Taking On Software Liability - Again

An anonymous reader writes "You may remember an article in which a BBC correspondent wrote an article criticising current software licenses. In answer to the huge discussion that this brought about, he has written another article defending his views. From the article: 'It is possible to make error-free code, or at least to get a lot closer to it than we do at the moment, but it takes time and effort. Doing it will probably mean that commercially-available code is more expensive and cause major problems for free and open source software developers. But I still believe that the current situation is unsustainable, and that we should be working harder to improve the quality of the code out there.'"

yeah

[jomynow]

not gonna happen its like asymtotical or something. you keep spending money developing and finding buys and keey going yet getting less returns out of it.

Then let him do it.

[BoomerSooner]

I've got an idea. For non-software developers with great ideas. You program some piece of software for 5 years and then warranty against any bugs or failures. Oh btw, it must be priced competitively with current offerings. This guy can go wank himself in a corner somewhere. Perfect software doesn't exist. If you want something done right, your best bet is to do it internally to your company instead of outsourcing. Walmart is a perfect example. Do it right with people that feel they have ownership in the software they are creating and you'll get a better product. Plus, Arkansas (and my state too) are like Bangladesh anyway in the wages paid to software developers.

Re:Then let him do it.

[swillden]

Didn't say it was easy or trivial (its not). But it is humanly possible.

And it's humanly possible to run a marathon in less than 2.5 hours, but if you have to move a large number of people 20+ miles on foot, you'd better expect it's going to take a little longer than that.

"Humanly possible" in no way implies "doable on a large scale", and that's what we need. A *lot* of software must be written, so you have to expect that most of it will be written by average programmers. Implying that they ought to be able to because Don Knuth can do it makes no sense (and as Goonie pointed out, Knuth had some other advantages, like no marketing dept pushing to get the release out before the next trade show).

I'll agree that software could be better than it is, but TeX is not a useful data point.

Re:Then let him do it.

[Anonymous+Brave+Guy]

All we need to get perfect code is programmers of Don Knuth's caliber.

Perhaps. Then again, perhaps not. We all know that informed, skilled geeks are usually the last people who are turned to when it comes to software project management, which is notorious for prioritising deadlines ahead of working code, cutting corners on quality controls and testing, not adhering to recognised (by conscientious geeks) best practices, etc. Usually, the reason cited for this is cost: "But we can't be competitive if we do it properly and others don't!" Well, that's kinda the point of TFA: if everyone has to do it properly, that no longer matters.

Yes, I imagine that really will dramatically reduce the rate at which software is produced, at least at first. However, is that any great loss? Look at the financial damage that a single security flaw in a widely used piece of software can cause. Look at the cost in human life of a serious software bug in fields like medicine, transportation or energy services.

It's clear that left to the short-sighted bean-counters, fatal (literally) bugs are shipped in the name of profits. It's also clear that we can do much better: most software development places I've seen don't even have basic code reviews in place, yet research shows that simply getting a second pair of eyes on every single line of code you submit can remove around 5/6 of bugs before they're even checked into the source control system. Look at the amount of poorly-designed spaghetti code that gets written. This sort of bug-ridden mess happens on even pretty good projects today, and it's entirely unnecessary.

Don Knuth is not the only good programmer in the world. Perhaps if software vendors (not those who give it away - you get what you pay for) were legally responsible for their work, the rest of the good developers who are capable of running their projects to much higher standards would be valued as much as they should be, and the profits-over-safety culture that currently dominates software management could be wiped out in the interests of everyone. I doubt that would produce much perfect software, but it would certainly be a lot better than it is today, which is in the interests of everyone (except cheaposoft developers, but including developers who produce products of quality).

Re:Then let him do it.

[melikamp]

You are missing the point, though not as badly as the grandparent.

It takes a genius to write an amazing program like TeX or Emacs, but no genius is required to write a program that is free of bugs.

To compare with something I understand, it takes a person like Gauss to prove the law of quadratic reciprocity, but even a very average graduate student can understand it and to check that the proof is correct.

As a working mathematician with some background in computer science, I am willing to attest that writing low-level software is wrought with many perils which mathematicians never encounter. Closed source, incompatible devices, hardware failures -- factors like these make programming a device driver very different from proving a theorem. But, in my humble opinion, there is absolutely no excuse for writing a buggy word processor over a well-documented API. In a high-level environment like this a program can and should be designed in a way that allows provability of correctness. Throw in practices like peer review and modular design and you will have college kids writing bug-free software in no time.

Re:Then let him do it.

[amelith]

You seem to be assuming that bug == logical error when it's often the case that a bug is either something that wasn't even considered in the original requirements / design or the result of a set of circumstances that weren't properly tested for "because it can't happen".

There is also performance to consider. Your bunch of college kids may write code that's mathematically correct but when assembled processes 1 transaction a second. This sort of thing occurs with frameworks like J2EE. It's easier to write modular pieces and assemble them it hands you a large performance penalty.

I'm afraid I don't really share your faith in proofs of correctness for large systems. Apart from the problems scaling up these approaches they assume that you can easily mathematically describe how the thing is supposed to behave.

With a word processor this might be something like i18n issues. We might specify, design, build and test the thing without considering the user might not have a us-ascii character set and then it breaks in China. Do we go back to square one and revisit and extend the mathematical model? Then spend x years rippling changes from the theoretical model into the code?

I can't recall seeing anyone use proofs of correctness for something like your word processor example. Can you give me a reference to the literature please as I'm interested to know whether this was successful?

There are arguments for more formal approaches to building software but throughout their working life people are told to 'deliver it quickly and we'll fix it later'. It's a fact of life that people in the 'formal everything' camp need to accept. Programmers don't set out on a project determined to write bugs. Many of them are a result of the poor processes and unrealistic expectations that are endemic in the industry.

BTW I'll take lectures from journalists like the BBC blowhard when he can mathematically prove that his writing contains no errors.

Ame

Re:Then let him do it.

[shutdown+-p+now]

A *lot* of software must be written

That is an open question. Just how many code out there is reinventing the wheel? I suspect most of it is, and closed-source model being mainstream certainly doesn't help things (not that OSS is not free from useless code duplication either). How much of the software which is being written, then, had to be written?

