Slashdot Mirror
BBC Commentator Goes After Software Licensing
An anonymous reader writes "Bill Thompson, a regular commentator on the BBC World Service programme Go Digital, criticizes current software licenses (including the GPL) for giving developers 'freedom from responsibility which would be considered wholly unacceptable in almost any other sphere of activity, public or private'." From the article: "A friend of mine is a children's writer. When she writes a non-fiction book she is typically asked to sign a contract that indemnifies the publisher against legal costs resulting from errors of fact in the book. If she was to suggest a school experiment that involved drinking sulphuric acid, because she'd confused it with acetic, then she'd be in big trouble. Yet I can't do anything when a company produces software that exposes my online banking details to any script kiddie with time to spare, because I've agreed a license that removes such liability. "
I agree. I should be able to sue CmdrTaco for getting me fired.
Be a real patriot: Question authority. Think for yourself. Formulate your own conclusions.
Publisher is to Author as
...BZZZZZT!
Software User is to Developer
I read
It's about time that someone got up and did something about this. It's time we realized the customer comes FIRST and our comfort and legal safety POST.
Trying to become famous by taking photos. Visit my homepage please.
I bet his wife gives away her books for free, too. On a more serious note, this is more expansion of the culture of victimization and the lack of responsibility that is taking over the Western world. Nothing is ever our fault, we muyst always find someone else to hold responsible for problems that we should be tough enough and capable enough to not get into or to solve ourselves.
The keyword is that people agree to these license. If you don't agree, don't use the software. Or, you could buy more expensive software that comes such a guarantee. I can't think of any specific examples, but I'm sure the software that runs pacemakers has some sort of guarantee. However, it's very expensive.
Bradley Holt
Little Johnny was a boy. He isn't anymore. For what he thought was H20 Was H2S04
If religous zealots don't believe in Evolution, then why are they so worried about bird flu?
Sadly, legislation is probably the only way to make software developers--or rather, their companies--more liable. What, you expect the free market to take this one on? Who here honestly expects a company to decide it's competitive to be more liable?
No I'm not trolling.
The license is an agreement. If you don't like the terms, don't accept the license, and don't use the software.
There is a lot of crap out there about companies liking proprietary software because it gives them someone to sue when the software breaks catastrophically. That Microsoft has about a $40 billion dollar war chest, earned almost entirely through the sale of very broken software, pokes some big holes in that theory.
You're getting software for free. Don't bitch about indemnity in the license.
The solution, I think, is that the realms of coding and of liability need to be separated. Let the coders code and let service companies such as IBM work together with them to provide support and, if needed, liability for customers that need it. This is exactly what happens when IBM "sells" Linux to Wallstreet, for example. They sell the kind of responsibility for the software that individual developers could by no means provide.
I would hope that Mr. Thompson considered the alternative that people often hold others accountable for their own ignorant actions. Yes, a publisher is often held accountable for the stupid actions of a reader (who would be stupid enough to drink sulphuric acid?). But is that situation an indictment of the author, or the court system that allowed an ignorant person to use the courts to make whole an action that the claimant should be responsible for?
No, I do not believe that everyone should be left to fend for themselves without ANY regulation. If someone produces a medication and makes a claim that a patient considered reasonable, and they get more ill or die as a result, then the company should be held accountable. But to make every fucking business activity subject to error and omission insurance will wreak holy hell on our economy. E&O insurace requirements will guarantee that
1) software development will slow,
2) software for process control will halt due to liability questions,
3) make lawyers and insurance companies rich,
all without one single shred of evidence that any of these effects actually made software development any *better*.
When I install software, especially for the first time, I do NOT have it on my production machine. Why do people like Thompson like doing things like this? Why should a software publisher spend heavily to debug (and still not get EVERYTHING) in a manner that *assures* the E&O insurer that it will not delete Mr. Thompson's latest mp3?
"Rocky Rococo, at your cervix!"
This is great, really. Customers first. Personal information is very well.. personal. It's great to see that someone is standing up for this..
Add me as a friend!
And shouldn't the companies that implement the code be responsible for the insecurities, instead of passing the buck onto the developer? If a company incorporates a piece of software, and does nothing to lock down the program, doesn't change passwords, doesn't configure it properly, shouldn't the company be responsible? A developer is responsible to a degree, but so is the user. It takes two to tango, and going back to the quote, if a kid drinks sulphuric acid, how did he get it? The parents are responsible for the kid... Just like the system is the responsibility of the owner/operator...
Don't get me wrong...bugs suck, but suing someone over it is as equally bad as releasing buggy software.
Nothing complicated. A form-to-mail script perhaps. Let's see how he fares.
Software quality aside. I am glad the world hasn't gone lawsuit crazy with Software liability cases. No stupid cases about how joe idiot did something stupid and lost his job because he didn't back up.
Consumers Bill of Rights, or rationalization that current statutes regulating trade uphold certian Subjective Rights, that may not be given away. In other words, the contract would be invalid, since it imposed illegal conditions.
Boring old institutional engineering is the answer once again.
Arrogance is Confidence which lacks integrity. -- me
"But see, if we had to ensure that everything worked all the time, it would take too long and nothing would happen. There would be no software."
"Oh, I hadn't thought of that," says the commentator whose argument proceeds to disappear in a puff of reality.
Meanwhile, Industry, rather content with itself, goes on to prove that black is white and white is black and is sued into oblivion by the DMCA.
If brevity is the soul of wit, then how does one explain Twitter?
Unlike cars, any given computer software is absolutely identical. So one defect will affect pretty much everyone the same way. We will need to be really careful in figuring out how far to hold the software company liable because of this.
All software still must meet strict products liability. That is, if your software causes users physical harm then the software developer is still liable. For example, if navigation software causes a boat owner to drive his boat onto a sandbar and someone is hurt or killed, the software make is still liable.
That said, you don't have to agree to the license. If you don't like the license, then pay more money for a piece of software that has a license that you agree with. As with all contract negotiations, you have to pay more if you expect the other party to accept more responsibility. If you look around, you will find plenty of software that does accept more liability. It is usually sold to the military, airlines, etc, but it does exist. If you want it in mainstream accounting software you will have to graduate from quickbooks, and negotiate directly with the company selling the software.
Go ahead and try. We'll see how far you get against a roomfull of the banks lawyers.
Free Mac Mini Yeah, it's
Has anyone tried to sue MS or any other company that produces closed source software for their losses that happen when a "script kiddie" gets theyr money because of bad programming?
If so, how did it go?
I'll write my software and do what I want with it.
Thank You
Dont forget, the entire point is the freedom to choose. You always have a choice not to use the software in question. Does he think that the guy who wrote did so in order to conduct business? I don't think so.
-d
"Here Lies Philip J. Fry, named for his uncle, to carry on his spirit"
In many cases, there is no option for a more expensive software that comes with a guarantee. Yes, some software like hospital life support and air traffic control come with a guarantee, but that is why you will see many 'normal' sw mfgs license mention these applications by name and say that you should not use their product in these environments.
"I'd rather be a lightning rod than a seismometer." -Ken Kesey
Just my two cents...
I didn't RTFA, but from the summary, it sounds like he has a point. However, it also seems to me, that it is much harder to fool-proof software than it is to fool-proof books. For example, an author doesn't have to worry about readers interpret the book, but software designers have to code for all different types of hardware that it might be run on. It just seems like even the best programmer in the world will make honest mistakes, but it doesn't mean that they should be liable for it, especially if it is a result of poor implementation of the software.
"As you say - certain behaviors minimize the HIV risk and writing Slashdot tripe on Friday night is by far the most secu
One causes bodily harm, the other doesn't. If some software that was written for a flight navigation goes haywire and the plane crashes, you can be the software company will be held liable.
Personal safety is held in much higher importance than financial loss.
I agree with Bill Thompson!!
We should definitely make this kind of thing actionable, so that every time my unpatched Win98 machine gets a virus I should be able to sue Microsoft.
You can always sue a service provider (bank, etc.) for such things as making your personal information public. They in turn however, cannot sue the software company (necessarily) because they (the bank) had an opt in. You can sue bacause you had no say in what systems the banks use, so you cannot be held accountable. You didn't agree to waive your rights and to accept liability.
Put yourself in the bank's shoe however. When you install an OS or any application that comes with a EULA, you have the choice to not use it if you don't agree. It's not ideal, and it puts you at risk, but you have a choice. That will always be the deffence of the software companies.
The argument can be made however that you actually DON'T have a choice, only the illusion of one. If you need to provide a service (or rather, have a service provided to you) and every product out there has a self indemnifying EULA then what option does a user have?
- I didn't spel chek
http://www.watacrackaz.com
If liability were mandatory, software companies would be forced to buy very expensive insurance policies to cover the potential costs of being sued, just like doctors in the US must buy malpractice insurance. The result would be the same as in the medical field - vastly higher prices.
Consumers complain about the poor quality of software right up until they walk into a software shop - then they buy the cheapest product.
From the Windows XP Home EULA, with caps removed to get past lameness filter: and so on and so on.
With this amount of legal protection, I feel completely safe using Microsoft products!
Software is not going to be perfect. It is always going to have bugs, it is always going to have vulnerabilities. The level of danger in most cases depends on the administrator (or at least, the person running the software on the host end). If a person were able to break into your bank's software, then your bank is responsible. Your bank choose to use the software, your bank allowed for holes in their security.
Yes, the developer holds some blame for the vulnerability in the program, but they cannot be held responsible for a choice to use it and what may come of that. There is an exception though; contracted work. If you are contracted by a company to make a piece of software, if it fails then you are directly responsible. They did not "make the choice" to use something you had released, they asked you to make something for them to use.
If a robber was able to steal the contents of the safety deposit box at the bank, you would not hold the manufacturer of the safe responsible. If, however, the bank enlisted their own designers to make a custom safe, the bank could in turn hold those designers responsible (assuming they didn't leave the door open).
Let's make all software developers totally legally responsible for their programs. That way, the only people who can afford to write software are huge companies, and even computer progamming for hobbyists ceases to exist because of the liability issues surrounding the creation of code. It'll be sort of like the doctors who have to buy really expensive malpractice insurance as protection against frivolous lawsuits, only the people who have to pay in this case won't be pulling down doctors' salaries.
A book is either wrong or it's right. If it's wrong, then it's wrong for everybody, and thus the author should be held accountable for the mistake that he or she could've found beforehand.
With software it's different. Just because some code works on a million machines, doesn't guarantee that it will work on one you try to run it on. Because software developer has no (or relatively little) control over the environment the software runs in, the best they can do is account for as many possibilities as possible. Even with that, if you make certain assumptions about the environment today and they are true, doesn't guarantee that the update installed tomorrow will keep it that way.
Just think about the fact that most people running windows probably have the installation in C:\windows. If you hard code that path into your code, you're software will be ok for 99% of the users. Then comes along someone who decided to install it on D for whatever reason. In best case, your software no longer works, in worst case, you seriously screwed up someone else's system. Simplistic example, I know, and it's easy to account for this type of thing, but my point is that there are thousands of examples just like this, and it's unrealistic to expect programmers to account for all of them. Sooner or later, every programmer will make some kind of an assumption about the system that their program will run on.
As a result I'm forced to conclude that lack of control over the system environment in which your software may run should relieve you of any responsibility for what happens when your program misbehaves due to non-standard circumstance.
...for giving developers 'freedom from responsibility which would be considered wholly unacceptable in almost any other sphere of activity, public or private'.
Yeah cause you know; gun manufactors are totally held responsible for each person shot or killed by each of their guns. Oh and of course Silverware makers are totally held responsible for stabbings with their utensils. Oh and bullet manufactorers are also held responsible for whatever their bullets are used for. Oh and lets not forget energy providers for providing electricity that can kill, or water and sewage system maintainers for people drowning and stuff. What a total load of crap.
What planet is this guy living on?
My car was broken into... Can I sue Pontiac for not making my windows thicker and my door locks stronger?
Medial equipment, avionics, there's plenty of stuff that is specifically made for situations where failure is not an option. Consumer software is not such a thing.
Free Mac Mini Yeah, it's
If there was a market for software where the developers indemnified their softwre, you would see such software. People just aren't willing to pay the price except in rare circumstances and then you're usually into the realm of bespoke software. Would the comentator be willing to pay $1000 for his web browser?
Rich
Those stupid little EULA won't protect from claims of negligence.
If a software program tells you to go drink acid you better believe you can sue regardless of what you clicked on.
It's very similar to those stupid little signs on dump trucks. 'Not responsible for objects that fall off'
The hell they aren't. If something falls of the truck and hits your car you can be assured that stupid little disclaimer will offer no protection.
Technology, the cause of and solution to all of life's problems.
Normally, I'd agree with the commentator in this article. If you sell software, you should be subject to the same liability as if you sold any other thing. For example, if you sell me banking software, it's assumed that this software is secure and won't easily let hackers steal my account information. If you sell a car, it better not explode every time it gets rear-ended, or have tires that explode when going over certain speeds.
But if you give me a car, or if my hobbyist mechanic friend builds me a car and then gives it to me, I can't really hold him responsible for it not functioning properly. Same thing if my programmer friend just gives me custom banking software he built. When you get something for free, it needn't be licensed in such a way. If it had to be, then no one would ever give anything away from free, which is bad for the public. The better solution is for people who are worried about this potential to simply not accept things which are given away for free.
We have such restrictions on sold goods because otherwise our market can be completely tampered with. Without them, it allows companies to claim goods perform a certain function safely and reliably when in fact they don't.
