Taking On Software Liability - Again

An anonymous reader writes "You may remember an article in which a BBC correspondent wrote an article criticising current software licenses. In answer to the huge discussion that this brought about, he has written another article defending his views. From the article: 'It is possible to make error-free code, or at least to get a lot closer to it than we do at the moment, but it takes time and effort. Doing it will probably mean that commercially-available code is more expensive and cause major problems for free and open source software developers. But I still believe that the current situation is unsustainable, and that we should be working harder to improve the quality of the code out there.'"

Then let him do it.

[BoomerSooner]

I've got an idea. For non-software developers with great ideas. You program some piece of software for 5 years and then warranty against any bugs or failures. Oh btw, it must be priced competitively with current offerings. This guy can go wank himself in a corner somewhere. Perfect software doesn't exist. If you want something done right, your best bet is to do it internally to your company instead of outsourcing. Walmart is a perfect example. Do it right with people that feel they have ownership in the software they are creating and you'll get a better product. Plus, Arkansas (and my state too) are like Bangladesh anyway in the wages paid to software developers.

Re:Then let him do it.

[swillden]

Didn't say it was easy or trivial (its not). But it is humanly possible.

And it's humanly possible to run a marathon in less than 2.5 hours, but if you have to move a large number of people 20+ miles on foot, you'd better expect it's going to take a little longer than that.

"Humanly possible" in no way implies "doable on a large scale", and that's what we need. A *lot* of software must be written, so you have to expect that most of it will be written by average programmers. Implying that they ought to be able to because Don Knuth can do it makes no sense (and as Goonie pointed out, Knuth had some other advantages, like no marketing dept pushing to get the release out before the next trade show).

I'll agree that software could be better than it is, but TeX is not a useful data point.

Re:Then let him do it.

[Anonymous+Brave+Guy]

All we need to get perfect code is programmers of Don Knuth's caliber.

Perhaps. Then again, perhaps not. We all know that informed, skilled geeks are usually the last people who are turned to when it comes to software project management, which is notorious for prioritising deadlines ahead of working code, cutting corners on quality controls and testing, not adhering to recognised (by conscientious geeks) best practices, etc. Usually, the reason cited for this is cost: "But we can't be competitive if we do it properly and others don't!" Well, that's kinda the point of TFA: if everyone has to do it properly, that no longer matters.

Yes, I imagine that really will dramatically reduce the rate at which software is produced, at least at first. However, is that any great loss? Look at the financial damage that a single security flaw in a widely used piece of software can cause. Look at the cost in human life of a serious software bug in fields like medicine, transportation or energy services.

It's clear that left to the short-sighted bean-counters, fatal (literally) bugs are shipped in the name of profits. It's also clear that we can do much better: most software development places I've seen don't even have basic code reviews in place, yet research shows that simply getting a second pair of eyes on every single line of code you submit can remove around 5/6 of bugs before they're even checked into the source control system. Look at the amount of poorly-designed spaghetti code that gets written. This sort of bug-ridden mess happens on even pretty good projects today, and it's entirely unnecessary.

Don Knuth is not the only good programmer in the world. Perhaps if software vendors (not those who give it away - you get what you pay for) were legally responsible for their work, the rest of the good developers who are capable of running their projects to much higher standards would be valued as much as they should be, and the profits-over-safety culture that currently dominates software management could be wiped out in the interests of everyone. I doubt that would produce much perfect software, but it would certainly be a lot better than it is today, which is in the interests of everyone (except cheaposoft developers, but including developers who produce products of quality).

Re:Then let him do it.

[melikamp]

You are missing the point, though not as badly as the grandparent.

It takes a genius to write an amazing program like TeX or Emacs, but no genius is required to write a program that is free of bugs.

To compare with something I understand, it takes a person like Gauss to prove the law of quadratic reciprocity, but even a very average graduate student can understand it and to check that the proof is correct.

As a working mathematician with some background in computer science, I am willing to attest that writing low-level software is wrought with many perils which mathematicians never encounter. Closed source, incompatible devices, hardware failures -- factors like these make programming a device driver very different from proving a theorem. But, in my humble opinion, there is absolutely no excuse for writing a buggy word processor over a well-documented API. In a high-level environment like this a program can and should be designed in a way that allows provability of correctness. Throw in practices like peer review and modular design and you will have college kids writing bug-free software in no time.