There's more to it than just the code

[Namronorman]

This guy sounds like he's just full of hot air because of a bad Norton AV installation. If one program causes something "devastating" to happen, who is to decide that it's not the user's fault, the compiler's fault, the programmer's fault, the OS creator's fault (and if it's OSS, who's package etc?), or the hardware's fault?

The computer world if full of many variables and I don't see this happening anytime soon, though with recent laws you never know.

Re:There's more to it than just the code

[DAldredge]

Lawyers and Judges would decide.

Re:There's more to it than just the code

but that is not the issue. He is pointing out that companies EULA's exclude liability even if the fault is their own. You also seem to be getting hung up on who's to blame instead of who is liable.

As most commercial software is shipped precompiled it isn't an issue for the end user is the compiler buggered it up or not. Standard contract law means you sue the company you brought the product off that is faulty and they then sue the people who created the fault and exposed them to the liability. This is as legally by selling something you are saying that what you are selling will do what it says.

If there is a clear flaw in a product that you buy and it causes you harm you can sue the retailer. If it's software they will claim that EULA terms exempt them from liability.

Re:There's more to it than just the code

[kannibal_klown]

If one program causes something "devastating" to happen, who is to decide that it's not the user's fault, the compiler's fault, the programmer's fault, the OS creator's fault (and if it's OSS, who's package etc?), or the hardware's fault?

Let's not forget "another piece of software's fault." Installing Software package B might overwrite a registry setting or DLL needed by software package A. On top of that, software package B might leave something running in the memory as a service that conflicts with something software package A does.

You are correct, there are WAY too many variables when dealing with software failures. And if this guy were actually a software developer he'd know that it's pretty much impossible to make something completely bug free. The most you can hope for is something that rarely has a bug or recovers if it encounters ones without losing its place/data.

Error-free software...

[hummassa]

is stale software. Bit rot guarantees that all users will migrate from error-free, real stable software, to new-full-of-bells-and-whistles but error-ridden software in 0 time.

Re:Error-free software...

[Concerned+Onlooker]

A couple of quarters ago I was taking a software engineering course. Our instructor told the story of a debugging competition which used a mature piece of software that was known to be error-free for the test case. A fixed amount of bugs were then introduced into the code and the teams all had a crack at it. At least one of the teams found bugs in the code that were not the ones intentionally introduced. I'm paraphrasing here, but in other words they took a piece of software that they knew to be bug free due to its having been intensely examined by many programmers, yet another bug or two was found.

Truly error free is not a likely state for software.

Re:Error-free software...

[fbjon]

There was an analogy with a bridge earlier. Bridges are designed with redundant security, you can (usually) put a lot more weight on them than what they are rated for.

In the same vein, instead of trying to make every part of the code perfect, how about designing some redundancy into the code?

I leave it as an exercise for the reader to figure out what the hell that means.

The Market Decides

[the+eric+conspiracy]

The fact is that the market has already decided the answer to this. People buy the least expensive software they can get away with. If the application is unreliable enough to regularly lose data it gets flushed out of the market. If it works well enough and is for the desktop it becomes popular. If it is used in critical applications where data loss is not tolerated they you have stuff like Oracle which people pay $50,000 per CPU for.

Re:The Market Decides

[Husgaard]

The fact is that the market has already decided the answer to this.

And the problem with this guy is that he doesn't like what the free market has decided.

He wants laws to be passed that would make some (or all?) kinds of disclaimers on warranty and fitness for a particular purpose illegal for software.

He wants it in the name of "consumer protection", but he does not realize that the consumers are not interested in paying the higher price tags this would put on software.

The only ones whom this would really protect would be corporations big enough to buy costly insurance against claim. They would be protected against competition from Open Source software and smaller companies that would drop out of the software market because of the risk of liability.

Re:The Market Decides

[Lucractius]

This is exactly right.

If you look beyond the x86 desktop market, theres a LOT of software thats close to bug free. and the companies that Pay for things like high performance Oracle soloutions, massively parralel Solaris on Sparc systems, "continuous computing" (ULTRA high availability with high levels of disaster tollerance) OpenVMS on Alpha or Iatanium...

Companies that will pay more than $ 250 000 USD on a single sytem demand the highest quality of code, and these companies DO deliver it.

OpenVMS is renouned for it, the OpenSolaris code shows how hard sun have worked to keep all bugs out, in the 3 months since they open sourced it, i think the tally of bugs found stands at 7. for how many thousands of lines of code... just 7 bugs.

Its when programers are pushed into these "Rapid Development" tools and enviroments that these standards can never be realisticaly achived. Which is unfortunate... But not everyone wants to pay thousands, or wait years bettween aditional features.

he is full of shit

[Lehk228]

There is also a big difference between consumer software like word processors and web browsers, and the massive information systems used internally in large companies.

The companies writing the large systems usually have contracts which mean they are liable for damages, and this increases both the cost and the reliability of the resulting programs.


I must assume he doesn't work with internal apps much.

author is obviously unfamiliar with free software

[twitter]

it will probably mean that commercially-available code is more expensive and cause major problems for free and open source software developers.

Everyone knows that most free software, by virtue of peer review, has fewer bugs and errors than commercial code does. If what he means is that you have to be licensed, bonded and "protected" by a corporate staff of 800 pound gorillas to write code, then free software will have problems. Such a missallocation of resources still won't buy him better code.

This whole issue is a troll the non free software companies come up with every few years. It's a mistake for them, however, and will blow up in their faces. Free software will overcome such nonsense the same way Good Samaritans do. Worse, what kind of society would outlaw exchanging of advice on how to do something? That's what sharing source code it. Why not outlaw engineering texts instead?

liability iff no source

I've said this years ago: software liability should apply on programs you pay for but for which you don't get the source. If money you pay goes to make something you don't have source level control over then that implies the vendor thinks its of sufficient quality that you, the end user, should not have to fix it. If you get the source then there is no guarantee and the distributor should have no liability. This doesn't mean you have to have the right to re-distribute the source -- but you have to have the right to re-build it using commonly available tools so liability can't be limited to one "magic" libarary.