I do agree though--there was a general trend in EULA's for software developers to say, "Listen, what happens now that you've bought this software is YOUR problem. If it fries your hard drive, or sends all your most personal files to my friends, that's YOUR problem." Yea, that's bad. But the GPL simply doesn't enter into it. The GPL is a license about copying and redistributing software. If you start selling GPL software to a company, then maybe the company that sold it can be held a bit responsible for it not working well (they should, after all, be testing the configuration; otherwise, why are you paying them?).
Unfortunately, I don't think the "security" issue is really the critical one. After all, car manufacturers aren't held responsible for making car theft easy (even though it actually is quite easy). Software developers (especially open source ones) spend a lot of time on making software secure, but we can't possibly hold them responsible for every hack. No products, be they physical or in the software world, are really completely secure.
Sure something could happen. Maybe firefox leaks personal information or your previous draft of an email to Ford reveals you are talking to GM too in a Word doc.
These are risks. If the risks are serious enough in your mind, you can buy insurance; often from someone backed by companies like Lloyds Bank that have expertise in such areas. But don't demand that everyone pay for insurance.
It is your freedom to decide if you want insurance or not. Don't try to dictate your wishes upon everyone. The costs will just be passed right back to you.
One argument against product liability for software is that it would destroy the industry by placing unacceptable costs on developers, and that it would wipe out the open source movement in its current form since there is no way an organisation like the Mozilla Foundation could distribute Firefox for free under those terms.
But nobody bought a copy of Firefox, did they? The only way you should expect to have consumer rights is if you actually bought the product. In fact, why even mention free software at all in the article?
Comparing an author of a book to an author of a program isn't really a fair comparison. Don't get me wrong though, I agree with the article. It's just that you can't ever really predict what someone is going to do to break your design. Obviously most developers could do a better job of making their code secure, but by holding them accountable for the actions of someone with malicious intent would be more like holding Ford accountable for some kid going around and making people wreck by shooting their tires out or some sh!t like that.
When she writes a non-fiction book she is typically asked to sign a contract that indemnifies the publisher against legal costs resulting from errors of fact in the book.
Authors are typically also asked to sign ownership of the copyright over the publisher. So, it sounds like said publishers now want ownership of the IP with someone else essentially signed up to take all the legal liability.
For that latter, they could technically just go to an insurance company for that kind of thing. Buy, why bother, when you can essentially get someone else (the author), the bear this burden for no additional cost.
With software, a lot of bugs are caused by interoperability problems, but it's very hard to tell who's at fault. The software manufacturer? The hardware maker? The operating system? The organization which wrote the drivers?
If someone wants to take responsibility for a complete package (for a fee), then that's fine, but otherwise nobody will write software for fear of liability beyond their control.
And of course I screwed up the subject, but that's not the point :)
From the article...
"But if a system is unjust then it should not be supported, and an unwillingness to strip undeserved privileges from a group, however noble their cause, is not sufficient reason to maintain the current dispensation."
-
I guess every one of us choose wich privileges we want to "drop"....his argument agianst Open Source is quite handy against any other software license around...they keyword is "you have a choice" and I choose something else.
From the article: The point is not that we should encourage lots of lawsuits against software companies, or have unlimited liability for software. After all, I can't sue Toyota if my car doesn't start and so I miss an important meeting, although I can sue it if a design fault means I crash on the motorway.
This analogy would make sense except that you can void a warranty (and assumedly any liability) if you make any adjustments to the car that could negatively affect its braking system, etc. The same is true with software vendors only amplified a thousand times. Software vendors have no way of telling ahead of time what kind of hardware faults, existing programs, etc, are already installed that could interfere with the operation and security of the program.
Further, nobody holds a car company liable if someone finds a way to jimmy the lock and open your door, which would be the equivalent of a hacker in this case.
These kinds of liabilities only work in more closed systems.
Can you imagine what the lawsuit would be like when some user says "Software X deleted some file" and the software company says "No, it didn't." How would you go about proving this either way? Or in the case where perhaps a virus or something performs an attack on your software like perhaps a buffer overrun attack and causes the file to be deleted? OMG this would be messy for both sides. I can't imagine trying to make a jury understand the issues involved! I think they would end up picking a winner rather arbitrarily based on the personality of the lawyers and witnesses.
Avoid Missing Ball for High Score
Someone likes Douglas Adams. :)
Here lies Lester Moore .44
Shot with four slugs from a
No Les, no Moore
So can I sue Mr. Thompson for every typo in his stories?
Slashdot EeziPost (TM) MK I.rc
[ ] Another: [ ] Dupe [ ] Slashvertisment [X] WTF [X] $editor is a dork
[ ] Frist psot [ ] link to GNAA [X] Link to goatse [ ] $random_drivel
[X] I Haven't RTFA, but... $random_opinionated_comment
[ ] Slashdotted already!. I bet their server runs on $topic_item too
[ ] Soul_sucking registration required
[ ] Mod Parent [ ] up [ ] Down
[X] Fsck: [ ] SCO [ ] Micro$oft [ ] DMCA [ ] DRM [ ] MPAA [ ] RIAA [ ] Google [ ] Bush [X] BBC [ ] You all
[ ] I for one welcome our new $topic_item overlords
[ ] Imagine a beowulf cluster of those
[ ] In Soviet Russia, $topic_item owns you!
[X] Meh!
[ ] Netcraft confirms $topic_item is: [ ] dead [ ] dying
[ ] But have the inventors thought of what will happen if $random_amateur_insight
[ ] Once again the USA is clamping down on my [ ] Amendment rights.
[X] You insensitive clod
[ ] But people who download music from P2P networks are more likely to buy the album
[ ] Cue DVD Jon-type crack in 3..2..1
[ ] Torrent, anyone?
[ ] Here's a link to a patch: $random_linux_distro_url
[ ] Profit!!
[X] Still no cure for cancer
Everything has its price. Authors accept some responsibility, but they are paid far more than any OSS developer. Also, there are a lot more ways that software may malfunction than the reader may misread a book. Any book on chemical experiments contains a disclaimer "do them under you parent's supervision".
"Long run is a misleading guide to current affairs. In the long run we are all dead." (John Maynard Keynes)
Please correct me if I'm wrong, but I believe at one time Trusted Solaris used to have some (albeit limited) "will be liable" clauses in their license.
The same companies who declare in writing that their software is essentially worthless and is sold with no warranty, expressed or implied also scream bloody murder about software piracy.
I say you can't have it both ways. If you say your product is a worthless piece of shit then don't complain when I steal your worthless piece of shit.
If commercial softwarre ever wanted to prove their value over decentralized open source, this is it. Without a centralized authority and a large pile of money, open source can never provide the liability guarantee of a corporation. Very few open source projects have this backing, and very few capable backers would support open source. This could provide a balanced duality in the software world: either grab the software for free and accept the liability, or buy into commercial software with a gaurantee.
Such liability contracts should also promote pro-active testing, testing that actively tries to break the rules and testing logic that looks for problems at the source level. Most testing habits involve testing against the rules while ignoring the unexpected cases where most exploits occur. Being liable for such exploits would put some heavy pressure to change those habits.
Anm
...is that a general purpose computer system is a complex combination of hardware, firmware, device drivers, operating system, libraries and application code. Even if I provided you with a warranty it would be in a "blessed" configuration, and even then I'd disclaim any liability for external influence causing my program to malfunction. For those that actually need it, they are better off getting a company to support the whole setup, and possibly with an insurance to cover their backs.
Live today, because you never know what tomorrow brings
That's nonsense. Just like you can't pilot that plane on the first day, you should be responsible for learning to use software before you can blame someone for the disruption in your life when you lose your data or crash your system. You always have a choice.
the author wants to download software for free *and* be able to hold the author liable for any (direct or indirect) damages... Talk about free-loading.
Coding and liability are in principle independent.
When the author assumes liability that constitutes an extra service. What we need is the ability to get software for free, and the ability to get fitness and other guarantees - in exchange of a fee.
There is a HUGE difference when designing software. When you talk about massive monolithic pieces of software, close or open, it becomes very difficult to search for every possible error. People are going, for the most part, make software that works to keep their customer base, or in the case of Microsoft and Oracle, spend lots of money on advertising to get people locked into software that doesn't work.
The argument with the children's book is also a stupid argument. If I write something down and someone follows it, there is a trust relationship there. You have to trust the book, the author and that the book didn't get modified along the way. If someone slips in a new page before it gets delivered to you and you follow instructions that lead to your death...yea that's not gonna happen with a book, but it can and DOES happen with computer programs. That's why computer scientists use hashes, certificates and a wide variety of other tools.
There is a trust relationship between you and the software vendor. If you don't want to trust the software unless they take full responsibility, look for another piece of software (and be warned, it will cost you...a lot!)
Free software is worth well more than what you pay for it, but you do get what you pay for, and establishing a trust relationship with free software does have risks, as does trust relationships with comerical software. The fact is due to the sheer size and magnitude of the code base to most software products, it can be a daunting task to keep they free of bugs and security issues. If you want to hold free software programmers responsible for flaws, just ask for your money back, all $0 of it.
If she was to suggest a school experiment that involved drinking sulphuric acid, because she'd confused it with acetic, then she'd be in big trouble. Yet I can't do anything when a company produces software that exposes my online banking details to any script kiddie with time to spare
The real difference is that it's nearly impossible to write any kind of complex software and have it free from bugs. Finding these problems isn't as easy as proofreading because code can function in vastly different ways depending on the context it's run in (where's the input coming from? etc).
I think software writers should be held responsible if they don't correct major bugs in software which they claim they are maintaining. When MS doesn't fix a security bug for a year after knowing about it and it then causes someone data loss, maybe MS should be held accountable. Same with OSS... Red Hat promises security patches for several kernel versions and they should be expected to provide them in a reasonable amount of time.
The problem with that is it's very subjective. What's a reasonable amount of time? What bugs are serious vs. not serious (especially when a bug thought to be not serious is exploited in an unexpected way to become serious)? What if the fix causes major compatibility problems?
It's easy to say "make software developers accountable", but not so easy to find a fair way to do that. Newspapers post corrections when they find errors, but are they held accountable for an error in a paper they printed last year? What if they printed a correction, but not everyone bought the paper with the correction in it?
The global economy is a great thing until you feel it locally.
If she was to suggest a school experiment that involved drinking sulphuric acid, because she'd confused it with acetic, then she'd be in big trouble.
This is that double-edged sword that tries to blame someone for personal mistakes, and actions. Crossreferencing is a very good idea when you're playing with chemicals. Obviously this is a specific incedent, but it holds true for everything, multiple sources are better than one. Yeah, script-kiddies can run some software that someone created, but some true hacker could write the same software and run it, then where does the blame get placed, on the compiler creator?
I think you would see less Open-Source software if there was full responsibility placed on the creator, because one hardware conflict that creates negative results could amount to blames of "lost productivity" etc, and then again, you have a person or company looking for someone to take the blame.
For real-world things, there is a well-established set of principles that describes what you can and can't do in a commercial transaction (lemon laws, right of first sale, Uniform Commercial Code, etc.). But for software, it is virtually impossible to find a product for purchase that doesn't present you with some sort of restrictive, by-breaking-the-seal-you-agree-to-abide-by-our-te
Instead, here's how I think it should work:
In other words, roughly speaking, you get what you pay for. There needs to be, I think, a better balance between consideration (payment) and rights (both the seller's and buyer's) than there is right now.
-HJ
Just so you know, malpractice premiums do not decrease for doctors in states where malpractice awards are capped to $250,000. Most lawsuits are launched when doctors maim or kill patients due to negligence, not because of highly publicized frivolous reasons. Your analogy is flawed, to say the least.
Now let's get back on topic. It's wrong for people to make excuses for bugs in code which expose my personal information to hackers, stalkers and marketers. I'd just as soon see the industry grind to a halt until they find a way to nip these miscreants in the bud. And no, I can't opt out of this dangerous system unless I stop driving (so much for being able to get food), close my bank account (yeah, hide my money under my bed so a thief has a reason to physically rob me and then kill my whole family to get rid of witnesses), declare myself dead (to retire my SSN - whoops, that's illegal, welcome to Club Fed! - or at least, welcome to joblessness) and practically move out of the country (well, actually that's a good idea if Canada is my destination).
Thanks to stupid programmers there's absolutely no way anyone can protect themselves from identity thieves. The only reason why someone hasn't hijacked you is that they don't care to.
Now please, come back after you find yourself having to fight for years to fix your credit after a hacker stole your personal information off Lexis-Nexis and then tell me they shouldn't stop the digital train for some major overhauls. Until you're a victim of the gaping flaws in the digital fortress you really don't understand the sharpness of that sword of Damocles that is swinging back and forth over your head.
--- Grow a pair, liberals... stop letting the Republicans bully you!
Perhaps this world need some more freedom - not just on the internet. People need to think for themself - not drink acid and sue the one responsible.
One practical reason why software is not warrantied like hardware products is that no one entity is wholly responsible for the design and maintenance of the total computing system.
Every piece of software on a computing runs atop a teetering stack of hardware and software each layer of which may come from a different vendor. Not even a company like Apple has complete control of their software environment bottom to top. A bug anywhere in the stack can cause a failure. Developers spend a lot of time working around problems caused by components which their product runs atop of. Virtually every individual system in the world is a unique combination of hardware,software, peripherals and history whose interaction are impossible to predict.
Just as software patents shouldn't apply, so should do damages due to loss of information, because information can be BACKED UP. There's some sort of "magic" that lets you make copies of a specific set of data only for the cost of the material holding such data. Can you do that with physical objects?