Re:Then let him do it.

[amelith]

You seem to be assuming that bug == logical error when it's often the case that a bug is either something that wasn't even considered in the original requirements / design or the result of a set of circumstances that weren't properly tested for "because it can't happen".

There is also performance to consider. Your bunch of college kids may write code that's mathematically correct but when assembled processes 1 transaction a second. This sort of thing occurs with frameworks like J2EE. It's easier to write modular pieces and assemble them it hands you a large performance penalty.

I'm afraid I don't really share your faith in proofs of correctness for large systems. Apart from the problems scaling up these approaches they assume that you can easily mathematically describe how the thing is supposed to behave.

With a word processor this might be something like i18n issues. We might specify, design, build and test the thing without considering the user might not have a us-ascii character set and then it breaks in China. Do we go back to square one and revisit and extend the mathematical model? Then spend x years rippling changes from the theoretical model into the code?

I can't recall seeing anyone use proofs of correctness for something like your word processor example. Can you give me a reference to the literature please as I'm interested to know whether this was successful?

There are arguments for more formal approaches to building software but throughout their working life people are told to 'deliver it quickly and we'll fix it later'. It's a fact of life that people in the 'formal everything' camp need to accept. Programmers don't set out on a project determined to write bugs. Many of them are a result of the poor processes and unrealistic expectations that are endemic in the industry.

BTW I'll take lectures from journalists like the BBC blowhard when he can mathematically prove that his writing contains no errors.

Ame

There's more to it than just the code

[Namronorman]

This guy sounds like he's just full of hot air because of a bad Norton AV installation. If one program causes something "devastating" to happen, who is to decide that it's not the user's fault, the compiler's fault, the programmer's fault, the OS creator's fault (and if it's OSS, who's package etc?), or the hardware's fault?

The computer world if full of many variables and I don't see this happening anytime soon, though with recent laws you never know.

The Market Decides

[the+eric+conspiracy]

The fact is that the market has already decided the answer to this. People buy the least expensive software they can get away with. If the application is unreliable enough to regularly lose data it gets flushed out of the market. If it works well enough and is for the desktop it becomes popular. If it is used in critical applications where data loss is not tolerated they you have stuff like Oracle which people pay $50,000 per CPU for.

Re:The Market Decides

[Husgaard]

The fact is that the market has already decided the answer to this.

And the problem with this guy is that he doesn't like what the free market has decided.

He wants laws to be passed that would make some (or all?) kinds of disclaimers on warranty and fitness for a particular purpose illegal for software.

He wants it in the name of "consumer protection", but he does not realize that the consumers are not interested in paying the higher price tags this would put on software.

The only ones whom this would really protect would be corporations big enough to buy costly insurance against claim. They would be protected against competition from Open Source software and smaller companies that would drop out of the software market because of the risk of liability.

author is obviously unfamiliar with free software

[twitter]

it will probably mean that commercially-available code is more expensive and cause major problems for free and open source software developers.

Everyone knows that most free software, by virtue of peer review, has fewer bugs and errors than commercial code does. If what he means is that you have to be licensed, bonded and "protected" by a corporate staff of 800 pound gorillas to write code, then free software will have problems. Such a missallocation of resources still won't buy him better code.

This whole issue is a troll the non free software companies come up with every few years. It's a mistake for them, however, and will blow up in their faces. Free software will overcome such nonsense the same way Good Samaritans do. Worse, what kind of society would outlaw exchanging of advice on how to do something? That's what sharing source code it. Why not outlaw engineering texts instead?

Bullshit

[EmbeddedJanitor]

You have this attitude because you're a programmer. If civil engineers said "so what, bridges fall down" everyone would be up in arms.

Bug free software is possible, so long as it is done right and people are prepared to pay for it. Right now, software is mainly "good enough" and "cheap enough". What is "good enough" and what is "cheap enough" will depend on what is being done.

Re:Bullshit

[interiot]

Bug free software is possible, so long as it is done right and people are prepared to pay for it.