Bullshit

[EmbeddedJanitor]

You have this attitude because you're a programmer. If civil engineers said "so what, bridges fall down" everyone would be up in arms.

Bug free software is possible, so long as it is done right and people are prepared to pay for it. Right now, software is mainly "good enough" and "cheap enough". What is "good enough" and what is "cheap enough" will depend on what is being done.

Re:Bullshit

You have this attitude because you're a programmer. If civil engineers said "so what, bridges fall down" everyone would be up in arms.

If a bridge falls, people die.

If an order entry system fails, it gets rebooted/patched/datafixed and it's back within minutes/hours, good as new. Some time is lost, but no lives.

For software that's life-critical, the quality bar is set much, much higher.

Having non-programmers tell programmers that they expect all software to be as reliable as a bridge is ridiculous, particularly since they don't appreciate the cost of what they're asking for. Those programmers silly enough to try and meet those requirements will quickly find themselves out of business when they first ask for $300 million dollars to develop an order entry system.

Re:Bullshit

[interiot]

Bug free software is possible, so long as it is done right and people are prepared to pay for it.

BINGO. Why not let the market decide?

If it's like earthquake-prone apartment buildings in Tokyo, then it's reasonable to step in and mandate that everyone, no matter how poor, should pay for software designed to a government-mandated quality standard. Until then, why not let buyers and sellers decide on their own?

Re:Bullshit

[servognome]

and also, for the most part bugs AREN'T costly. 99% of software no one dies if it crashes. and software that IS that critical does get that kind of treatment and never does fail.

Exactly, it's the customer's responsibility to demand a certain level of quality they feel comfortable with and pay accordingly. Just as you don't use the same cheap metal for a skyscraper that you do for a back yard fence. There are markets for high quality programs as well as low quality programs, it's up to the customer to find their comfort level.

Re:Bullshit

Civil engineers don't warranty their bridges against hostile attacks (DDOS, worms, trojans), for multiple planets and gravities/atmospheres (Win XP, 2K, ME, 98, GNU/Linux, FreeBSD, OS X, i386, x86-64, PPC, Abit, ASUS, generic) or make it do anything but sit there, not having to interact in any way but to hold things up. What's the software equivalent of a bridge? cp? Let me know when civil engineers make anything as complex as Firefox. The only engineering equivalent of modern software is the Space program, and that stuff does fail. Rockets carrying satellites explode on the launchpad. Shuttles break apart. Dress rehearsals turn deadly with too much oxygen sparking fires. Liquid fuel tanks explode. Insulation melts. O-rings don't expand fast enough due to cold. The list goes on.

Outright crashes of software will disappear with better methodologies (including things like interpreted languages, or C# or Java). However there are a million other complex ways that software can still do something other than what you WANT.

Re:Bullshit

If a bridge falls, people die.

If an order entry system fails, it gets rebooted/patched/datafixed and it's back within minutes/hours, good as new. Some time is lost, but no lives.

Okay, forget bridges. Think appliances.
I heard about a case against Hamilton-Beach because a nut was falling off on their blenders. To paraphrase you, "spin the nut back on, it's back within seconds/minutes". People don't take that kind of crap from things they understand, why should they take it from software simply because they don't understand it?

For software that's life-critical, the quality bar is set much, much higher.

One would hope so, but where are the programmers and managers going to learn how to work that way when the other 99% of software is made shit-poorly? I heard about a $20,000 accounting package that was done in VB. I have nothing in particular against VB, but it's not an appropriate tool to do a large, serious mission-critical system like that. Yet they get away with it because nobody holds them accountable.

Having non-programmers tell programmers that they expect all software to be as reliable as a bridge is ridiculous, particularly since they don't appreciate the cost of what they're asking for. Those programmers silly enough to try and meet those requirements will quickly find themselves out of business when they first ask for $300 million dollars to develop an order entry system.

How about programmers doing it?
All software does not need to be as reliable as a bridge. Mission-critical or life-safety software does. Software sold in high volume should be reliable, because the cost can be amortized, and small defects that only cost a minute or two are multiplied by millions of users to become big problems. That's what class action is all about. Simple stuff like an order entry system should be done simply, and therefore not have problems.

If I buy a product that doesn't work, or that has obvious defects, I have a right as a consumer to compensation from the company that sold a shoddy product. That's part of how we keep companies from knowingly selling crap and pretending it's good. Now, the libertarian view is that if a company is selling crap then the consumers will stop buying from it, but when the whole industry is selling crap and the average consumer doesn't understand the situation well enough to recognize that, what is a consumer to do?

Analogy: picture the auto industry in the 70s. American cars weren't terrible, but the quality control was bad enough that the cars were totally inconsistent. The big three would tell you that making defect-free cars would raise the prices to the point that nobody could afford a car. People accepted this, because they didn't know better. Then the Japanese showed up. They delievered cars that, while not perfect, blew away the big three in terms of quality, and at very reasonable prices. It can be done.

will quickly find themselves out of business when they first ask for $300 million dollars to develop an order entry system.

Now, at the risk of being a Slashbot(tm), I can think of a major software company which has historically been known for low quality, high volume consumer software. I seem to recall that they have something like $40bn in cash on hand. Seems to me that they could afford an extra $300m on each and every product they have ever put out without jeopardizing their company financials. As an industry leader, perhaps that would force other companies put out better software.

Then again, it's always nice to have the easy excuse when my software crashes.
"It's a Windows bug, what do you want me to do about it?"

Re:Bullshit

[narrowhouse]

Large software companies are now getting to a point where they would LOVE this. Current software companies has had 35+ years to build market share with EULAs that say that their products are not guaranteed usable for any particular purpose. The opportunity to change the rules now gives a huge advantage to current market leaders by creating an enormous, artificial, barrier to entry into the market. This would be the best way to kill the growth and competition in the software market. Look at all the other businesses that are encumbered with huge legal liability requirements and you will find business sectors that contain huge, multinational, 50-100 year old companies.

If a company wants to shop around and find a guarantee, fine. Requiring legal liabilty of all software vendors will just create another mess of goverment regulatory groups, certification boards and happy insurance salesmen.

Re:Bullshit

Let me know when civil engineers make anything as complex as Firefox.