Nobody has EVER claimed that Software (in general) is perfect. Because software is much more like a 3D maze than a piece of wood, there can always be a bug hidden somewhere. This is specially true when most software depends on libraries, which themselves depend on OTHER libraries, which depend on the OS API. Take the JPEG overflow bug for example. It's been around for years, but its discovery is very recent.
You can't really demand that a software will be COMPLETELY free of bugs. What you can demand, tho, is that determinate MEASURES are taken to test for the existence of bugs - specially in critical parts of the probram, and that some SPECIFIC safety measures (i.e. security standards, error handling) are part of the software itself.
The problem with Windows is not that it has bugs, but that the team hasn't taken the appropriate measures to isolate / minimize bug effects.
I'm not going to address the other issues (liability for bugs, etc) - just this one: should we go so far as to make developers liable when their software is hacked? Is Toyota liable when some thief breaks into my car and steals my valuables (or drives away with it)? How can they be responsible for someone else's illegal behavior? We have to proceed cautiously here. IANAL, but I believe Toyota is not liable if they put standard protections (locks) on the vehicle and don't promise anything they can't deliver. Sure, I can see being liable if I promise an unhackable piece of software and then do a lazy half-assed job securing the application. But if I make a good effort and don't promise anything more than that, how can I be held liable for some hacker's malevolent behavior?
I am the author of a freely-distributed microeconomics textbook. It is published under the Open Publication License, which also exempts me from liability. If I had to worry about a manufacturer suing me for making losses because I had given the wrong formula for calculating revenue, I wouldn't have written the book. If you want to sue a publisher because you paid for faulty information, fine; but don't expect people who offer written material collaboratively to be held financially accountable for its imperfections. Certainly my lack of accountability suggests that the collaborative model has imperfections, but the solution isn't to let you sue anyone who provides you free advice.
If software publishers were liable for their bugs to the extent that they had to pay every user's entire loss caused by a bug then no one could ever afford to publish software. But as long as publishers risk no liability whatsoever, we will always have buggy software.
The problem is the all or nothing approach. What we need is a liability definition that is higher than nothing for paid software (I would explicitly exempt software offered for free, since the publisher is not monetarily compensated). For example, if the maximum risk was $100 per licensed copy with a minimum damage required of $10,000 (purely arbitrary numbers, no need to explain why these numbers are too small or too large) then a publisher could calculate the risk and appropriately assign the right amount of resources to eliminate bugs. Just an idea.
The NSA: The only part of the US government that actually listens.
Wrong. If I own a store and put out a free park bench in front, and there's a nail sticking up, and someone sits on it, I'm liable, whether or not it was malicious, money changed hands, etcetera. Why should software be different?
2. You agreed to the license.
It is accepted in law that this is generally only a defence if you had an opportunity to negotiate the license. If it's presented as "take it or leave it" then the license doesn't really represent a negotiated meeting of the minds, and courts will often find onerous terms invalid. See "ticket cases."
3. Software is different.
Sure it is -- because we all say it is. There is nothing magic about building bridges or high speed trains or cars that doesn't apply to software. Companies could just as easily have said "Physics is hard, and non-engineers just don't get it. We shouldn't be held liable for our mistakes." In fact, they often did, but THE COURTS RULED OTHERWISE. Until software hacks get off their low horse and admit that software quality is achievable, desirable and necessary, their "what, me worry?" attitude is going to plague us all with buggy software, even though there's nothing particularly special about this field of human endeavour.
Everybody's a libertarian 'till their neighbour's becomes a crack house.
Open source probably wouldn't die, since one could still have software that's free as in speech that happens to not be free as in beer, but it would be hit hard. Linux and Apache would survive. Mozilla/Firefox? Not so much...
One the one hand, yes of course software developers need to be accountable for their work. This isn't bounded by an license or developer. If you release software, you have a responsibility to maintain and support it. I'm not talking about if some one peverts your work into something malicious or if some one uses an unkown exploit. I don't believe developers need be held responsible for damages relating to thos types of situations.
But I do belive if you have software out there, you have a reponsibility to your users to patch security and stability (and privacy and others that might arise) issues in a timely fassion. Barring that, if you sit on your lorells and watch as people use a known bug to do harm with your software I don't have a problem holding a developer responsible for damage. Willfull disregard for the damage your program can have should not be tolerated.
But then again, nailing down when, what and for how long it's reasonable to expect proper support for software is pretty much impossible.
I don't epxect MS to be supporting win95, I don't expect Linux to put much active support into the 1.0 kernel, I expect ATM software to maintained so long as an active ATM using it.
If you ask 100 different people you'll probably get around 150 different answers, picking any one of them would not only be extremely difficult, but probably dangerous as well.
What you do is open the package.
The makers of the software CLAIM that by doing so it means you agreed, but that opinion has not been proven in any court of law.
OF COURSE they are going to claim you do that. They can claim anything they want to. They can even claim that their software is not a piece of crap. That doesn't make it true.
Yes, it will make suing them more dificult, but so what? Lawsuits are rarely about money for the clients- the profitablity of them is just too low, especailly considering the fact that you don't do them unless you got royally screwed.
Lawsuits are about VENGENCE. And to do that you don't need to have an easy case, a dificult one is just as much.
excitingthingstodo.blogspot.com
http://www.andfinally.com/ and bill@andfinally.com
Go tell him what you personally think of his column.
...someone to take reponsibility, then they can have it. The reason that not many products with such licenses exist is that the market is not willing to pay enough extra for it to make it profitable to the developers. It takes a lot of money to protect oneself against lawsuits, and PHBs care about the bottom line more than anything else. You want a guarantee? Buy it.
I've got an idea... how about people start paying more for software. We sell software which a small business would run their entire business off of and guess what.. they all think the $150 price tag is too steep. Well guess what, you don't want bugs and such, then how about paying what the product is realy worth and we could invest more into making a quality solution.
Everyone wants quality, but no one wants to pay for it.
Oh.. and they all want features X, Y, Z... tomorrow and not 6 months from now... oh.. theirs bugs... what a surprise.
I've read Bill Thompson's articles before and he seemed quite sensible.
I'm quite shocked at this:
"I can't do anything when a company produces software that exposes my online banking details to any script kiddie with time to spare, because I've agreed a license that removes such liability."
Yes you can Bill...
1) Don't use any software.
2) Don't use online banking.
3) Don't keep any personal data on your computer.
No software can be 100% flawless!
If every software company was to pay up when a flaw within it was exploited we wouldn't have any software: existing software companies would go bankrupt and nobody else would risk developing any software at all.
Linux/Open Source/Anti Microsoft News
It's good to know that American television doesn't have a monopoly on clueless talking heads blabbering on in things that they do not necessarily know anything about.
This has already been said in response to this comment, but it bears repeating, if only to make it perfectly clear - he's making an apples-and-oranges comparison. When you buy a book, in general, the book contains the exact same information that every other copy of the same book has.
But, to continue with the article writer's (faulty) book analogy, the publisher is not responsible for the purchasers' bookshelves. The shelves might be too close togeather to fit the book, they might be full, leaving no room for the book, or they might be straining under the weight of all the books currently on them, and the addition of the latest book causes the shelves to break.
The book represents the software with a License Agreement, and the shelves represent the home computer. Frankly, someone's hardware (width of the shelves) could conflict with the software, as well as memory space/fragmentation (# of books on the shelves), or system resources/operating system (strength of the shelves to bear the weight of the books), or system security (which I'll represent by whether the front-door is locked or not).
If a book doesn't fit on my shelves, causes my shelves to break by adding to the weight of books already on the shelves, that's not the publisher's fault. Nor is it their fault if I leave my home unsecured by taking security measures to make sure the system is secure (locking the door(s) and windows, installing a security system). If the pages fall out of the book, or information in the book is inappropriate or inaccurate, that is their problem.
Now, as I said before, this is far from the best analogy, if not the worst analogy. Microsoft should take responsibility for it's security holes, and, to a certain degree, it has, by releasing patches, and now by changing their software development culture to move away from writing spagetti code. The Open Source community does take responsiblity for the quality of the code made, by making the source avalable, so that people can find the security holes, and then fix them. Making the Open Source community liable for any security holes or bugs in Linux is counter-productive.
What Mr. Thompson is suggesting would lead to a chilling effect on software develipment, by raising the barrier to entry to those who can afford to defend themselves in court against bug-related lawsuits. Thus, companies with already enormous war-chests will be in a strong position, whereas new-comers will have difficulty with getting liablility insurance (and if they don't need it now, if Bill gets his way, they would.)
Hmm, in an semi-unrelated note, while Thompson is a fairly common last name, I wonder if Bill and Jack are related.Zagreus sits inside your head, Zagreus lives among the dead, Zagreus sees you in your bed and eats you in your sleep.
I didn't do it, I never said it, I've never been near it, it certainly wasn't me... What was that again?
Liability is one of those attorney-enriching words. Buy a gun, load it, point it at your head, and hurt (if not kill) yourself, and there is no liability. This is because of several long understood characteristics about what a gun does and what happens with high-speed metal projectiles.
Should you incorrectly state the formula for something mixed with sulphuric acid rather than acetic acid stated in TFA, you might have compensatory claim for your subsequent injury.
Software is used to complete a task or stated purpose for the software. You could buy a ladder made of pasta, but it wouldn't hold your weight, once used. In the same way, licenses have legally devolved to limit the wide, mind-staggering number of possible misuses of it. People used Lotus 123 as a word processor, so Lotus came out with Symphony, which was an abject failure. This was because Symphony added a word processor to a spreadsheet product, and people didn't 'get it'.
Windows and Mac UIs worked because of interactivity, but I digress. Let me make the point.
If you open licensing to torts, the relationships between OS, software, usage, common undertanding of computer products, and the inability for people to want to be educated-- just use the stuff-- will become a quagmire of litigation unparalleled in the history of our litigious planet. License reform isn't the answer. A free press not chained to the advertiser's pressures will expose the fraud of specific software/platform/OS quality so that educated users can avoid these products like the plague. This is another good reason for the existence of slashdot, and other non-vendor-attached forms of communications.
Avoid litigation at all costs. If this means switching from one platform to another, fine, but let's also educate civilians on how to protect their stuff. They have no clue, many of them, on how to take even the most simple steps to protect themselves.
---- Teach Peace. It's Cheaper Than War.
Interesting... I happen to have a book in front of me right now. Let's open it up and see what it says inside, shall we?
Sounds an awfull lot like a "limitation of liability" clause to me. *shrug*
The poster has taken care in the preparation of this post, but makes no expressed or implied warranty of any kind and assumes no responsibility if it turns out that the poster was actually wrong about what his opinion really is.
Despite what EULAs say, most software is sold, not licensed.
Instead of looking to product liability as a model for software responsibility perhaps we should consider using the malpractice model that is used in medicine, accounting, law and other professions.
The legal standard for malpractice isn't that something bad happened, you can't sue a doctor just because he didn't cure you, but whether the professional followed the standard practices of their field. Applied to software, the concept would mean that customers couldn't sue because the software had faults but because the design and implementation choices reflected bad practices.
I would note that many of the factors that make Windows such a security nightmare are the results of design decisions that were heavily criticized at the time they were made. Had Microsoft followed better practices, the billions in losses to Window's security faults would not have occurred.
The real question is whether software development has matured as an industry to the point where we can start talking about it having actual standards. As more and more of our lives becomes dependent on software the general public will begin to demand accountability in some form. We should all start thinking about this.
A lot of people like to think that they are "sticking it to the corporations" with the idea of lots of product lawsuits. I recently heard someone talk about "Microsoft should be liable for the flaws in their product", and though that this was a great idea to force the decline in Microsoft's power.
:) ) than their profits. For a small company, the legal fees to fight any lawsuit can easily be way beyond their means. A small company is going to have lots of competition, so they can't afford to put the cost of legal fees in the cost of their product (and they certainly can't do that with free software). Even the most frivolous lawsuits with no chance of winning could easily bankrupt more small companies.
However, this is just knee-jerk populist emotional crap which actually helps the big corporations. Big corporations are usually the ones who push the concept of liability and regulation as a tactic to suppress competition.
Think about it. A giant corporation (such as Microsoft), will have huge full-time and well funded legal teams to take on any legal action. And they are so profitable that they will not go bankrupt from legal fees. And on the occasions that they lose, they are so profitable they can afford to pay any damages, they control the market such as all the costs can probably be passed on to the consumer, and their market is so huge that damages will be a tiny percentage of their overall costs. And a big company can most certainly afford any kind of liability insurance.
But think about a small company... or a free software project... if they are sued, damages can easily be much higher (or infinitly higher in the case of free software!
Frivolous lawsuits are a boon to big corporations. Don't believe me? In the past 30 years we see a massive increase in lawsuits, a massive increase in govermnet regulations, and a whole slew of other policies designed to keep the corporations in check and to help the "little guy". And in the last 30 years, corporations have become so big and powerful as never before, and it has become harder than ever before for individuals and small buisnesses to make a living. For most of North America and Western Europe, the youngest generation will probably have a lower standard of living than their parents (for the first time since we have been able to keep track of this stuff, really). But people still insist on this empty "feel-good" populist stuff which time and time again has been proven not to work.
considering that 99.9% of all software give you NOTHING in return for "accepting" the "contract"...
it's all one sided. when you pay your money and buy err PROPOGANDA MODE ON "license" software, your "agreeing" to the "license" only buys you the ability to use it.
so what are users really getting?
what other contracts do you know of that are so completely one-sided?
even RIAA/music label contracts aren't nearly as bad. at least the musicians get money and fame in return.
software "licenses" at most give you the ability to use it.... and why do you need a "license" for that... that's what you paid money for.
the software industry can go to hell if they think anyone with half a brain expects to believe their ridiculous PROPOGANDA.