BINGO. Why not let the market decide?

If it's like earthquake-prone apartment buildings in Tokyo, then it's reasonable to step in and mandate that everyone, no matter how poor, should pay for software designed to a government-mandated quality standard. Until then, why not let buyers and sellers decide on their own?

Re:Bullshit

Civil engineers don't warranty their bridges against hostile attacks (DDOS, worms, trojans), for multiple planets and gravities/atmospheres (Win XP, 2K, ME, 98, GNU/Linux, FreeBSD, OS X, i386, x86-64, PPC, Abit, ASUS, generic) or make it do anything but sit there, not having to interact in any way but to hold things up. What's the software equivalent of a bridge? cp? Let me know when civil engineers make anything as complex as Firefox. The only engineering equivalent of modern software is the Space program, and that stuff does fail. Rockets carrying satellites explode on the launchpad. Shuttles break apart. Dress rehearsals turn deadly with too much oxygen sparking fires. Liquid fuel tanks explode. Insulation melts. O-rings don't expand fast enough due to cold. The list goes on.

Outright crashes of software will disappear with better methodologies (including things like interpreted languages, or C# or Java). However there are a million other complex ways that software can still do something other than what you WANT.

Re:Bullshit

If a bridge falls, people die.

If an order entry system fails, it gets rebooted/patched/datafixed and it's back within minutes/hours, good as new. Some time is lost, but no lives.

Okay, forget bridges. Think appliances.
I heard about a case against Hamilton-Beach because a nut was falling off on their blenders. To paraphrase you, "spin the nut back on, it's back within seconds/minutes". People don't take that kind of crap from things they understand, why should they take it from software simply because they don't understand it?

For software that's life-critical, the quality bar is set much, much higher.

One would hope so, but where are the programmers and managers going to learn how to work that way when the other 99% of software is made shit-poorly? I heard about a $20,000 accounting package that was done in VB. I have nothing in particular against VB, but it's not an appropriate tool to do a large, serious mission-critical system like that. Yet they get away with it because nobody holds them accountable.

Having non-programmers tell programmers that they expect all software to be as reliable as a bridge is ridiculous, particularly since they don't appreciate the cost of what they're asking for. Those programmers silly enough to try and meet those requirements will quickly find themselves out of business when they first ask for $300 million dollars to develop an order entry system.

How about programmers doing it?
All software does not need to be as reliable as a bridge. Mission-critical or life-safety software does. Software sold in high volume should be reliable, because the cost can be amortized, and small defects that only cost a minute or two are multiplied by millions of users to become big problems. That's what class action is all about. Simple stuff like an order entry system should be done simply, and therefore not have problems.

If I buy a product that doesn't work, or that has obvious defects, I have a right as a consumer to compensation from the company that sold a shoddy product. That's part of how we keep companies from knowingly selling crap and pretending it's good. Now, the libertarian view is that if a company is selling crap then the consumers will stop buying from it, but when the whole industry is selling crap and the average consumer doesn't understand the situation well enough to recognize that, what is a consumer to do?

Analogy: picture the auto industry in the 70s. American cars weren't terrible, but the quality control was bad enough that the cars were totally inconsistent. The big three would tell you that making defect-free cars would raise the prices to the point that nobody could afford a car. People accepted this, because they didn't know better. Then the Japanese showed up. They delievered cars that, while not perfect, blew away the big three in terms of quality, and at very reasonable prices. It can be done.

will quickly find themselves out of business when they first ask for $300 million dollars to develop an order entry system.

Now, at the risk of being a Slashbot(tm), I can think of a major software company which has historically been known for low quality, high volume consumer software. I seem to recall that they have something like $40bn in cash on hand. Seems to me that they could afford an extra $300m on each and every product they have ever put out without jeopardizing their company financials. As an industry leader, perhaps that would force other companies put out better software.

Then again, it's always nice to have the easy excuse when my software crashes.
"It's a Windows bug, what do you want me to do about it?"