Okay, take your bridge. A few thousand rivits. A few thousand cables. A few hundred major steel members. Lots of concrete. These things come from different quarries and foundries where they are heavily processed to make them pretty close to what they are supposed to be. A couple dozen different welding machines run by a couple dozen different welders. Thousands of welding rods, each with a slighly different chemistry.

The bridge sits on a piece of rock (if you're lucky), and you can more or less know what the rock is like and how it's going to behave. The bridge is going to get bigger and smaller as the temperature changes, so you figure out how much and account for that. You design to a specified load, in terms of traffic, wind, and weather, but you use large safety factors so that the bridge doesn't fall down because somebody underestimated a little. Also leave room for shipping traffic underneath. Make sure you allow for things like bombs or airliners hitting the bridge, or a 10,000 ton ship accidently ramming your supports, just in case.

Almost every number is analog. (Try writing a program without being able to use INT types.) Every part is going to be almost, but not quite, what it is supposed to be. There will be dozens of decision-makers. Hundreds of local, county, state, and national codes to follow. Environmental impact issues. Worker safety during contruction.

I've never heard of a software system that even approaches the complexity of a significant bridge. Never.

The engineers have the advantage in working in a much more mature industry, and one that actually cares about quality. The whole production chain pays attention to what it is doing, from pulling the materials out of the ground to putting the final coat of paint on it. (Yet still I can't get parts that actually meet their specs, so that tells you something.) They have practice at it, so while every project is new and different, they have learned from the past and avoid making the same mistakes again.

Outright crashes of software will disappear with better methodologies (including things like interpreted languages, or C# or Java). However there are a million other complex ways that software can still do something other than what you WANT.

I don't know that crashes will ever disappear. The point is that software can be made better, and it should be. The computing industry will never become a mature industry that people can count on as long as people like you excuse yourselves by saying, "We can't make good software, it's too hard." or as long as managers force the team to ship an untested product because they know they can just ship a patch later. Software needs to be held to a higher standard, that's all. Not a pinnacle of perfection, but better than it is. Any professional should strive to do their job better, not make excuses for doing it poorly.

Re:Bullshit

[Maxo-Texas]

You are a civil engineer.

I want you to build a bridge.

I won't say where- or what the end conditions are on each end- because this bridge needs to work in about 2 million different places.

Now- as to what will cross the bridge. I won't tell you that either. It might be a car- it might be a convoy of tanks.

Now... as to the basic laws of the universe (the operating system). I can't tell you much about them either. For example, gravity may change at any time to be higher or lower. The tensile strength of various materials may change unpredicatably with various patches to reality.

Your work force will be available to work 2 to 16 hour days and may or may not comprehend instructions written in english.

The bridge needs to be built from scratch from materials using new refining methods so you cannot use any reference materials to analyze how strong it has been historically.

Finally, this bridge must be made of at least 9 million different pieces (opcodes). The subunits will be assembled by a robot of some kind (Compiler) so you will not know the details of how the units work- only how they are supposed to work as units.

---

I'm sorry but you really do not understand what you are talking about.

Re:Bullshit

[ZenShadow]

Every time this discussion comes up, all I hear is "think of the poor programmers!". If you want to cry like a baby every time someone suggests that you can do better or that you should be held accountable for your work, then IMNSHO you don't belong in this business.

The fact is, this industry is built on the ability to ship crap-quality software specifically because they can get away with it. Reliable, high-quality software and hardware (from operating systems to major enterprise-class databases to whatever else you want to think about) has existed for a LONG time. Just ask IBM. It's only expensive because so few companies care enough to produce quality software outside the embedded arena.

As for the space program, that's apples and oranges. Participation in the space program is an Elite Activity, which means that there are very few who actually do it. There are a whole lot more minds working on software on a daily basis. The fact is, software companies are just too flipping lazy and/or cheap to fix the problems.

Personally, I think that software houses should be liable in the case of gross negligence. If they cost someone a few million dollars because their software crashes, then they should go to court. If they're found to not have appropriate quality control at the time the software was written, they damn well *should* be liable for producing a flawed product.

The only thing I see that will keep this from ever happening is that not enough non-geek people know anything about software engineering. That will make it damned hard for the judicial system to determine what "appropriate quality control" is, exactly.

Besides, why should I be forced to suffer through non-quality software (and make no mistake, we *are* forced to as low-end consumers, simply by lack of available choice. It's sad when free operating systems work more reliably than commercial ones)? If Kenmore was putting out refridgerators that randomly quit every few days or under the wrong phase of the moon, I doubt they'd sell many refridgerators.

Too bad that the software industry managed to convince consumers that it's somehow immune from common-sense quality standards.

--S

Re:Bullshit

[shmlco]

BS. The world is full of complex interacting systems. A 777 is a maze of complex interconnecting systems built by hundreds, if not thousands, of vendors. Everything from airframes to engines to controls to avionics. Yet everything manages to work together, and we don't see 777's dropping from the skies daily.

What we need are fewer prima-donna developers loaded with excuses as to why it can't be done, or why they can't take the time to write unit tests, or whatever, and bring in some competent people with the idea that it CAN be done.

Re:Bullshit

[bnenning]

Because the market is ill-informed.

I can believe that in many cases, but I have difficulty with the theory that government is better informed.

Re:Bullshit

[jtev]

I might not be able to design a bridge that works in these conditions, but Buckminster Fuller designed an arena that could be build under these conditions. He used color coded steel beams, shiped as a kit. A handfull of engineers and an indigenous workforce could build a large dome in aproximatly 3 days, even if they didn't speak a single word of a common language. The engineers would be amazingly like the compiler that condenses your code into actual machine code. Also it is quite posible to write in those opcodes, and can be rather enjoyable. Please stop talking out of your ass.

Shouldn't this be handled by supply and demand?

[Captain+Perspicuous]

[ ] vendor guarantees that software works as advertised
could be another checkbox that all software companies are trying to reach.

"What? You don't guarantee works-as-advertised? Well, then I'm looking for a different product."

If computing magazines would update their testing methods and added this one checkbox, Microsoft just might say "oh, hey, we haven't covered that checkbox yet. We need to have every checkbox. Let's quickly drop by the legal department get this in order..."

