the programmer.
Why, o why must the sky fall when I've learned to fly?