Re:Bullshit

[narrowhouse]

Large software companies are now getting to a point where they would LOVE this. Current software companies has had 35+ years to build market share with EULAs that say that their products are not guaranteed usable for any particular purpose. The opportunity to change the rules now gives a huge advantage to current market leaders by creating an enormous, artificial, barrier to entry into the market. This would be the best way to kill the growth and competition in the software market. Look at all the other businesses that are encumbered with huge legal liability requirements and you will find business sectors that contain huge, multinational, 50-100 year old companies.

If a company wants to shop around and find a guarantee, fine. Requiring legal liabilty of all software vendors will just create another mess of goverment regulatory groups, certification boards and happy insurance salesmen.

Re:Bullshit

Let me know when civil engineers make anything as complex as Firefox.

Okay, take your bridge. A few thousand rivits. A few thousand cables. A few hundred major steel members. Lots of concrete. These things come from different quarries and foundries where they are heavily processed to make them pretty close to what they are supposed to be. A couple dozen different welding machines run by a couple dozen different welders. Thousands of welding rods, each with a slighly different chemistry.

The bridge sits on a piece of rock (if you're lucky), and you can more or less know what the rock is like and how it's going to behave. The bridge is going to get bigger and smaller as the temperature changes, so you figure out how much and account for that. You design to a specified load, in terms of traffic, wind, and weather, but you use large safety factors so that the bridge doesn't fall down because somebody underestimated a little. Also leave room for shipping traffic underneath. Make sure you allow for things like bombs or airliners hitting the bridge, or a 10,000 ton ship accidently ramming your supports, just in case.

Almost every number is analog. (Try writing a program without being able to use INT types.) Every part is going to be almost, but not quite, what it is supposed to be. There will be dozens of decision-makers. Hundreds of local, county, state, and national codes to follow. Environmental impact issues. Worker safety during contruction.

I've never heard of a software system that even approaches the complexity of a significant bridge. Never.

The engineers have the advantage in working in a much more mature industry, and one that actually cares about quality. The whole production chain pays attention to what it is doing, from pulling the materials out of the ground to putting the final coat of paint on it. (Yet still I can't get parts that actually meet their specs, so that tells you something.) They have practice at it, so while every project is new and different, they have learned from the past and avoid making the same mistakes again.

Outright crashes of software will disappear with better methodologies (including things like interpreted languages, or C# or Java). However there are a million other complex ways that software can still do something other than what you WANT.

I don't know that crashes will ever disappear. The point is that software can be made better, and it should be. The computing industry will never become a mature industry that people can count on as long as people like you excuse yourselves by saying, "We can't make good software, it's too hard." or as long as managers force the team to ship an untested product because they know they can just ship a patch later. Software needs to be held to a higher standard, that's all. Not a pinnacle of perfection, but better than it is. Any professional should strive to do their job better, not make excuses for doing it poorly.

Great

[LWATCDR]

The Lawyers will love it. They will launch massive class action law suites and will make millions. If you are part of that class action you will get one dollar.
The software vendors will not fix bugs because to fix them they have to admit they have them and will get the daylights sued out of them.

He's got a valid point

[MerlynDavis]

The author has a point here. We accept a lot more ... "bugginess" in software than we do in any other product (Cars, Banks, Tools, etc.) And it's pretty much become the norm that if there are problems, folks just shrug, claim it's just software and move on. But if the folks building bank vaults left as many holes in their products as software, people would be screaming bloody murder. I've done software development as a hobby myself, and don't release my code to the public, because I know it's not even up to my own standards of stability, reliability, security. Programmers/developers need to take more time with their products, and think security & reliability from the start of a project, not as an afterthought. With as many products requiring patches within the first couple weeks of release, consumers do need to start getting angry about this stuff. Or, at the very least, start challenging software companies when the products they do release require more MB in patches than the software was originally....

We'll take the "Google News" way out...

[bbk]

Ah, so he wants people who right software to guarentee their work?

Things will then just never make it out of beta, for fear of the law. If the software breaks "Tough luck, it's still in beta, what were you doing using it for mission critical work anyway?"

This "eternal beta" is also used to avoid other sorts of legal wrangling . The most obvious example is Google News - it's "beta" still because google is worried about capitalizing on other people's news content. While unrelated to software quality, because it's an "unfinished beta", it doesn't get sued out of existance.