Great

[LWATCDR]

The Lawyers will love it. They will launch massive class action law suites and will make millions. If you are part of that class action you will get one dollar.
The software vendors will not fix bugs because to fix them they have to admit they have them and will get the daylights sued out of them.

He's got a valid point

[MerlynDavis]

The author has a point here. We accept a lot more ... "bugginess" in software than we do in any other product (Cars, Banks, Tools, etc.) And it's pretty much become the norm that if there are problems, folks just shrug, claim it's just software and move on. But if the folks building bank vaults left as many holes in their products as software, people would be screaming bloody murder. I've done software development as a hobby myself, and don't release my code to the public, because I know it's not even up to my own standards of stability, reliability, security. Programmers/developers need to take more time with their products, and think security & reliability from the start of a project, not as an afterthought. With as many products requiring patches within the first couple weeks of release, consumers do need to start getting angry about this stuff. Or, at the very least, start challenging software companies when the products they do release require more MB in patches than the software was originally....

Re:He's got a valid point

[bnenning]

We accept a lot more ... "bugginess" in software than we do in any other product (Cars, Banks, Tools, etc.)

In exchage for much more rapid development than other products. Cars today aren't hugely different than they were 20 years ago, when we were using DOS.

We'll take the "Google News" way out...

[bbk]

Ah, so he wants people who right software to guarentee their work?

Things will then just never make it out of beta, for fear of the law. If the software breaks "Tough luck, it's still in beta, what were you doing using it for mission critical work anyway?"

This "eternal beta" is also used to avoid other sorts of legal wrangling . The most obvious example is Google News - it's "beta" still because google is worried about capitalizing on other people's news content. While unrelated to software quality, because it's an "unfinished beta", it doesn't get sued out of existance.

So, welcome to using software versons 0.9.9 forever... I can't wait.

Re:We'll take the "Google News" way out...

[Anonymous+Brave+Guy]

You know that just because someone sticks the word "beta" next to a product, that doesn't actually remove any of the ethical or legal consequences for producing that product, right?

Nobody wants "perfect software" (yet)

[G4from128k]

What people want is:

1. The latest whiz bang feature to impress their friends
2. The latest feature copied from a competitor's software
3. The latest feature to be compatible with everyone else
4. The most feature checkmarks for the PHB to authorize the purchase or selection of a software application

None of these demands fosters reliability. It fosters a frantic race to add features and ship stuff ASAP. Everyone seems caught in a massive vicious cycle of upgrades so that nothing ever stabilizes or matures.

Perhaps if/when people stop finding new uses, new formats, new file types, and new applications, then the industry will mature and people will turn their attention to stability and reliability.

Our Data:an appeal - a "Plimsoll line" for apps

[NZheretic]

By myself from June 14 2002

However relatively bad the security of Microsoft's products are in comparison to what the free licensed and open source communities ( as well as practically every other vendor on the planet ) provide, Microsoft is not alone in the presence of vulnerabilities, this is a major issue for Linux/BSD and Unix as well as ever other OS and vendor.

From the Plimsoll Club history

Samuel Plimsoll brought about one of the greatest shipping revolutions ever known by shocking the British nation into making reforms which have saved the lives of countless seamen. By the mid-1800's, the overloading of English ships had become a national problem. Plimsoll took up as a crusade the plan of James Hall to require that vessels bear a load line marking indicating when they were overloaded, hence ensuring the safety of crew and cargo. His violent speeches aroused the House of Commons; his book, Our Seamen, shocked the people at large into clamorous indignation. His book also earned him the hatred of many ship owners who set in train a series of legal battles against Plimsoll. Through this adversity and personal loss, Plimsoll clung doggedly to his facts. He fought to the point of utter exhaustion until finally, in 1876, Parliament was forced to pass the Unseaworthy Ships Bill into law, requiring that vessels bear the load line freeboard marking. It was soon known as the "Plimsoll Mark" and was eventually adopted by all maritime nations of the world.

The risks,issues and solutions for providing a more secure operating and application enviroment have been known for decades.

Those who do not already comprehend the issues and are willing to learn, should take some time out to listen to some of the speeches at Dr. Dobbs Journal's Technetcast security archives, starting with Meeting Future Security Challenges by Dr. Blaine Burnham, Director, Georgia Tech Information Security Center (GTISC) and previously with the National Security Agency (NSA)

The design and implementation of some applications and servers are just too unsafe to use in the "open ocean" of the internet.

Numerous security experts have railed against Microsoft's lack of security, best summed up by Bruce Schneier Founder and CTO Counterpane Internet Security, Inc who rightly said:

Honestly, security experts don't pick on Microsoft because we have some fundamental dislike for the company. Indeed, Microsoft's poor products are one of the reasons we're in business. We pick on them because they've done more to harm Internet security than anyone else, because they repeatedly lie to the public about their products' security, and because they do everything they can to convince people that the problems lie anywhere but inside Microsoft. Microsoft treats security vulnerabilities as public relations problems. Until that changes, expect more of this kind of nonsense from Microsoft and its products. (Note to Gartner: The vulnerabilities will come, a couple of them a week, for years and years...until people stop looking for them. Waiting six months isn't going to make this OS safer.)

However Microsoft's products are not alone in the presence of vulnerabilities, this is a major issue for Linux/BSD and Unix as well as any other OS and vendor.

In a recent speech "Fixing Network Security by Hacking the Business Climate", also now on Technetcast, Bruce Schneier claimed that for change to occur the software industry must become libel for damages from "unsecure" software

Re:Our Data:an appeal - a "Plimsoll line" for apps

[swillden]

The abstract notion of a "Plimsoll line" for apps is very appealing, but the problem is that we really don't even know what the analogous standard would look like, much less where it should be drawn and how it should be enforced. Software isn't like boats or cars or bridges -- many small variations on a well-defined solution. There are commonalities between pieces of software, but the differences are huge. A payroll system is so different from an embedded RTOS as to make any kind of consistent standards nearly impossible to describe.

There are lots of people in the world who are much smarter than I am; maybe one of them can see a way to apply this analogy. To me, though, it just looks like wishful thinking.