Science : Proprietary , Knowledge : Open Source
AS IS
in caps in your license is the common knowledge legal method of saying, If you use this software, it is at your own peril.
Anyone ignoring EULA's is in for a sad surprise if they attempt to challenge a EULA in the American legal system. It reminds me of those Americans that challenge the Federal Govt right or ability to collect taxes because of the wording in the legislation.
Entire software and entertainment industries are built on EULA enforceability, so if they can't get it through courts, they most certainly will get it through legislation.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
So, this guy agreed to give up his rights, and now he is whining because he got what everyone who gives up his or her rights always gets?
/. Freaks, yay me) because I refused to click on the iTunes EULA when I was evaluating the Mac Mini... the Apple Zealots thought I was unreasonable to expect to be able to play CDs on my own hardware without making a ridiculously open-ended legal contract. Didja get that? I was being unreasonable because I actually read the insane EULA.
I'm afraid I have no sympathy.
I got flamed repeatedly (and collected some
If you DON'T BUY THE SHIT THAT HAS BAD LICENSE TERMS only stuff with REASONABLE LICENSE TERMS will survive on the open market.
That's how capitalism is supposed to work. People who make bad contracts are SUPPOSED to get burned.
FTA: "Programmers have built their business models on a freedom from responsibility which would be considered wholly unacceptable in almost any other sphere of activity, public or private. [1]
We all pay the cost in wasted time, lost files, hacked systems and reduced productivity [2]. Our children spend time in lessons waiting for interactive whiteboards to be repaired [3] while businesses around the world suffer from crashes and security breaches. [4] "
Hey, you know what, Bill? You don't like the fact that you accept the responsibility and risk when you use the software? Then don't use it.
I bank online, not because I need to, but because it is convenient. I accept that there is a slight risk involved. If I only banked brick-and-mortar, and my banking information was hacked, who is liable? The bank, because they CHOSE to use software that is insecure, KNOWING that it is potentially insecure, is who I hold liable.
I enjoy using the internet. Do I need to use it? No. But because I want to use it, I accept that there is risk, and do my best to protect myself.
[1] Not so. How many stunt shows always start with a disclaimer that no one should try the stunt at home? Fore-warned is fore-armed.
[2] We all also reap the rewards of the software. Do our kids ride bikes, Bill? When they fall and scrape their hands, do we send the medical bill to the bike distributor, manufacturer, or retailer? We accept a certain level of risk. If the bike design is faulty, that is a different issue -- but then again, we never signed a usage agreement that disclosed that there might be problems.
[3] Why doesn't that classroom have a dry-erase board or a chalkboard? Why is the teacher incapable of instruction without it?
[4] Businesses would suffer more if there were no innovation in software due to possible lawsuits. Businesses would be better off putting systems in place to prevent hackjobs, to make sensitive information secure even if their system is compromised, to prevent extreme loss of business due to system downtime.
I think it is ridiculous for every tomdickandharry to want someone else to be responsible for the risk that they voluntarily took on.
Software is not a necessity. It is a tool that we use to help us do things more efficiently. The tradeoff for that efficiency is risk.
"Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
IANAL, but even if a license would seem to prevent it, you can still successfully sue the manufacturer/distributor/service provider. You're only really out of luck if you sign a waiver of responsibility that covers a specific, actual occurrence.
Offtopic, perhaps, but I wouldn't recommend drinking acetic acid at any reasonable concentration either. Vinegar is dilute, on the order of 5%, and even drinking that straight probably isn't doing your stomach any favors.
Have you read any of Bill Thompson's other stuff? He's generally a little too clueless for my liking. I feel he's coming into his IT writing role as a journalist first and a techie second, rather than vice versa, which might be preferable.
Sure I'd be willing to sign a contract accepting all legal responsibilty for problem arising from my code, but the price of my software would go up %2000, and the time to deliver would jump too. If I'm signing a contract like that, I'm going to make damn sure it's as bug free as possible. If you look at embedded software (stuff used in planes and medical equipment, etc), they probably have similar contracts, because people will die if the software fails.
If people that kind of quality from boxed software, they have to be willing to pay for it, and unless lives are at stake (or millions of dollars), they're generally not.
Choose yer poison: Prophets or Profits
Most people writing GPL'd software don't get paid anything for it. I've written various fairly obscure GPL'd software, and aside from some donations from users that are happy with it, I don't get paid for it at all. I certainly am not going to indemnify anyone against damages.
Ask your writer friend if she would provide indemnification if she did not get paid for the publishing rights, and only got a few donations from readers now and then.
If someone wants indemnification when using GPL'd software, they can negotiate a contract with the author. For example, I think I could probably provide $100,000 of indemnification to a customer that is willing to pay me $2000, though I'd obviously have to check with my insurance carrier for their exact details and rates before I'd sign such a contract.
Several people have already pointed that software is different because you agree to abide by a license agreement that exempts the publisher from basically all liability if the software screws up. But notice how no other product, even products that have license agreements, contain clauses granting such blanket indemitity??? The reason is that an exception was made in law for software when the computing industry was bright and shiny and new and really didn't have much impact on everyday life, much less safety of life.
Fast forward to today, and there are well over a 100 computer systems within 100 feet of where I am sitting. Some are used for posting to Slashdot, some are used to acquire, process and store experimental data for multi-million dollar research contracts, and some control machines quite capable of killing an innocent grad student if the computer goes 'bing' at a bad time.
Commerical software should be held to standards more comparable to every other product out there. That does not require that it be absolutely perfect, but rather that it has been designed and reasonably tested to do what it promises in the enviroment it is designed for, subject to any minimum requirements imposed by law. In the case of aircraft, reasonably tested means thousands of heavily instrumented flight hours and, usually, a ground-level test to destruction of a complete airframe. For cars, tens of thousands of miles driven and multiple test vehicles flung into solid walls. For most software, a couple of underpaid and overworked people poke at it for a few days and are satisfied if nothing breaks too horribly. Software designed to run on systems connected to the world wide web, such as Windows, should be able to do so without the web being able to connect to everything on my system. Software designed to run a heart monitor should be built understanding that 99.999% uptime is the starting point for the early prototypes, not the goal for the final product. The ONLY exception should be software that is completely free (both speech and beer varities of freedom) because you don't have to pay for it and you can see everything that is under the hood. WYSIWYG is fine when you can see it, but when you pay for it, you had better get what you paid for.
Wait until he finds EULAs on garden tools, cars, bikes, grocery market items, etc. With the recent Lexmark decision, it's going to happen folks. It's only a matter of time.
Isn't this a bit like going after an ax maker because one of its axes was used by an ax murderer?
That children's author mentioned in the article is not likely to be able to deal with that kind of legal issue. Neither are open source developers. Are we saying that no one should do anything unless they can afford any legal repercussions? Who was it who said "kill all the lawyers" again?
-"...bad old ideas look confusingly fresh when they are packaged as technology" - Jaron Lanier (Digital Maoism on Edge.o
The probability is higher that the developer/vendor carries a certain level of liability insurance to cover software errors.
It must have been something you assimilated. . . .
FOSS != non-commercial. I sure as hell hope an institution like a bank wouldn't use unsupported software be it open or proprietary. But the author apparently hasn't heard of such obscure companies as "Red Hat" and "Novell" and "IBM."
English is easier said than done.
If you as a company, invest tens of millions into a rollout of a new software product ( be it a new version of Windows, or a new Linux Kernel), without
Take windows for example. If you lose $500,000 in a day because some critical windows server crashed from a certain DDOS attack, should Microsoft be responsible? Or should you be responsible, because you should have known from years of examples that Windows is very vulnerabile to those kinds of attacks, and you should either have an external protection mechanism in place, or not use the software? I think the latter. Then again, I am not the person who thinks "sue" when I slip on icy stairs in the winter and break my neck either. I think "maybe I should have bought better gooddamned shoes for walking around in the winter". The other commentors are right, there is not enough responsibility in the world today. Grow a backbone and stop sueing everyone.
Bill Thompson's article is tantamount to treason! The pinko socio-communist's subtext is to stifle innovation and the American way of life! Won't someone think of the investors/owners?!? They've worked too hard at making as much money with as little work to be weighed down by having to pay for liability insurance! Hell, they might have to stop outsourcing development to India if they want serious quality control. And do you know what that leads to? I don't know either, but it couldn't be good for stock prices. Is there anything more sacred than that? Don't lie either you, bastage.
It's high time something like this was implemented, imho, but in reality it's probably unworkable and will be for many years. In the meantime, the market will have to act as arbiter. Would software writers be expected to test their products against the millions of different hardware configs that exist? Even a megacorp would find that very hard.
The problem is that where such consumer protection has been implemented in other industries the result has always destroyed the little guy to the advantage of the large corporations. Only large corporations can afford the insurance, the testing procedures and the hardware necessary to comply. An analogy in the EU would be with food production. No one can afford to sell home-made jams or cakes if a requirement is installing 50,000 bucks' worth of standards-compliant cooking equipment. You could argue that only large corporations can afford the legal and er er "lobbying fees" to get their way with the government mafias that introduce such laws.
Another problem in the current climate is that a host of wacko special interest groups would try to get any new law gold-plated to such an extent that no one would want to write software anymore - the safety/accident people, the accessibility people, the Hollywood/drm crowd, politcal correctness nuts of every stripe, etc.
So I guess the proposal would only work if it was fairly limited in scope and carefully drafted. For example, there might be exemptions for those publishing software as individuals, for software that is published for free, for software from a company turning over less than xxx per year, etc. And the liability would probably have to extened to really major problems only, such as the software blatantly not doing what it says on the box or failing to run under an OS with which it is listed as compatible.
I can understand the writer's frustration, but for a computer journalist he seems a little unaware of the IT industry.
Las qué passoun
tournoun pas maï
There is no such thing as a bug-free program of any complexity.
Checking facts in a book is trivially simple compared to checking a complex program with a virtually infinite number of execution states for correctness. Plus a software vendor often has no control over what their software is actually used for (what is the allowed application of a "spreadsheet"?), and hence the scope of damage from possible errors.
If software vendors could be put out of business by ONE bug in their software that escaped testing, it wouldn't be a viable industry.
Really reliable software, with a level of assurance such that a software publisher would be willing to give a real warranty on it, is REALLY DAMN EXPENSIVE. Software meeting those reliability standards would ultimately need to be tied to hardware (since many bugs are caused by hardware/software integration mistakes) and would not be very flexible.
So the system would cost as much as a car, and look like 1996. I'm willing to accept some blue screens to avoid that future.
If you turn over the software-development world to lawyers (as this article is basically suggesting), then you need to be prepared to say goodbye to innovation across the board. (And I mean the "i"-word in a very real sense, not the Microsoft marketing sense.)
You do NOT want to force software writers to bear legal responsibility for their bugs. You will quickly find yourself living in a world without useful software. Every word processor, spreadsheet, and game will cost as much as if it had to pass NASA's flight-critical code validation process.
insightful
Pay more. Find a company willing to take a contract that includes gaurentees. However don't bitch when it's way more expensive and that it takes way longer. Don't expect something cheaply turned out on the latest hardware in a couple months. Expect that it's a verified system that takes years of testing, and is rigidly controlled.
There are companies that make solutions like this, IBM is one of them. You can get a mainframe setup to do database work that will never go down, ever. However it'll be expensive as hell, you will run the DB and ONLY the DB on it, it will be accessed only in rigidly controlled ways, etc.
Software quality will only get better when software publisher/vendors become liable for their defects. Producing defective software is a cost of business, except the purchaser bears all the cost. Economists call that an externality.
I hope you did not learn not to drink sulphuric acid from a book, if you're going to call "stupid" somebody who drank sulphuric acid because of what a book said...
Are you adequate?
Mr. Thompson may not be a nitwit...I have not read anything else by him. But he compares the work of a single author to the work of literally thousands of engineers, the ensemble of which he wants to regard as a seamless whole that terminates at his browser. That is a simplification only a simpleton could value. If he thinks he can wait for his on line bets, his porn downloads and his order from Amazon until we weld together a perfectly secure internet, he might just as well hand cary the damn cash to the vendor. Dumb journalist!
SLASHDOT: news for people who can't concentrate on work or have no life at all and got tired of yelling back at the TV.
Yes I agree that software producers should not be exempt from liability. So to should automanufacturers be held accountable when someone else steals my car. I also think the automanufacturers should be forced to replace my car when I crash it into a tree after a night of heavy drinking. In fact, when I leave my keys in the ingition, and the door open, and shout with a bullhorn that anyone can drive my car if they want to, if the car is damaged, and I lose precious hours in which I could have been working, I should be compensated for that too. And I certainly think that Holywood and the publishing industry should be held liable as well. I mean the purpose of a movie is to entertain, and damnit, I deserve several million dollars for all the mental anguish bad movies and novels with gaping plot holes have caused me over the years. And I think airlines should be held responsible for the bad airline food, which is an excellent example of corporate fraud, I mean how can you call that a meal or even a snack, or for that matter food. Yes I agree software should not be free from liability, but seriously, to hold some software producer responsible for the failure to sufficiently prevent some person halfway around the world from taking virtual bolt cutters, to your software brakelines is as idiotic as it would be in the real world, with your spouse taking actual ones to your car's. Though I'm certain your wife will be happy when BMW is found responsible for her murdering you, and collects both your life insurance and the award from the BMW negligence suit!