So, welcome to using software versons 0.9.9 forever... I can't wait.

Our Data:an appeal - a "Plimsoll line" for apps

[NZheretic]

By myself from June 14 2002

However relatively bad the security of Microsoft's products are in comparison to what the free licensed and open source communities ( as well as practically every other vendor on the planet ) provide, Microsoft is not alone in the presence of vulnerabilities, this is a major issue for Linux/BSD and Unix as well as ever other OS and vendor.

From the Plimsoll Club history

Samuel Plimsoll brought about one of the greatest shipping revolutions ever known by shocking the British nation into making reforms which have saved the lives of countless seamen. By the mid-1800's, the overloading of English ships had become a national problem. Plimsoll took up as a crusade the plan of James Hall to require that vessels bear a load line marking indicating when they were overloaded, hence ensuring the safety of crew and cargo. His violent speeches aroused the House of Commons; his book, Our Seamen, shocked the people at large into clamorous indignation. His book also earned him the hatred of many ship owners who set in train a series of legal battles against Plimsoll. Through this adversity and personal loss, Plimsoll clung doggedly to his facts. He fought to the point of utter exhaustion until finally, in 1876, Parliament was forced to pass the Unseaworthy Ships Bill into law, requiring that vessels bear the load line freeboard marking. It was soon known as the "Plimsoll Mark" and was eventually adopted by all maritime nations of the world.

The risks,issues and solutions for providing a more secure operating and application enviroment have been known for decades.

Those who do not already comprehend the issues and are willing to learn, should take some time out to listen to some of the speeches at Dr. Dobbs Journal's Technetcast security archives, starting with Meeting Future Security Challenges by Dr. Blaine Burnham, Director, Georgia Tech Information Security Center (GTISC) and previously with the National Security Agency (NSA)

The design and implementation of some applications and servers are just too unsafe to use in the "open ocean" of the internet.

Numerous security experts have railed against Microsoft's lack of security, best summed up by Bruce Schneier Founder and CTO Counterpane Internet Security, Inc who rightly said:

Honestly, security experts don't pick on Microsoft because we have some fundamental dislike for the company. Indeed, Microsoft's poor products are one of the reasons we're in business. We pick on them because they've done more to harm Internet security than anyone else, because they repeatedly lie to the public about their products' security, and because they do everything they can to convince people that the problems lie anywhere but inside Microsoft. Microsoft treats security vulnerabilities as public relations problems. Until that changes, expect more of this kind of nonsense from Microsoft and its products. (Note to Gartner: The vulnerabilities will come, a couple of them a week, for years and years...until people stop looking for them. Waiting six months isn't going to make this OS safer.)

However Microsoft's products are not alone in the presence of vulnerabilities, this is a major issue for Linux/BSD and Unix as well as any other OS and vendor.

In a recent speech "Fixing Network Security by Hacking the Business Climate", also now on Technetcast, Bruce Schneier claimed that for change to occur the software industry must become libel for damages from "unsecure" software

Re:author is obviously unfamiliar with free softwa

[Xugumad]

And you get modded down. Genius.

Seriously here people, most free software is complete tripe. The popular projects you hear about, Linux, Firefox, etc. are just a small fraction of what's out there. Peer review only works if people are interested in your project.

Open source tends to be written by/for people who care more about stability than features, and that's a major help, but it is not miraculously better. How many people here have actually sat down, and looked over the source of an open source project to check for bugs/exploits?

So you assume everyone can write code?

[xswl0931]

You mistakenly assume that just because someone is given the source code, they are capable of understanding it and making fixes. If your refrigerator manufacturer gives you the blue prints to the frig, does that mean they aren't liable if something goes wrong? Software shouldn't be treated any different than any other product. If there is a safety issue, then the manufacturer should be required to provide a fix. Source code or not shouldn't have any effect.

Software sucks because...

[Jaime2]

people demand that it sucks.

Seriously. For nearly every case, if there are two available pieces of software (OSS or not), most people will choose the one that is more feature rich. Sure, those in a mission critical situation or the poor people that get to install and support the software long-term will demand quality and maintainability. But, those people are far outnumbered by the masses that use software casually.