I have been wrong before but...

[Afecks]

I do not think we should automatically exclude free/open source software from our analysis simply because it is produced by teams of programmers working for nothing, and the fact that it is given away does not, of itself, provide legal immunity.

I do, at least to the full extent of the law.

Expecting anything from someone who gave you free/free software isn't reasonable. The fact is, the licenses are there not only to save the developers necks but also to serve as a warning. When something says "AS IS" that means exactly what it says. You take it as it is, faults and all. There is no trickery involved. Nobody tried to sell you a lemon.

Writing error-free code IS impossible because there is no possible way to enumerate all the potential hazards that face the software. In a bubble, on a clean install, software can behave "perfect". Once you let it out into the real world where people have literally an endless number of different conditions on their computers, it's simply not realistic. If the operating system has a single flaw, then the software is inherently flawed as well. We all know about Windows' track record of buginess and of course all OS suffer from bugs. That doesn't mean the developer or corporation is trying to get by with it (well maybe some). It just means that "to err is human".

The way I see it, free software (as in freedom) is a community effort. If it doesn't work, it is just as much as your responsibility to fix it, by contributing either time or money. If you won't help fix it then you are as much to blame as anybody. I guess that sounds harsh but I'm really tired of seeing everyone passing the buck to someone else, especially to the people that are trying to help society by providing possibly useful or entertaining software. These developers are doing us a favor. They don't have to write software for us and we don't have to use it. Expecting anything more than that is absurd.

amazing ignorance

[youngjohn14]

"The companies writing the large systems usually have contracts which mean they are liable for damages, and this increases both the cost and the reliability of the resulting programs." As an IP attorney working in the industry for the last 14 years, this statement is just so....amazingly....stupid I would have thought the editors of the BBC would have caught it. It is wrong on so many levels. No non-on-the-ropes software developer will bet the company on error-free code. At the most, a developer will agree to correct errors. And MAYBE some limited liability for intentional errors.

wrong, wrong, wrong

[idlake]

It doesn't make economic sense to create some kind of liability for the authors of software; there is no single level of quality that everybody needs.

The best thing we can do to increase software quality is to hold the people responsible who can actually do something about it: the people who buy software.

If your Windows PC crashes and you lose data, that's your responsibility; you could have gotten something different.

If the bank's Microsoft-based database server has a serious security hole and someone breaks in and defrauds customers, then the bank should be held fully responsible for that; they shouldn't be able to shift responsibility to either Microsoft or the person who broke in. That will force institutions like banks to negotiate contracts with software vendors that ensure an appropriately high level of correctness. And there is no need to burden our courts with "hackers"--you won't be able to find and lock them all up, so locking up some of them is not a rational strategy for making computers secure.

In any case, if one wanted to, one could easily make legal distinctions betwen FOSS and Microsoft/Apple when it comes to liability. First, expert users generally have to accept a higher level of responsibility than non-experts. Arguably, FOSS users are, by definition, expert users. Also, for-pay software involves an actual sale, which can easily and sensibly be regulated differently from non-sale distribution when it comes to liability.

Re:wrong, wrong, wrong

[Fastolfe]

I agree, to an extent. It makes no economic sense to shoot for as perfect-as-possible for all software. The reason we have minimum standards for other industries, such as as automobiles, is because a defect in an automobile can kill people.

But what we have today is practically anarchy. There's no way of telling if a product will work properly, or will work at all, and software vendors are allowed to get away with that.

A middle ground here might be forced labeling. Require software vendors to place a label that, in a standard fashion, describes how safe the software is, whether it is guaranteed to work as labeled and advertised, and maybe something about the known defects it has, or estimated failure rate. Don't let the vendor hide this in the fine print. And then hold them to it with legal measures.

That way, if a piece of software is targeted for home use, the labeling should make it clear that it's going to have significant defects, and will fail at a high rate. You might have a more expensive variant for office use, with fewer defects. And then you might have a stripped down, very expensive version intended for critical applications, in hospitals or infrastructure. The end user can then choose which one they want to buy, and instead of feeding a market where the customer buys the cheapest product because they think all products are buggy, they can buy the product that meets their needs, with the assurance that they will have legal recourse if the product fails to meet the expectations indicated by labeling.

Not entirely new...

[cperciva]

Dan Bernstein has offered a guarantee for many years that djbdns and qmail are secure. Now, this is a rather vague guarantee, since the task of deciding if a reported problem is a security flaw lies with Dan Bernstein himself; but it's a start.

I'm currently writing some cryptographic code, and I intend to go considerably further: I intend to offer a guarantee not only that my code operates as specified, but also that it is not vulnerable to any side channel attacks within certain classes.

As the time-to-exploit of security flaws continually decreases, I see only one solution: Writing code which is correct in the first place. If you can do that, you can offer a guarantee. And hopefully once security becomes as larger issue to consumers, people will start looking for guarantees.

Re:Not entirely new...

[maxwell+demon]

Of course, you'll then have to prove that the program generated proof is correct (because the proof generating program could be buggy as well). And if you do that with a proof checking program as well, you must prove that the proof checking program is correct. Not only at the source code level, but the actual running code on the actual machine (because it could be translated by a buggy compiler, or be running on a buggy processor).

Remeber IEFBR14

[sk999]

Making bug-free software is much harder than anyone can imagine.

Let us not forget the very modest program IEFBR14 - arguably the shortest
program ever written for use in a production environment. It ran on IBM's
System/360. (I rans it many times myself.) Its sole function was to
exit - nothing else. It was a whopping one machine instruction long - 2
bytes. It was even Open Source (BR14 is the assembly language version of
the instruction, which is the standard way programs exited). It was the
simplest possible program that one could write. If ever there was a
program that was going to be bug-free this was it!

It had a bug.

When a program exits on OS/360, it is expected to have set some bits to
indicate any errors. When a program is called, those bits are in an
unpredictable state. IEFBR14 had to be modified (doubling its length) to
clear the bits first.

Sigh...

Re:Remeber IEFBR14

[Yojimbo-San]

Remember IEFBR14 ... which didn't have the bug described in any released version of MVS or OS.

It's a lovely story of course :-) but not true.

I just updated wikipedia with the counterclaim ...

http://www.miketaylor.org.uk/tech/oreilly/more-ief br14.html

It's not worth the price

[autopr0n]

When I ran Autopr0n, hooo... that code was awful. But there really was never any kind of economic incentive to fix it, I could just keep restarting my JVM (the thing was coded in java).

Or, look at metafilter.com. That site goes down like a $2 hooker, yet it's so successful that the maintainer was able to quit his day job and support himself based on the site. People don't care.

Even when you get to a desktop OS back in the '90s, quality just wasn't that important. Would you rather pay $10,000 for an OS, or $90 and loose work once in a while.

If the cost of the lost work due to software errors is less then the cost of writing the code so that it works perfectly, then it's not worth doing. Sure, for some programmers there's not a tradeoff, but those programmers probably cost a lot more to pay then 90% of the coders out there (who are idiots, IMO, just look at the existence and popularity of Visual Basic).

When the cost of the error increases, you'll find much more stable software (like on medical equipment, airplanes, and so on).

The secretaries spreadsheet just ain't mission critical.

Of course, now that all computers are connected together, they need to be at least secure and not targets for worms and trogens, etc. I predict that we move towards web services, the software quality will get worse and worse, but people will just pay a sysadmin to sit there and reboot the machine whenever it goes down, so people won't notice everything...

Word Watch: "Unsustainable"

[The+Famous+Brett+Wat]

unsustainable - (adj.) 1. Following a pattern which can not continue indefinitely due to the inherent limitations of the system. "Present growth is unsustainable in the long term." 2. A term expressing distaste, annoyance, and a personal desire to change things. "The current situation is unsustainable."

Some potential bugs I found.

There has been a lot of discussion about my call for software liability in a column entitled Whose fault is it anyway?, and it shows that this is an issue which needs some serious attention.

"it" is an unclear variable reference. Does the pronoun "it" refer to the call for software liabilty or the column itself? Also, the title of the column should be italicized, underlined, or capitalized for clarity. Finally, the phrase "a lot" is depreciated.

There is also a big difference between consumer software like word processors and web browsers, and the massive information systems used internally in large companies.

Syntax error. No comma is needed after "browsers".

The companies writing the large systems usually have contracts which mean they are liable for damages, and this increases both the cost and the reliability of the resulting programs.

Syntax error: a comma should proceed a "which" as discussed in rule 11.

Many readers commented on the difference between free/open source software and commercial software when it comes to guarantees, and criticised my use of the licence for the Firefox browser as an example.

Syntax error: no comma is needed after guarantees.

something that is paid for

Better: "something for which one pays"

But liability for consequential damage is different from guarantees of proper working.

Awk. Please unobfuscate this sentence.

Cars are a good example here. Motor vehicles have to be safe, and there are rules and regulations governing their development and production which, by and large, keep the roads safe from exploding cars. It does not stop accidents caused by driver error or poor maintenance, but it does make us safer.

Again, confusing pronoun reference. The "it" in the second sentence seems to refer to "rules and regulations". If this was the intent, please correct to "they" as this could cause unexpected results.

And if a group of people build their own cars then they have to follow those same rules in order to be allowed to use public roads, even if they gave their cars away.

The second variable "they" above refers to "group" not "people", which is singular. This sentence could be further optimized. Suggestion: "If a group built their own cars, it would still have to follow those same rules to use public roads, even if it gave the cars away."

It should be the same for software

Uninitialized variable. What is "it"? Please specify.

It is possible to make error-free code, or at least to get a lot closer to it than we do at the moment, but it takes time and effort. Doing it...

Overuse of "it". Please be more explicit in your casting.

Bill, please check your fixes as soon as possible before someone gets the idea to sue. Thanks. /sarcasm

Re:author is obviously unfamiliar with free softwa

[Xugumad]

And you get modded down. Genius.

Seriously here people, most free software is complete tripe. The popular projects you hear about, Linux, Firefox, etc. are just a small fraction of what's out there. Peer review only works if people are interested in your project.

Open source tends to be written by/for people who care more about stability than features, and that's a major help, but it is not miraculously better. How many people here have actually sat down, and looked over the source of an open source project to check for bugs/exploits?

Auditing and openness

[cicho]

Okay, so we've had the predictable reponses about how building software is different from building bridges, and then others point to the respective difference in cost. All true. But if bridges and buildings are so much more reliable than software, it's not only because they cost more. It's also because when they are designed and built, all procedures must conform to known standards (and not a few regulations). The specs are open and auditable, and architects actually have their work inspected all the way.

Should every word processor be built in this way, with open specifications, norms and audits? I don't know. Now how about vote-tallying software?

Good software costs

[Angst+Badger]

First off, I should issue a disclaimer that I'm an oldbie. I started programming in assembly language on punch cards, but no, this isn't going to be a rant about youngsters and their newfangled languages. (At least it better not be; my current job has me living, breathing, and eating PHP.)

The problem with bad software today -- just like it was thirty years ago -- is bad engineering. It's not because of the methodology du jour (or its absence), licensing, choice of language, or toolsets. You can write brilliant, bug-free, efficient software in COBOL using the basic procedural structured programming paradigm. You can write awful, buggy, resource-hungry software in object-oriented Java using XP. None of that shit matters.

Good engineering requires, among other things, a detailed understanding of the problem, thorough planning, the sheer experience required to distinguish between the clever and overcomplicated on one hand, and the lucid and elegant on the other, excellent communication between developers, foresight (also borne of experience), and rigorous debugging. All of these things, including the many other prerequisites not mentioned, require lots of time and effort. Too much time and effort, in fact, for most commercial software outfits to invest and still turn a profit.

That's the rub, really. All the methodology and language fads aside, the basic principles of good software engineering were worked out decades ago, and sometimes further -- good generic engineering practices in the abstract were worked out long before we harnessed electricity. It all comes down to this: the more time, effort, and care you put into a product, all other things being equal, the better the product will be. It's easy (and well-deserved) to mock Microsoft for the shoddiness of their major products, but that very shoddiness is why you can buy MS Word for less than ten grand. If MS built word processors the way engineers built the Golden Gate Bridge, the prices would be comparable.

The market does not reward that kind of quality. In the first place, no one is willing to pay thousands of dollars for a supremely excellent product when one that is good enough can be had for a couple hundred. Most folks couldn't afford that kind of software engineering even if they wanted it. In the second place, once you have the perfect all-in-one software package, why would you ever buy another one? Microsoft is in this position already with its good-enough products. No one needs an upgrade, so remaining profitable requires MS to churn out new versions of its increasingly resource-intensive operating system so that you at least have to buy new copies as you replace your older machines.

FOSS is at least theoretically invulnerable to these pressures. In theory, there will eventually be all-singing all-dancing FOSS packages covering all of the major software categories, and the age of commercial mass-market software will be at an end. I've been waiting for this day to come since well before the first release of Linux. I'm surprised that it hasn't come yet. I'm surprised that the majority of FOSS software is still as buggy, poorly designed, and -- almost without exception -- undocumented as its commercial equivalents.

I suppose I shouldn't be surprised. Excellence in software engineering is like excellence in any other field: it's really fucking hard. It's even harder when you have a day job; time constraints aside, after 8-12 hours coding at work, the last thing many developers want to look at when they get home is compiler output. Many of the remainder are either amateurs or students -- not to diss either category, but often the necessary experience is lacking, and the lone hacker often lacks the knowledge or the inclination to produce code that's easy for other developers to work with. I remain confident that we'll get there, though. (I am less confident that I will still care by then, but it will still be a boon to those who live to see that day.) I am equally certain, for the reasons

Re:Good software costs

[Totally_Lost]

There is something of a chicken and egg problem here. Good software can be produced in volume, but good software can not compete after cheap trash software consumes all the dollars (or available labor) in the market by first to ship. Both in commercial and open source markets.

Re:Good software costs

[Tjp($)pjT]

People won't pay to develop good code. Period. There is no demand for perfection. I was part of a three man team that wrote a prototype media viewer for early release movie content. We provided the backend encrypter application and ancillary libraries under license. Our "proof of concept" was finished in 8 weeks and was so successful that we had our code in live in air airline flight tests with real customers. Awesome work. Very stable. The encrypter application we wrote had a few issues with some non-standard compliant streams from a common encoder suite, which we didn't write. We charged T&M to fly an engineer to the content providers location (they don't like to ship unencrypted media for obvious reasons, and we wanted to do side by side compares for the streams to debug the problem). They already signed off on the PROTOTYPE delivery. They balked at us billing for the post delivery work and turned us down for the follow up contract. The fee schedule for post delivery work was a part of the original contracts. Needless to say they aren't in that business anymore and sold the division in question.

So far our original code for the prototype remains with no bugs outstanding. They just can't encrypt all the possible movie bitstreams they'd like. The same team put an applications development framework together in 3 months of very long days with very few bugs against it. A lot of those are documentation related. The relevant company no longer is selling anything but intellectual property now, but the last code shipped was very solid. about 70,000 lines of code and about 15 total real bugs.

My point is that no matter how good the engineers, there is a cost in time for projects you are passionate about, and a cost in real dollars for real engineers with appropriate architecture and development skills. Most companies don't want ot spend the money. If customers would pay more money for products then companies would pay more to develop them. Customers drive the price structure, and that drives the expenses a company will invest to develop the product. Add to that that a "bandage" patch is cheaper in current dollars that a major rewrite and you end up with large commercial products that are bandages on bandages on bandages. Refactor the code and it will almost always improve if the requirements and specifications changed since inception. Few companies will start a side development group to redesign and rewrite an existing product.

The articles author can just start a grass roots movement to drive the marketplace to only purchase warranteed bug free software. I don't predict success.

Re:Good software costs

[stretch0611]

Excellent, I agree with you. I also consider myself an oldbie. (20 years of programming, 12 years being paid for it) Fortunately in the early years I had a teacher that actually emphasize design and comments.

Unfortunately the environment in the business world today prevents truly bug-free programming. A lot needs to change:

1 - Fire all the programmers and developers that can't program. We all know which ones in the group fit into this category. Unfortunately our bosses don't know. They're the ones that cause the majority of the bugs. They came into the industry just for money (pre-2000 bust) and they have no real feel for programming yet they know how to email the boss. Keep the ones that are naturals. The real code warriors. The good ones know when to code new source, when to copy old source, and how to clean up old source when they copy it into their new modules.

2 - Get rid of the bosses that don't know tech people. (i.e. the ones that don't know the difference from #1 above) The boss doesn't need to know tech (it does help) but they do need to know their people. They also need to know how to keep office politics and beauracracy away from their people.

3 - Get rid of separate New Development and Maintenance groups. People will code better when they know they will have to fix their own code when it goes into production. They will care more about stability instead of features. Also, a programmer learns the difference between good and bad coding techniques when they are forced to maintain both.

4 - After the requirements are requested and the specs/design is created don't let users change them. I can't change everything just because a user changes their mind. If I have to change, the release date is pushed back as if I just started the design today. I can't complete a program until you are done knowing what you want it to do.

5 - Procedural vs. Object Orientated programming. The huge developement debate. I admit I am biased toward Procedural programming. However, you should use whatever works better for your project. A GUI works better when you design using OOP, but when you need to crunch numbers on 10 million records procedural will work a lot better. I know a lot has been said about the poor code quality of OOP in particular, but if you get rid of the idiots in #1, the logic should be easy to follow.

6 - KISS - Keep It Simple Stupid - I used to work with someone very intelligent, but his code was terrible. He would program elaborate functions just to add two numbers together. My honest belief is that he tried to impress us with his "coding ability." If someone needs a simple program give them a simple program, don't redesign the wheel.

7 - Shoot and KILL everyone that sponsors or participates in a unreadable source code competition. (sorry personal peeve) We need to promote legible code with indenting and good, clear, and relevant variable naming.

8 - Quality. CMM, ISO, TQI. These are nothing more than BULLSH!T. While there some occasional insights coming from these "Quality" initiatives I disagree with most of the methods. Commenting and documenting your code is a good thing. Unfortunately, most of this initiatives are nothing more than feelgood bs for clueless management.

9 - