Slashdot Mirror
BBC Commentator Goes After Software Licensing
An anonymous reader writes "Bill Thompson, a regular commentator on the BBC World Service programme Go Digital, criticizes current software licenses (including the GPL) for giving developers 'freedom from responsibility which would be considered wholly unacceptable in almost any other sphere of activity, public or private'." From the article: "A friend of mine is a children's writer. When she writes a non-fiction book she is typically asked to sign a contract that indemnifies the publisher against legal costs resulting from errors of fact in the book. If she was to suggest a school experiment that involved drinking sulphuric acid, because she'd confused it with acetic, then she'd be in big trouble. Yet I can't do anything when a company produces software that exposes my online banking details to any script kiddie with time to spare, because I've agreed a license that removes such liability. "
You can always sue a service provider (bank, etc.) for such things as making your personal information public. They in turn however, cannot sue the software company (necessarily) because they (the bank) had an opt in. You can sue bacause you had no say in what systems the banks use, so you cannot be held accountable. You didn't agree to waive your rights and to accept liability.
Put yourself in the bank's shoe however. When you install an OS or any application that comes with a EULA, you have the choice to not use it if you don't agree. It's not ideal, and it puts you at risk, but you have a choice. That will always be the deffence of the software companies.
The argument can be made however that you actually DON'T have a choice, only the illusion of one. If you need to provide a service (or rather, have a service provided to you) and every product out there has a self indemnifying EULA then what option does a user have?
- I didn't spel chek
http://www.watacrackaz.com
Well, then it's a damned good thing he didn't use that analogy, isn't it.
In fact, he didn't use an analogy at all, since author is to author isn't an analogy. He merely brought up the indemnification of the publisher to illustrate that in fields other than software authors can be held accountable for what they write and publishers do not wish to be the "deep pockets" target of the accountability.
And software has publishers too.
KFG
It's wrong for people to make excuses for bugs in code which expose my personal information to hackers, stalkers and marketers.
Bite me. Programmers don't control the schedule. They also don't decide when to ship, or to delay bugfixes for browser exploits for months. That's all up to managers - they control the schedule and the priorities are.
"We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
No, the point of a journaled file system is to maintain the consistency of a file system even if the system shuts down unexpectedly. This is done by writing all the changes to be made to the filesystem into a journal first, ensuring that the journal has been written to the disk, marking the journal entry as complete and then writing the changes into the disk. If that write gets interrupted, the system will simply replay all the writes in the journal the next time it boots up, resulting in a clean file system.
The point here is that the journal is a temprary place to keep modified disk sectors in, not a long-term activity log. And even if it was, could the court really trust a log that came from the machine of one of the parties of the trial ?
Forget magic. Any technology distinguishable from divine power is insufficiently advanced.
Let's say you put your money in a bank. The bank, in turn, puts your money in a safe. It just so happens that the safe has a subtle flaw in the door hinge that makes it vulnerable to robbers; neither the safe manufacturer nor the bank knows about this vulnerability. So when the bank is robbed, who is to blame for the loss of your money? The bank? The robber? The safe manufacturer?
Your automatic blame of software vendors is analogous to always blaming the safe manufacturer. But the only contract you had was with the bank, who had the responsibility to protect your money. Their failure to do so breaches your contract. Consumers can really only directly blame the service provider who failed to protect them.
The bank, on the other hand, has two recourse options to consider: the robber and the safe manufacturer. While the robber had specific malicious intent (stealing money), the safe manufacturer operated in good faith and indeed their purpose in business is to attempt to protect against such crimes. The only way the safe manufacturer could be legally responsible for the robbery is if 1) they knew the safe was vulnerable and yet did nothing, or 2) the safe's design was so poor as to be criminally negligent.
Given the huge amount of design consideration and effort that security receives in modern software development houses, proving criminal negligence would be a very difficult challenge indeed.
And finally, I despise the fact that lawsuits are everyone's first thought when they don't like a product. "Have a problem? A lawsuit can fix it!" It's a preposterous system stacked against those businesses who try to operate in good faith. The best idea I've heard in years is to force lawsuit losers to pay for court costs and legal fees. That would make people think twice before filing frivolous lawsuits. And don't tell me it doesn't happen. I've been sued twice for absolutely RIDICULOUS stuff. My insurance company settled each case for a nuisance fee, which was all opposing counsel was looking for. A distant cousin of mine is a personal injury attorney, and my skin crawls when I hear about some of the things he has done.
Instead, if you don't like the service you're getting, vote with your feet and encourage others to do the same!