So, given a limited set of resources, quality will always be just barely up to what people will tolerate. Yes, even in open source software. Example: Mozilla Thunderbird -- They have a feature schedule out right now. About half of the planned features are in the current build. Do you think they'll wait until the code is 99.99999% error free in all situations before comitting time to add features? They have no deadlines, no financial burdens, no one telling them to ship the software. Yet, they will ship it. If they don't, their user base will entirely desert them and switch to a horrible, buggy, alternative (probably Outlook Express). This is simply because people demand cool crap. That's why they buy half the crap they buy, that's why the US has a $250 billion trade deficit with China. We collectively love crap.

Re:author is obviously unfamiliar with free softwa

[twitter]

Seriously here people, most free software is complete tripe. The popular projects you hear about, Linux, Firefox, etc. are just a small fraction of what's out there. Peer review only works if people are interested in your project.

You realize what you said is true, circular and bad news for commercial software, don't you?

What you call "tripe" is what the author wanted to get done and what no commercial software vendor would provide. Score one for free software - meeting user needs.

The "popular" projects do indeed rock and will be better than anything commercial because no firm can match the development effort. Look at the gnu debugger. The last time I checked it had more than 87 authors. Show me a commercial debugger that gets that much attention. That's just one of the thousands of gnu projects that make free software actually work. Score two for free software - in the end, what needs to get done gets done better.

Finally, you are half right about peer review only working on projects that other people care about. If you can't find a single other person in the world interested in your project you have a rare project indeed and won't find any help. Most people are not so original and will usually find dozens of projects that do something very close to what they want to do. So far, so good, where did you go wrong? When you turned a blind eye to the most popular non free software getting no such help at all. For all your customers can tell it was written by a lone monkey paid in bananas who was forbidden contact with the rest of the world. Final score - free software 3, commercial software zero.

This message composed and transmitted on a system run with complete tripe that just happens to have more features and run much better than any commercial software available.

Gamble or hedge: the buyer knows best

[Julian+Morrison]

Computer software has been mostly unregulated. This has allowed us to watch the "invisible hand" of the market in its purest form. Commodity programs have disclaimers, buy bespoke and you get guarantees, pay yet more and you get formally certified code. The cost of risk and the cost of the program are in effect two seperate purchases - product and insurance.

If you force programmers to carry the risk cost, you don't magically get bugfree code. You just delete the no-guarantees market. In effect you're forcing programmers to bundle insurance with every installation. "Free" disappears. "Libre" might survive in an attenuated form - edit "open source" and you become the liability carrier. You might do it in house, but few could afford to publish.

The guy points out that other industry sectors have this sort of law. Yup, they do, and I contend we're all worse off as a result. Amateurs are frozen out, because they can't afford to jump insurance hoops. Innovations are stifled. Saleable skills are wasted. Personal self-expression is denied. Even though all parties are willing, the law stands in between saying "no". This is nothing to emulate!

Nanny liberals would contend they are protecting buyers from risk. As an adult you have to accept that the universe has dangers. You can't wish it safe, and the utopia of your childhood was an illusion. Who then is best placed to decide when you should gamble and when hedge? Philosophically, no action can be said to be "better" or "worse" without a reference to a person whose goals it serves or thwarts. No person can know another's mind. Therefore, you alone are properly placed to weigh the options and decide on your own behalf. At best a law commands you to take your best choice. At worst, bans it. Neutral or harmful, and (given diversity) certain to be harmful to some. This is why regulation is never better than a free market, even in risk.

What do you mean?

[Sycraft-fu]

My car is way buggier than my software. My car is horrible at dealing with unexpected siutations and abuse. If someone attacks it, say by breaking a window, the window is broken and I have to pay to have it fixed. With software, I get mad and demand that they should fix the bug so the attack CAN'T break it. Likewise the car is not forgiging to unexpected operation. If I floor the gas in neutral, the engine will seize up. However I expect that software can deal with unexpected input and not have any ill effects. Also my car costs money for matenance. I have to regularly pay for things like oil to keep it working, however software I expect updates at no charge.

So all in all it seems I expect MORE out of my software than my car.

They are different things, you really can't compare them.