I am not so sure drinking acetic acid is good for you either.
You choose to accept the risk, in trade for the benefits. Designing a system with no bugs is expensive and time consuming. You have to test things extensively at every level. That also means testing all the possible interactions. Not only how the OS interacts with the hardware, but how it interacts with the software, and how it interacts with each other. So when you design a system like that, the hardware neede to be known, as does all the software. You can't have it run on random comoddity hardware using random software beacuse then unforseen problems can result.
So by choosing to run software cheaply and quickly developed in random environments, you choose to accept teh fact bugs may occur.
To me, demanding that commoddity software on commoddity hardware run without bugs is like demanding that an automobile on the public streets never get in to an accident, even one caused by driver error, unforsseen conditions, or other drivers. Can't happen. If you want gaurentteed operation, you need controlled conditions.
What is legal is governed by laws. There are many laws that say you cannot sign away some rights. Exactly what these are vary from area to area.
Example, if you sign a contract that would turn you into a slave, that contract is not valid, even if it can be prooven that you fully understood exactly what the contract meant.
Courts will throw out anything that stands in their way. Waivers of liability only count as much as the court wants it to - with respect to local law, precedence, and higher courts. When they will throw various clauses varies based on how bad the damage is. If a product kills a consumer because it was faulty they will throw out all liability limitations. (But if this was first human test in medicine and the product turns out to kill 1 in 30 there would be none because it is clear that the subjects should know it is a test).
In short, the limits of liability are mostly wishful thinking. Courts generally will not award damages for something you should have known was dangerous. (Which is why we have a lot of warning labels) If you had reason to expect that something was safe, a vague limit of liability is unlikely to be enough to protect you. (That is why there are many warning labels, not just 1 'this machine is dangerous' label) Though the limit might reduce the liability a little.
IANAL, Remember to check with a lawyer in your area if this is important to you.
Generally speaking, contract provisions that say you can't sue are unenforceable, among the easiest to challenge in court.
You can always challenge the contract as unfair. In court.
glad to see you, thought you might have blown your brains out by now.
You get what you pay for. If you download your software for free, you get no support and no guarantees, period. If you want support, service-level contract, and guarantees, then pay and you will get those; That's what RedHat does, actually. If you don't know who Bill Thomson is, visit his website where he describes himself as a "technology critic and essayist". He likes to find things to whine about and criticise. However, this time he got too far; He is right that commercial software (i.e. Windows!) should come with quality guarantees (and who cares whether M$ will get bankrupt, anyway?), but he was wrong to criticise Mozilla Firefox. Nobody can expect any kind of quality assurance when we talk about free software. If I was required by law to give guarantees for free software I write, I would stop developing any free software, or I would just release it anonymously. The best I can do is to explain that my software may have security holes, but I can't accept being dragged to the courts for a nightie bug in software I released for free to the world.
If this did take off, we'd soon see software companies set up like many US physicians: incorporated, with no seizable assets, renting everything they use but their clothes. Most lawyers won't bother to go after them, so they don't even have to dissolve and reincorporate in case of trouble, and they save more in insurance than most of us make.
A software company like that could write any guarantee at all, since they'd never have to actually pay it. How many PHB's would write them fat contracts without checking out the particulars (i.e., enough to discover that their bonding company was the same kind of operation?)
The software that goes into aircraft instrumentation goes through certification with the FAA. You can choose to buy a one-seat "experimental" aircraft with uncertified software and fly it in designated airspace. As soon as you carry passengers, the price goes up astronomically. You could outfit your cockpit with sweet electronics for just a few $k, uncertified. Certified components for small (say, 4-6 seats) aircraft are about an order of magnitude more expensive. Certified software for full-size airliners gets up into the $1M range.
I can testify that the certification contributes mightily to the expense, having trudged through the process numerous times myself. You can spend a month certfiying a new feature that takes an hour to code. It's the difference between buying a new car from a dealer for a major manufacturer, and buying a car that was built from scrap iron by one of those guys on "Monster Garage". Both might look cool, one might be a lot cheaper, but you're probably better off driving your kids around in the Honda.
The more people your stuff can kill, the harder it is to certify, and the more it will cost to develop. If you only want to kill yourself, you can do it on the cheap.
Yet I can't do anything when a company produces software that exposes my online banking details to any script kiddie with time to spare, because I've agreed a license that removes such liability.
What part about that statement - specifically the "...because I've agreed..." part - doesn't the author understand?
As always, nothing to see here, move along.
One is the commercial software vendors - Microsoft, for example (they're not the only one, but they will do nicely to illustrate the issues). They want to sell me stuff. They don't want to give me a warranty with it. They don't want to give me the source code for it. They want me to buy a binary, with no guarantee that it will work. That stinks. That's unprofessional. That leads to ideas like licensing software engineers as actual engineers who are held liable for their professional mistakes. Non-guarantees like Microsoft's should be illegal - in the commercial software world.
Then there's the open-source world. They say, in effect, "Here. Here's some software. I don't guarantee that it works. But, hey, here's the source. If you want a guarantee, go prove it to yourself." It is reasonable to say that providing the source makes it reasonable (or at least possible) to place the burden of proof-of-correctness on the class of users that care about such.
So there's a reasonable basis for saying that commercial software that makes no guarantees should be illegal, but open source that makes no guarantees should not.
http://www.chipzilla.org/?article=26566
Basically about how most systems arrive untested.
Seriously, under current EULAS I am responsible for anything which can go wrong. Where is the responsiblity of the programmers? I can cut some slack for freeware or other endeavors where no one is paid, but for expensive commercial software? Where is the responsibility of the programmer? Where is the responsibility of the company? Esp. when that company may have billions in cash and equivalents lying around and which could be used to fix their buggy, insecure and just barely useable software.
Seriously if you are a real engineer, a project engineer, you are personally responsibile for all errors and ommissions. We need a standard like that for programming. Cutting corners and not using best practices should not be acceptable.
I read one post about TFA being just another symptom of a vicitmization society to complain about bad software quality, but it is not. It is a just complaint, if you pay for something it should be suitable for the intended purpose. I have said it before and I will say it again: if you sold used cars like software is sold, you would be in prison. If you sold real estate like software is sold, you would be in prison.
(rant mode: off)
putting the 'B' in LGBTQ+
To continue your analogy, there are different types of hammers. If you use a ball-peen hammer for nails, the company is not liable if the hammer breaks and a chip takes out your eye (this has happened, though I don't know if it has gone to court). A ball-peen hammer is sold for the purpose of hitting metal of a different hardness than nails. They are protected.
If the same company sells are nail hammer, and you use it on nails and it breaks, they are liable despite their warning.
Products must be fit for a purpose to be sold. When Windows is sold as "not to be used for mission critical applications", Microsoft is saying that it is suitable for use so long as mistakes are not deadly.
Hey ZONK.. I think you forgot something :)
--
From the check-your-taglines dept.
While your argument "... We guarantee that you'll be able to run ... without it causing you any inventory or tax slip-ups. That will be $2 million, please, up front..." might seem specious, the banking institutions are responsable for millions, billions or trillions of dollars worth of assets and transactions per year.
They are not allowed to take these kinds of 'internal' risks under penalty of prison and fines.
Hence, they try to reduce their costs through off-shoring their development efforts. Who do you think requires all those H1-Bs? It isn't your start-ups or small shops. (They end up requiring them because the talent pool isn't big enough to provide for everybody.) Off-shoring is a way to get talent for a lower price.
While they don't care about the small stuff, a word processor wouldn't be required if a quill pen would do but people are sloppy and need editing, they are required by law to sweat the details of every transaction.
The revolution that allowed ATMs isn't the machines the customer stands at but the processing power of the mainframes and the through-put of the databases that record everything.
I could go on about who actually owns the components of a data base or of a transaction but I'm working on something.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
Wait. What's that I hear? Oh... that's just the world's smallest violin playing the world's saddest song just for you.
Can you imagine what the lawsuit would be like when some user says "Software X deleted some file" and the software company says "No, it didn't." How would you go about proving this either way?
It's called a journaled file system. HFS+ and NTFS are mere examples of this and they're the most widely used at this moment. You would have *NO* problem proving it as long as you could show the activity that happened. That's the point behind a journaled file system, to see what has changed and go back to a previous state if something undesirable happens.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
The problem I have with Bill's statement is that he implicitly argues that contract law should be modified to do some sort of blanket-invalidation of these license clauses. However, this would just exacerbate the real problem: because of Microsoft's monopolistic presence, consumer don't get to choose their preferred tradeoff b/t quality and functionality. Fix the marketplace and people will take this into account. (Some consumers already do.) If you blindly implement liability, however, you'll just cut small businesses and altrusitic programmers out of the game. Consumers will be stuck with whatever the big companies offer.
The people who advocate software liability never seem to suggest a viable way of implementing it. The average software product (commercial or open source) ships with THOUSANDS of (detected) bugs. You can cut down on this by reducing features and using very strict change control, but you'll end up paying a whole lot more for a whole lot less. This makes sense for life-critical situations (space shuttle, etc.), but it's a poor decision for most purposes. Many software methodologies (had this journalist bothered to investigate) offer a range of such tradeoffs, so it might make sense for companies to advertise their methodology and be judged liable only if they failed to follow that methodology.
I think journalist like Bill would find it instructive to learn a programming language and work a small 100-line college assignment. If he can do that with less than 5 bugs, let's give him a 10,000-line assignment. Then make him interoperate with a few buggy vendor components. Then give him a deadline, ill-defined requirements, incompetent teammates, and some poorly thought-out (but strict) change management procedures to follow. Sorry Bill, call me back when IE or FireFox kills people on a daily basis like the automobiles you praise as the model of liability legislation.
I'm systems administrator in my household and I spent over five hours last week upgrading the firewalls, anti-virus and anti-spyware programs on our three laptops and two desktop computers.
This statement is just asinine. He's blaming the manufacturer for fixing and enhancing their own software. This is like Toyota voluntarily showing up one Saturday and installing stronger seat belts, fixing a minor problem with the mirrors, and smoothing out glitches that have emerged in production.
-1, Too Many Layers Of Abstraction
The author says that although liability requirements would essentially kill free software, it's just too bad. Car manufacturers learned to deal with it too. Well, I'm pretty sure I can go get some guy with an arc welder to build me a custom car, and he may well require that I sign a waiver stating that I know the risks of driving it, and will not hold him responsible if something fails. That doesn't mean I can't still go buy a car that DOES have some guarantees of reliability... it's just that due to the costs, the software market is predominantly on the other side of things from the auto industry.
Slashdot needs a "-1, Wrong" moderation option.
The Urban Hippie
Do you happen to have any case law at all, any case cite, where a company selling a software product with an as-is EULA was held liable for its defects, and where the judgement was upheld on appeal? (I am referring to software sold as a separate installable product from the device it is operated upon, not "intrinsic" or "embedded" software as sold as part of the device such as the control program for a microwave oven or a VCR.) I do not know of any case where a court found a EULA to be unconsionable enough to allow damages, and I have never heard of any appellate case on the issue. So unless you have case law to support your argument (and there's plenty of case law to the contrary: ProCD, Inc. v. Zeidenberg (86 Fed. Rep. 3d 1447, 7th Circuit 1996) for example) I'm going to have to presume you are incorrect on this.
The lessons of history teach us - if they teach us anything - that nobody learns the lessons that history teaches us.
Has Mr Thompson ever read the BBC terms & conditions? http://www.bbc.co.uk/terms/
Consumer protection laws allow the practice today. Buying software is more like buying stock or entering a contract, than buying a spade or a sandwich. If you don't want it, don't buy it. Software: just say no. At least GPL gives you a fair chance to understand what it _might_ do to you.
I mean, at least with free (as in beer or speech) software, the lack of liability is somewhat justified - the authors aren't making money on it, if they risked getting sued every time one of their programs had a security hole would they dare release it in the first place? Far more dubious IMO is the fact that commercial software that companies are making vast fortunes selling has equally nasty (if not worse) disclaimers of liability.
It all comes down to a business proposition.
... is it good enough to ship.
... is it good enough to use.
On the part of the developer
On the part of the buyer
Both have some risk. Both are imprecise judgements (said as one who makes the call in the first case weekls and in the second, occasionally).
To take 95% of the risk out, multiply the cost and time by 5.
You'll never take all the bugs out of a complex product.
Those safety in flight and NASA programs that are cited are often very small in terms of lines of code big, don't have people pressing any of 50 buttons in any combinations, very single function and took 5 years and millions to develop.
If you were to develop and test to that degree of quality, just maybe someone else would come out with a product that people felt was good enough and, by the time your product was ready, there would be no market because people would already be attached to rev 3 of the good-enough program.
Think about it, how many of us buy the absolutely most reliable car? Or music player? Why should our buying software programs be different?
The license is an agreement. If you don't like the terms, don't accept the license.
Use the software if you like because you already purchased it.
If you don't accept the license, you simply cannot gain new rights from it- such as the rights to redistribute the software. Your rights to use it, or even modify it (or even redistribute the modifications themselves!) cannot be taken away by such a license.
Furthermore, indemnification cannot be waived as easy as many of these software publishers would have liked.
No-cost software is probably safe- even in the wake of so-called lemon laws because any percentage or multiple of zero will still be zero.
But if you spend money on something, whether it be a computer or software for the computer, and the people who sold it to you misrepresented it (Our solution is secure, this is a power supply, etc) no amount of "agreeing to" these "licenses" will help them.
I got data recovery out of [popular hardware integrator] because of a failed hard drive. I also got a refund and then some out of [popular software developer] because of frequent crashes.
It seems like some big dirty trick has been played- convincing people they don't "buy software"- like its some kind of service that can only be leased-by-definition (even if it's something that can be stolen). It's horrible because people actually believe it. People honestly believe that there's some "license they agreed to" that makes them give up their rights.
They know. Their lawyers know. The only people who don't know are the users. That's why crackpots write about the evils of licenses when they SHOULD be writing about the stupidity of them.
Know your rights, and if you want to do something that you don't otherwise have the rights to do (redistribute, for example) then read any licenses that are included. They might tell you what you need to do to get that right.
So if this guy's willing to but his money where his mouth is, I will cheerfully sell him a copy of Windows XP SP2 with a guarantee that it will not delete any of his data, crash, or otherwise act badly.
My sale price will be (retail cost of XP) + ((Cost of LLoyd's insurance policy)*1.10). What's the big deal? For a mere million percent of the retail price, this guy can get the kind of product liability he wants.
My point is that this guy is missing the point: liability is a market force. The fact that he doesn't mention the flip side -- that increased product liability would mean increased costs for software companies and those would be passed on in the price of software -- shows that he's more in the "I'm entitled to a perfect world, at no cost to me" camp than the "Every piece of software should be flawless, whatever the cost" camp.
Cheers
-b
If I wanted a sig I would have filled in that stupid box.
If you could buy a version of Windows without the disclaiming of all liability, but it cost $10K and was tied to a very specific set of hardware from ten years ago (forget about choosing an LCD monitor, or plugging in a USB card reader, gigahertz CPUs, playing games, etc), would you buy it? No, I don't think so. But that's basically the option you're looking at.
Anyone who wants to can develop software and market it without disclaiming liability. But they would be used as floor mops by companies that disclaim liability. The only places that write that kind of software are those that can afford to spend exorbitant amounts on mission-critical software development because the possibility of failure is even more exorbitantly expensive. Check out what it costs NASA to build software for their space shuttles, and the kind of hardware they run it on; I think it will be illuminating.
Government could write a law prohibiting liability disclaimers. This would kill most software for its jurisdiction. I'm sure the carmakers made the same argument, but here's the difference: software is cheap and easy to develop, virtually free to distribute, and exorbitantly expensive to prove fitness for a given purpose (especially given the possible variety of configurations typically expected of software). Perhaps most significantly, in most cases it's generally cheap to replace when it's proven unfit. In this environment, focusing on guaranteeing fitness brings very rapidly diminishing returns.
-- Moderation in all things, exceptions to all rules --
Just like a hammer, software is a tool. Indeed you can't do anything if a company makes a tools that then is used in a malicious way.
If I buy a hammer to break down your door to steal your money, the hammer company has nothing to do with that.
If I use a piece of software to break into your account, the software company has nothing to do with that.
Naturaly if the hammer comapny starts to advertise as them having the best hammer to break into houses, so you can steal peoples money, it will be a whole new ballgame.
Don't fight for your country, if your country does not fight for you.
If you as a company, invest tens of millions into a rollout of a new software product ( be it a new version of Windows, or a new Linux Kernel), without
.. then Yes, you are responsible for a large part, if that software catastrophically fails. Because it is likely something you would have came across in all this research, in one form or another.
* Fully researching the present and past state of the company or individuals responsible for the software, and their abilities both demonstrated and implied.
* Fully looking into [resent and past security issues with the software
* Doing a full independant side-by-side comparison with competitors
Yes, you're right. Corporations have IT staff for a reason: they should take the responsibility for procuring suitable software, and for arranging appropriate support contracts where necessary.
Great.
So what about Jane Average, 67, retired schoolteacher, buying a new computer because she wants to keep in touch with the grandchildren? Is she supposed to do all that research? How is she supposed to interpret the results? And what is she supposed to do when she reaches the truth, which is that there is no computer system she can buy that comes with a decent warranty. Even Apple's license agreement disclaims all responsibility for everything - they even specially state that they don't guarantee they'll bother to fix security flaws!
Jane can't write her own OS if she isn't happy with what's out there. And she can't afford to pay a company for a real support contract. She has to suck it up and hope that nothing too nasty happens.
Are you happy with that?
Do you really live in a world where people are so faceless that you only even bother to consider corporations?
Even if you agree to license that indemnifies the provider it can still be challenged. Almost every supplier agreement mentions that the provider is not responsible for negligence on the provider's part, but actually you cannot really sign that sort of responsibility away.
If you've ever read any commentary by Christopher Rice in his books, you'd see how much disdain he has for those "pass-the-buck-to-the-author" clauses. Not every writer agrees with that concept! It's a lazy concept, akin to publishing super-offensive ads in a magazine and claiming no responsibility for the ad. Let's face it, the publisher should be responsible for the content they distribute to a certain degree, like publishing errors causing serious misunderstandings.
I don't know about the rest of you, but if she tells me to drink poison in a book, I'm not going to do it.
Customers are free to purchase software which comes with no disclaimer of warranty. Companies are free to warrant their software. Neither party is interested in doing that. You tell me why, since you think it's such a great idea but the parties involved don't.
-russ
Don't piss off The Angry Economist
If you want online banking and want it 100% flaw free expect to recieve a book full of random numbers, learn how to correctly work with one time pad encryption and expect the most primitive user interface you can think of. Maybe you won't even get an interface and have to apply one time pads by hand and telegraph in the result.
Analogies don't equal equalities, they are merely somewhat analogous.
Yet I can't do anything when a company produces software that exposes my online banking details to any script kiddie with time to spare, because I've agreed a license that removes such liability.
what a dummy
I think the bad analogy in this article is between the products. In the case of a book, it is a complete product. When a book is released, it is unlikely to be used for other than the intended purposes, and when used with another product it is not expected to still stand on its own (you cant subst the 265th page for another authors page, and expect it to work, but that is expected of the dll's, windows 98 vs XP, etc.)
Most software is either released inside a complete product, and the product liabilty is left intact. Or it is software inteded to be used with other software, and with the original programmers usually not being the system integraters, going back to a single person to be responsible is no longer easy or practical.
Software has become *very* mainstream. Not all software users are as sophisticated as readers/contributors here at
When these users go into a store (K-mart, CompUSA, Fry's, etc.) and buy a product off the shelf, they expect (quite reasonably) that that product will perform the functions that it is supposed to perform. In their minds, software is just like a t-shirt or a bowling ball or a bag of bread: it's supposed to work the way it promises to work. If it doesn't, then *someone* is supposed to be held accountable. I think that you all would agree that it would be quite unreasonable to buy a t-shirt, and before you even get to try it on, you have to sign a waiver saying that you will NOT hold the manufacturer liable if the shirt doesn't function properly.
Software is interesting because we have to give up that right (holding someone accountable) before we get to use it.
That just seems plain wrong.
And for those that argue "If you're getting the software for free, then you can't expect that kind of product guarantee," well, I have to say, if you're hoping that free software will someday be as popular as commercial software, then that argument is going to have to go away.
To enforce more "national security," all software released by corporations for government, public, or economical/industrial purposes/consumption, including but not limited to, the operating system(s) and all contents therein, including software running upon stated operating system(s), in the interest of the stability of our government and economy, should fall under some liability clause stating "If you claim this improvement over a previous product, you're held liable and can/will be judged upon the facts for any damage done." If you say a new version of a previously released version of same software is more reliable than a previous version of the software you've advertised and released, and there is even *ONE* more security hole found within the newer software than the older version, you should be held liable for false advertising *AND* breach of contract (The customer pays for a product which is perceived/guaranteed "more secure," but is not,) and it should apply to licenses and advertising, as well as apply to other versions of the same software with the same name. Also, it should apply to the same program under a different name.
To prove that case, simply observe the features, not the source code. If two programs from the same company offer functionality-wise the same abilities minus a few differences, it should be considered the same product and henceforth liable to contracts from other/older versions of the program.
DISCLAIMER!!!! I AM DRUNK!!! I AM NOT A LAWYER!!! TAKE WITH A GRAIN OF SALT!!! BUT DO TAKE WITH AN OPEN MIND!!!
Let's see how many don't read the disclaimer and mod me as Troll or Flamebait, without bothering to comprehend, shall we???
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
Because Software Licenses used by almost all companies says something like "You can't blame us if it's not working properly, crashes your system and loose everything... So how could I say "This group of person freely giving their time should be held responsible for such losses" ??? I think some people are dumber than dumb and dumber... I think it's ok if some people write some application and give it freely. They say : "Don't use it if you don't know what you're doing and if you know what you're doing and still lose everything, you're mostly a dum* fu** if you're not making any backups". Now if we talk about helding some group of person responsible of a software (p2p cases in mind) and want to sue the creators of open source software that encourage piracy, I would say to such bas**** that I wouldn't have bought the stu*** song and will not encourage those kind of industries. So if they want to sue me because I uploaded my stuff to other person who wouldn't have paid for such crappy records then I will simply fight against such oppression. Now, if you tell me don't listen to that music if you're not paying for, that's another story. In all cases, I would simply not listen to it if downloading them would be really IMPOSSIBLE to do. I won't give my clean money to such dirty people. And if you say something like "it's not because you can do it that you should do it" I will finaly answer this kind of stupid remarks that "it's not because americans invented the nuclear weapons that they should have used it". It's not because you have money and power that you should use it. On poor people. Whatever, I can buy music CDs and I can afford to lose everything. But LEAVE THEIR FREEDOM TO PEOPLE WHO ARE NOT CAPITALISTS LIKE GEORGE W. BUSH!
The market will demand this when it's an issue... right now it's not. Patches, support contracts, loss of reputation and other methods for dealing with software defects are in place and improving considering the demand for rapid product improvement. This requirement would effectively destroy the free software movement and would raise the barrier to entry into the software market so that only the larger companies could develop software, this would reduce the # of competitors and increase the risk of releasing buggy cutting edge software and would thereby reduce the amount of innovation in the industry. Software and IT, particularly in the consumer segment, are really still emergin markets. The mainstream WWW is what... 10 years old, maybe?
Most modern journalists couldn't pour sand out of a boot if the directions were printed on the heel. This seems to be yet another in the series.
What is the reason for these licenses? Surely the market would reward companies willing to assert their stuff is unbreakable, and take the legal liability to prove it? Well, in some cases it does - in "vertical" markets, and at a greatly increased price. This reflects the reality of software engineering at the present moment: there is simply no way to make zero-defect software at retail prices, or as a hobby. The most that's realistic is for tried-and-tested software to have been cured of the more obvious problems.
This is the reason for those licenses. Responsibility must match control! It would be stupid to accept liability for something you can't prevent. It would be irrational, nothing short of bloody-minded spite, to enforce that liability.
So don't use the software then you fucking jackass. It's free. Go pay for something if you want to sue someone.
Imagine if the science textbook writer told the children to drink a prefectly safe liquid. But, in their classroom, the bottles were mis-labeled and several children die.
Should the writer have any liability? (Personally, I would never eat/drink ANYTHING near dangerous chemicals, suggesting it seems bad to me.)
The author of both books and software do not have control over the whole environment; just as bottles in a lab can be mislabeled, the operating system, or other applications might be incorrect.
Such as an SSH implementation with Null encryption, buffer overflows in the OS, or even a wire-tap device installed inside a keyboard to log keystrokes. Only if the same group has control over all the hardware and software on a system, can they really be confident in it's security.
The best lock in the world won't protect your house if you leave a key under the mat, same with passwords on post-its. And don't try suing McDonalds for getting food poisoning from a burger you left in your glovebox for a month.
This guy is probably right. Whereas a chainsaw manufacturer can be sued when the chain has a design defect where it whips around and hits the users in the face, and a power company can be sued when a reactor melts down, when software fails dramatically, the company has already given itself an unprecidented disclaimer from liability.
It's been a long time.
I read the bbc news pages a lot. Every time I see that Bill was involved, I just skip over. He'll write anything... as long as it is absolute garbage.
Let's say you put your money in a bank. The bank, in turn, puts your money in a safe. It just so happens that the safe has a subtle flaw in the door hinge that makes it vulnerable to robbers; neither the safe manufacturer nor the bank knows about this vulnerability. So when the bank is robbed, who is to blame for the loss of your money? The bank? The robber? The safe manufacturer?
Your automatic blame of software vendors is analogous to always blaming the safe manufacturer. But the only contract you had was with the bank, who had the responsibility to protect your money. Their failure to do so breaches your contract. Consumers can really only directly blame the service provider who failed to protect them.
The bank, on the other hand, has two recourse options to consider: the robber and the safe manufacturer. While the robber had specific malicious intent (stealing money), the safe manufacturer operated in good faith and indeed their purpose in business is to attempt to protect against such crimes. The only way the safe manufacturer could be legally responsible for the robbery is if 1) they knew the safe was vulnerable and yet did nothing, or 2) the safe's design was so poor as to be criminally negligent.
Given the huge amount of design consideration and effort that security receives in modern software development houses, proving criminal negligence would be a very difficult challenge indeed.
And finally, I despise the fact that lawsuits are everyone's first thought when they don't like a product. "Have a problem? A lawsuit can fix it!" It's a preposterous system stacked against those businesses who try to operate in good faith. The best idea I've heard in years is to force lawsuit losers to pay for court costs and legal fees. That would make people think twice before filing frivolous lawsuits. And don't tell me it doesn't happen. I've been sued twice for absolutely RIDICULOUS stuff. My insurance company settled each case for a nuisance fee, which was all opposing counsel was looking for. A distant cousin of mine is a personal injury attorney, and my skin crawls when I hear about some of the things he has done.
Instead, if you don't like the service you're getting, vote with your feet and encourage others to do the same!
Implementing responsibility in software is desirable -- and unlikely.
At the bottom of the problem (surprise, surprise!) we find money. Software development requires expensive human labor and support; the software industry already limits its investment in quality assurance and support. To fully test every piece of software for 100% (or even 99%) reliability would drive software prices spiralling — you would see no free software movement, no open source, and be living with a very limited selection of corporate software at cocaine-like prices. Witness what has happend with liability lawsuits and medicine, driving costs to astronomical levels.
If anything, the success of the software industry could be attributed the its very lack of guarantees. It has few material costs; anyone with a $500 PC can start a software business. You don't need to guarantee your product, and society is conditioned to accept broken software after years of living with Microsoft's badly engineered products. Companies ship erroneous code to customers, knowing full-well that it can be patched later.
Do I think software should provide guarantees? Yes. Will it happen in my lifetime? Not unless society changes dramatically.
All about me
There are actually two cases, software that requires the user to pay a fee for the right to use it and software that is free.
Free software may come without any guarantees, but should be distributed with source.
Pay software should also mean responsibilities for the company/person behind the software. This will increase the quality requirements that applies before the software is on the market.
And yet another issue is that if a company drops support for a software, then that company shall also lose the copyright to that software and have it placed into public domain.
Sorry for any incoherent typing - I'm a little tired...
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
The board of governers take backhanders from IBM, why would anybody trust them too comment on others.
I agree in principle that software vendors ought to stand behind their software, but in practice there are a lot of problems. One is that even rather ordinary pieces of software are much more complex than most physical products and therefore much more difficult to test properly. Another is that only major companies would have the financial resources to bear much of a liability burden.
It seems to me that we can require a certain minimum level of performance because it is easy enough to test whether a product does its basic job. What is much harder to require is that a program never crash or that it have no security flaws. For these kinds of problems, I wonder if insurance wouldn't be a better solution. For one thing, the insurer would bear the basic financial burden, not the developer, so it wouldn't be a problem for small companies and free software. For another, insurance companies know a lot more about dealing with this kind of thing. They know how to estimate risks, how to find out who's telling the truth about what happened, etc. It would also make clear in advance what kinds of bugs are of concern.
What I'm thinking of would work something like this. Say you're a small business for which a database is important. You would go to your insurance company and say: "We're going to run Access on a 686 under Windows XP. We will lose X thousand dollars per day every day our database is down more than one hour." The insurance company will figure the odds and for a suitable premium insure you against that risk. This would also help to promote quality software since it would be cheaper to get insurance for better software.
If I buy shitty $10 watch and it breaks in an hour, or doesn't even work after I unpack it, I get a warranty replacement. The same applies to cars, buildings, airplanes, even computers. But not computer software. You pay through the nose for some software package, and creator's responsibility for "actuall fitness to any purpose", advertised or implied is none.
/. that some of the regulars will even defend big software houses for what is a blatant abuse of basic consumer right -- a right to working product.
Just don't tell me, that software is more complex than Boeing 767. And if you count all the copies of Windows or Office, you'll see that Microsoft takes MUCH more money for its products than Boeing, while investing none of it in QA.
Software companies lobbied and bribed enough politicians around the world to effectively destroy the idea of warranty for software. Today even such an idea is so strange to the readers of a site like
Robert
Bastard Operator From 193.219.28.162
The comment about a puslisher requiring idemnification is a bit irrelevant to the situation at hand.
Let's assume for a moment I write a "bulletproof" piece of software. Checked every condition, made every test, did everything possible to make sure it never "failed" (for some definition of failure).
What about your hardware? What about the OS? What about the 300 windows trojans that reside on your system? Am I responsble for what happens when they cause the program to segfault/bluescreen? Do you blame Microsoft/Linus Torvalds/*BSD teams? Do you sue all the trojan writers (that would be nice, but really... )?? These are problems no publisher has, assuming their printing machine works that's the end of their "interoperability" issues, that is about as unlike the software world as you can get.
The key point this person misses is that "software" often isn't a single thing you can point to and say "that piece broke!". Occasionally its obvious something was crappily designed and should have been caught, but often it isn't. If an application in windows crashes... was it the OS? the application? the fact I had 10 viruses running? the anti-virus progam I installed that does wierd things to my PC and slows it down by 10% (funny how that sounds like a virus isn't it)?? Who the hell knows. And unless and until you can get every single piece of a system to pony up and write "bulletproof" software, this situation will not change.
I'm not advocating the current situation is good or that everyone shouldn't strive to be better, certainly much can and should be done. But I'm not holding my breath to wait for it...
Yet I can't do anything when a company produces software that exposes my online banking details to any script kiddie with time to spare, because I've agreed a license that removes such liability
Well, first of all, who produced the actual "flaw" in question? Was it the software developer, the ones who made modules used by the developer, the ones who produced the Operating System the software runs on... what? Secondly, if you mistake one acid for another, that's an obvious mistake with potentially fatal repercussions. However, nobody is attempting to "hack" your mixture so that it would produce a fatal mixture (perhaps by switching the labels).
There is an undefined line here. If you were running a machine which performed laser-surgery, and the software crashed because of a buffer overflow, then the developer might be liable. But the bug might actually be caused by bad RAM, as there would be no proper way with the given input to cause the overflow. Checks could be inserted for this, but maybe those would product code that would be too slow for the given delicate operation. If it is an obvious coding error, then yes the developer should be liable... and in fact no shrink-wrap license would likely protect them.
Lastly, end-users are somewhat at fault here. If you're expecting your bought-in-1994, win95, IE4 system to run error free, chances are it won't happen. If you're running windows to control your Aircraft Carrier, chances are it's not the best idea. If you click on the link to install "free weather and calendar software" and it reports to home on your web-habits... too bad.
There's a lot of blame to go around. Licensing certainly doesn't exempt one completely from blame, but then if you're using OSS (or other common licenses) licensed software on a machine used for doing laser-brain-surgery... because you should have your own head examined. There are plenty or real-world licenses that limit liability depending on use. Don't use a mercury thermometer to monitor the temperature in your reactor, and don't expect common licensed software to fit your every need.
What's wrong with a "lemon law" which says that if you say a computer program does X, Y and Z, on such-and-such a platform, then you are entitled to expect it to do X, Y an Z on that platform? And an expectation for businesses, retailers, etc, to honor that?
America is lawsuit-happy, because that's often the only way to get things done. NOBODY takes responsibility for their share of the problem, preferring to push everything onto somebody else. Honesty is optional, integrity is available for a price and selling to ignorance has become the norm. (It wasn't too long ago that American software giants tried to push a bill through where it would be illegal to review software without their permission. I'm not 100% it actually failed.)
If I install a Linux package under Windows, I have no business expecting it to work and should have no right of complaint. Unless it was sold as a Windows package. If I install a Windows package under Windows - correct version, correct platform, everything to specs - and I discover that it has errors even the most superficial QA should have spotted (such as not working at all), then I should also have a right - at the very least - to my money back. This isn't about fixing every bug (or shouldn't be), but about providing what has been sold.
And that's the crux. If Microsoft had (as has been claimed) 65,535 known bugs in the Windows 2000 database at the time of release, then it should have come with a warning that serious defects were known to exist and that not everything would behave as expected. The documentation should also have been modified to note anything that seriously deviated from the behaviour as published. That would have been honest. Sure, fewer people would have bought the program. If Microsoft had needed to do this, they might even have held off on the release until the more user-visible bugs have been cleared up. But would that have been so terrible?
I've no problem with buggy software being released, but software companies should be honest about when there ARE bugs and how serious those bugs are likely to impact typical users.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Blair says the BBC hates America, but MSFT says open source hates America too?...
**My head asplode**
I am Spartacus
My understanding is that, in the U.S., software specifically IS NOT classified as a product under law and therefore has no requirement of merchantability nor fitness of use. There is no "product" liability. One of the reasons I object to the misnomer (application) "architect" is that the role in no way carries the professional responsibility the term implies. No role in software development does. If software procurement decisionmakers understood that an EmpireCorp software publisher had no more legal liability in this regard than Openly-Talented-Programmer-Enterprises, it might level some part of the playing field.
This has nothing to do with FLOSS licenses though.
I don't see anywhere in the IE6.0SP1 license where it says they will gladly compensate you for these things should they occur...
the same thing. Or any other industry for that matter. Every responsiblity/liablity a corporation or individual has has been forced upon them for the greater good. Software will have its time too. Software is young and as such gets away with more. Seat belts didn't become mandatory in cars overnight. And laws that force you to wear them didnt happen over night either.
The second problem is when the license (and/or other published material) is vague, contains serious omissions or is flat-out wrong. If I were to buy a wordprocessor but be given a blank CD, then I would want my money back. I've not been sold a damn thing. Legally, though, I'd be entitled to nothing since there's no guarantee there's even a product.
The third problem is with the assumption that a case has to involve lawyers AND that it has to be the fault of the consumer. In the case of a blank CD being sold as a wordprocessing package, how hard would it really be for a software company to say "oops!" and replace the CD with one that works? Wouldn't that be easier all round? And if there is no product, but they're really just out to rob people blind, is it reasonable for the consumers to say "oh, forgive us oh master! Please, take more of our money and give us nothing in return!"?
Responsibility is a shared thing, always. So share it!
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
What a great comment. The best I've seen on Slashdot all day.
Disclaimer (I am aware of the irony): IANAL, studied it to some extent, but my real interest is math/statistics.
My answer to Bill is fairly simple: because the software industry is still in development stage. Pretty much all new technologies/activities get a "liability free ride" when they emerge. This is usually because holding a technology/activity liable for the damages it causes at an early stage could kill it before it can get a chance to mature and be useful to society (as many reader pointed out, holding a company liable for their software would hamper the development and could have killed the industry 10 or 20 years ago. today, I am not so sure). This can be seen as the price we pay as a society for the benefit of having the developing technology. Cars, trains, consumer products have all caused their fair share of victims in their early days. They are still a lot of victims from these technologies/activities, but now those who profit from them are held liable for their negligence (and sometimes they are held liable even when no fault can be attributed).
The transition usually occurs when the technology becomes an integral part of our society on which we all rely. The transition can be very long, sometimes it begins in courts (ex: car industry) sometime legislation is required (ex: work related accidents) when the judge are reluctant to create a precedent. So the real question is thus: When is the software industry going to be held liable and to what extent? Maybe software is different and it will avoid liability. I very much doubt that and I think MS and cie's would agree with me. This is why EULAs have been so vocal about the issue of liability. Companies, don't expect this to hold forever (eventually there will be limits to what can be waived by a EULA) and so they make sure they get to keep as much as they can from the "liability free ride" when eventually it is agreed that enough is enough. The reasoning is simple: the more you have to start with, the more whining and kicking get to do as courts or legislatures are taking it away from you.
Before this comes around, it might take quite a while. There are various reasons for this but here are two important ones. First, the damages caused by software are hard to assess and more importantly they don't tend to be bloody (reading old judgments on car accidents makes you feel lucky that you we live and a world where car companies were forced to get their shit together). Second, the average computer user doesn't know what to expect from software: is it normally that my OS crashes and I lose everything I had worked on? How secured can I assume my OS or applications to be? Granted, not the most insightful questions, but you get my gist. Without any knowledge of how software works most people will assume that they did something wrong, not that something is wrong with the software they are using. More people will need to become computer literate before the software industry is be held to high standards as a whole (i.e. not just through contract agreements like many of you mentioned in you posts. By the way, contract liability was also the only liability for manufactured goods until Donoghue v. Stevenson, so such a move away from contracts wouldn't be ground braking).
Maybe the software industry will manage to dodge its rendez-vous with history, but I very much doubt it. Eventually software will cause problems of such magnitude that those would directly benefit from it will be held liable for the damage regardless of the stipulations in the respective EULAs (by the way, you cannot waive EVERYTHING through a license or a contract, it is against public order to do that). As far as I am concerned, it is a matter of time and bad luck, both of which are very hard to avoid.
So what about free software? Well, like I have said, those held liable have traditionally those who benefit from the activity. So it will be an issue of whether free software developers will be recognised as benefiting (sufficiently?) from people using their software or no
The problem is that writing the kind of code proposed is
1) Very expensive (easily 100 times the cost of the code delivered now
2) Much slower (Easily 100 times longer to get the functionality
3) Still won't stop exposure to bugs. Even military grade code written at 100 times the cost and in 100 times as many man hours still has a bug or two per 10,000 lines.
4) May not function fast enough on available hardware.
---
If something becomes an issue, then it will be addressed - but there will always be new issues in non-trivial code.
At a minimum, I'd prefer to have a choice between expensive safer code and risky but free/fast/gives me the functionality I need now instead of in 2 years code.
She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
TFA has nothing to do with FLOSS licensing, you idiot.
"If we had to ensure that everything worked all the time, software would actually work and there would only be high quality software." "Oh, I hadn't thought of that", says the non-developin' ma'fukka. Fix you're shit skippy.
It is also the western outlook that teaches, I can do what fuck I want and if you get in my way don't complain I stepped on you. As an individual you have a responsiblity of you're actions. Don't you?
I dont think I should be able to write the next great virus, GPL it, then go I wash my hands of it. Knowing in the back of my mind what will come of it.
I distribute my software for free, in the hope that it may be useful - to you, among other people. Consider it a gift. If it breaks it will even send me a bug report, and I'll look at it for you for free. Oh, you want to be able to sue me if it breaks? Then I shan't give it to you.
I'm old enough to remember when discussions on Slashdot were well informed.
This whole article could be done away with if people realized one small thing about the terminology: when people talk about "accountability," what they mean is "I want to it to be someone else's fault."
In the mean time, perhaps he should go have a nice cup of H2SO4... err, I mean H20. Oh crap, do I need insurance now? Or will I get lucky and see a steep decline in the idjit population after this comment, leaving no one to sue me?
what he is suggesting is that we some how can write flawless programs that never have any holes or break. just another idiot jorno with no fucking idea, nothing to see here move along.
If you mod me down, I will become more powerful than you can imagine....
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
So when the bank is robbed, who is to blame for the loss of your money? The bank? The robber? The safe manufacturer?
None, because the bank has a CSD (Combination Safe Depository) policy that will cover the loss. And when the bank calls their insurer to make the claim, the likely response will be "Well who did it? Elvis? Bigfoot?" along with a few disbelieving chuckles.
Speaking as someone who worked a good number of years for an insurer that sold such policies I can tell you that claims on CSD policies are as rare as hen's teeth, and even then most involve water damage (roof leaked, plumbing failed) or Suzy Creamcheese rented the same box to two people. Claims involving someone actually breaking into the safe are so rare that you can buy millions of dollars worth of protection for a few hundred bucks - the risk is that low. Underwriters consider the policy to be "gravy", and I think the only reason banks buy it in the first place is so they can tell their customers they're insured to umpity-ump Millions.
The point of this dissertation being that Safes Are Safe. Because banks have a powerful interest in making them so, to counterbalance the powerful interest that Bad People have in breaking into them.
If software companies put the sort of time, effort and research into making their products save that the bank vault builders do, I (and I imagine everyone else) would be a hell of a lot happier.
One thing one must consider is proper use, and chance of error.
Take condoms, for example. They can help protect against pregnancy and/or STD's. They can also break. In a reasonable situation you should be able to expect some safety in using them, if you use them properly. If you think that wearing a condom is going to make it OK for you to head on down to 3rd and Main every night to pick up a $10 date... well you don't sue Trojan when you get a little more than you bargained for, no do you?
If this were ever enacted as a law or requirement, developers would just mark everything Beta. Software is never finished, it can always be improved. Gone are the days when you could know exactly what was going to happen with your code. As soon as hardware is free from defects and hardware manufacturers are liable for defects that cause software developers to lose since they would be liable for defects, then it would be fair. Can anyone say Pentium? Remember the divide by zero? Recommending drinking sulfuric acid is like that one auto racing game where the company put porn in their game, stupid. Rockstar lost the battle on that one, so if you're an idiot and intentially do something then you're agreement doesn't release you from liability.
You just said that you agreed. So WTF are you complaining about? If you don't like this situation, then don't agree to it. You people who don't know how to Just Say No are why we still spend taxpayer money on fighting the drug war, why we have minimum wage laws, why insurance is so expensive, why taxes are high, why lawyer is such as lucrative profession.
It wouldn't be as bad if you acknowledged that you could Just Say No but choose not not. But nooooo, you have to pretend that Just Say No isn't an option, because you're a fucking pathetic irresponsible big-government-loving crybaby robot.
You talk about reponsibility, but when it's your turn to reject someone's "unacceptable" offer, suddenly responsibility is for other people. Face it, you're complicit. So either quit your bitching, or start doing the right thing. And doing the right thing doesn't mean go crying to the government to force everyone to have to pay for bonded software. It means standing up for yourself and creating a market. Keep the fucking government out it, because not everyone is part of your market, so we all shouldn't have to pay for it. I like cheap software, but because I'm not a total moron, I have managed to completely avoid all your horror stories about security breaches and viruses and so on. Maybe it's because I exercise judgement instead of just blindly trusting everyone to produce the good stuff. It works for me, and it would work for you too, if you had two brain cells to rub together.
Here's an example of judgement. (You'll see how easy this is, I promise.) You're on vacation in Haiti, hanging out in your hotel lobby. A prostitute solicits you, and says you don't even have to use a condom. You think back: the last time you did this, you got Hepititus. Some other dude in the lobby mention to you: "hey, I got AIDS from that prostitute!" Someone else says, "I got Herpes from her, and we even used a condom." Just then, she reaches under her skirt to scratch an itch, and when she pulls her hand out, a bunch of crabs fall off her hand. Now here's where your judgement comes in: do you accept her offer?
Too hard? Ok, here's an analogy. There is a software company -- I'm not saying who, you'll just have to guess -- who has a reputation for releasing crappy insecure product after crappy insecure product. Their reputation is worse than the 1974 Ford Pinto's and Firestone's tires. This company's reputation is such that they are not merely known by nerds, geeks, hackers, and computing professionals. Everyone, even the most ignorant layman, knows that when you buy their stuff, you're pretty much guaranteed to have a horrible experience unless you are an expert. Do you choose to buy or use their product? This isn't a trick question. It's really as easy and simple as it looks.
Ah, but I know your answer. You answer is that the government should force the software maker to try to make reliable software, and the government should require that all sexually active people be tested every week. Because Big Brother knows better than you and has your interests at heart. If He solves your problem, then you don't have to think.
Thanks for the free horse and all, but the mouth doesn't look so good.
"Technology analyst" indeed.
Well, at least the word 'anal' is in there.
The reason I call him a moron is simple. He has
never done an honest day's work in a modern
computing site. What if your app crashes because
the database vendor made an upgrade? What if a
previously problem-free null pointer read breaks
when the vendor updates the kernel?
Not to mention that it is impossible to prove that
any program, together with associated operating
system and hardware drivers is correct.
Sadly it seems that "analyst" means: I mouth off,
get paid obscene amounts of money, drink it all in
flash London clubs, err....profit or liver failure!
You're making a specious argument. When you release your software, you accept responsibility for its impact on other people. Nothing you say alters that. For example, you might enjoy making children's furniture that also happens to burst into flame. If you keep it all to yourself, that's your problem. If you let other people acquire the furniture, then nothing you can say will eliminate your responsiblity for distributing a dangerous product.
If you are unwilling to accept responsibility for the damage done by your code, then don't let anyone else use it.
-- Slashdot: When Public Access TV Says "No"
Has this guy ever heard of the concept of "AS IS"? You go to an auction and buy a used toaster its sold "AS IS". Your responsible if it burns down your house. Same goes for GPL code, don't expect people to agree to be sued for something they gave away for free. If GPL authors start getting sued I'll start putting out code anonymously.
given the software industry is so full of bull shit in so many ways, including but not limited to software patents dillusions...
This is like expecting roman numeral accountants to be held liable for not being able to do algerbra.
Software is all about mindset, the mindset of the programmer(s) imposed upon the users of the software.
Faulty logic of a creature of emotion and deception is quite common.
I think these are good reasons why software should not be held liable, nor should it be closed source of patentable. But rather open to modifications and imporvements.... but mostly in the development process.
For common software creation to be as easy and common to create as using a calculator to do common math... well then where would the liability fall?
Do you sue TI because you punched in the wrong numbers?
Well moderate me troll if you like, but the man that wrote TFA is a fanny, his crap is not worth reading, his "views" are always copied from somewhere else and he has contradicted himself many times in the past. His job is to bring the word from the street to the masses, but generally he just embarasses himself.
When it matters (e.g. life support machines) software is guaranteed and the license has no waiver of rights - even if it had it wouldn't be held up in court - look at the Concorde guys in court just now, not precisely the same, but basically they said their design was OK, even when they had evidence to the contrary, now they are being held accountable for it. Truth of the matter is that desktop software is good-enough TM, I'd rather go with the current licensing (free&closed) than hamper development further by introducing the chance of litigation. And the thought that something given away for nothing can ever have a license that accepts liability is laughable, if you don't like it - don't use it. This is typical of the nonsense this guy spouts
Yet another case of people not willing to take responsiblity for the rope that is given to them and they end up hanging themselves. I have worked in the computer/tech service industry for over 15 years and I have only rarely seen computer problems originate from the technology itself. Almost all the problems originate from someone attempting to use the software in some inappropriate or ignorant way.
I don't know where this idea came from that one should be able to use something with out any sort of learning curve. We all have had to learn how to speak, read, write, balance a bicycle, drive a car, factor a quadratic, play monoply, whatever. It takes a carpender a lifetime to become an expert craftsman, but to learn the basic skills takes a few years--computers are no different. In my experience most people just don't want to learn, and when it breaks want to blame someone else because they didn't take regular backups, they loaded spyware with their Share-AZA, they keep getting viruses because they haven't installed a reasonable firewall, etc.
As for trying to blame GPL software authors, again this is blaming a guy who saved your life for saving your life. GPL authors have been nice enough to share the creation with us, have given us the option to use it for free, and modify it, fix it, use it in another way altogether, all for free. I think people keep forgetting that they have the freedom not to do things: as in not use computers because if they don't like them and they don't like software that is on them. So please do us all a favour and your complaining. Then they can either start writing their own, or exercise your freedom and don't use a computer. Which part of "use at your own risk," "no warranty," and "free of charge" don't you understand?
If I write a piece of software and I want to share it with people. I created a solution to a problem that worked for me; but if it doesn't work for you why should I be responsible for the consequences, consequences usually arising out of ignorance 9 times out of 10 in my experience.
Lastly, keep in mind that someone isn't going to die if your Linux box, or MacOS X box core dumps, or your Windows box bluescreens. There is a very good chance that if your brakes fail then someone could die, or at least be seriously maimed.
America has shitload of lawyers that WANT YOU to take responsibility of your software so then they can sue you and make a living right of you. God bless the licenses that double-crossed and whiped them out. The sole purpose of Microsoft License agreement is to eliminate responsibility and law suit vulnerability so the greedy lawyers are canceled out.
This is basically about torts law as far as I can tell (and modifying it through contract). So basics of tort law:
.02c (AUD)
I do X.
It affects you.
It was reasonably forseeable to me that doing X would/could affect you negatively.
X really was the cause of your negative experience (not combining X with Y which was totally in your control)
[last step varies in various Anglo-derived jurisdictions]
A lot of the screaming lately is about b0rked torts law: medical malpractice suits out of control, city councils held to ransom, schools expected to act as babysitters, blah blah blah.
This is more of the same: tort law is basically a policy choice (as is proved by the fact that many jurisdictions, New Zealand, a few of the US states - can't remember which ones) are either altering or abolishing torts as explained above. What has happened in the computer industry is that there was a policy choice (mainly implicit since it evolved over time, from the point where users were tech geeks who were qualified to have written the stuff to the point where shrink-wrapped components were the norm and everyone had a couple of PCs at home) to limit liability to a great extent and risk a lot of security vulnerabilities in favour of racing ahead at breakneck speed.
For most shrink-wrap users in the early days, a computer crash was annoying but nothing more. Now, when computers have become so central even to people who don't have any interest in the box at all, these policy choices are being reexamined.
Personally, and this is probably because I'm comfortable with fixing the box and backing up etc, I say give me more features. I've had iPhoto and iTunes crash on me, but if Apple were held responsible and had been for the last ten years, mp3s may not have been developed and digicams would be the stuff of scifi...
just my
Pessimism of the intellect, optimism of the will! - Antonio Gramsci.
Sounds like yet another assault on the GPL. If you dont do the work you cant reap the benefits. I'll wager this was a long time MS user who tried to install slackware without reading the FAQs.
However, if they designed a car that allowed you to, for instance, hit the end of the ignition lock once with a hammer, and the whole thing would fall out so you could start the car with a screwdriver, complete with unlocking the steering wheel, then yes, they should get sued if someone steals your car.
I remember something about this happening to Chrysler in the late 80's, possibly early 90's with their minivans. I can't find any reference to it online, but if it was the late 80's, that doesn't surprise me. You could give a single sharp blow to the ignition lock and the whole thing would break out of the steering column. I seem to remember them getting sued for this, as Chrysler minivans were the number one stolen vehicle for a couple of years running, even above the Mustangs, Camaros, and Corvettes. I also seem to remember them losing the lawsuit. Now if only I could find any evidence to back me up.....
"City hall" in German is "Rathaus" Kinda explains a few things......
What he wants us to do is:
- If a program is going to be vulnerable to a hack then fix it else release;
This is equivalent to:There is no way in fucking hell that you can do either one! This guy has no clue!
If you are a programmer and don't know who Dykstra is then your education has been seriously brain-damaged, everyone else can google.
The Slamlander
Neuchatel, CH
Actually, consumer software is not so bad, if you compare it to the software that is supplied with scientific instruments and research tools. This is a relatively small market, and its buyers have put up with software quality standards that are below par -- in part because so few of them are programmers themselves. Even at the high end of the market -- and that means upwards from 200,000 euros list price -- you will easily find instruments that fail because communication protocols have not been implemented properly, there are substantial memory or resource leaks, or methods have *never* been tested under remotely realistic conditions. It is fairly common to encounter software there that has incorrect storage of logs, writes data in absolutely impractical formats, or cannot re-export data (that it has internally!) if the first export attempt failed. If you study it more closely, you will find complicated DLLs or ActiveX interfaces, designed and used to control expensive instruments, that are undocumented or incorrectely documented. And as for the design of most user interfaces, it doesn't bear mentioning. And you would be mistaken to assume that the supplier of an instrument that is worth a house (or several houses) takes liability for bugs in its software. In fact, it is not impossible that they will actually charge the buyer for correcting their bugs. The good news: Most of these suppliers are glad to receive customer feedback...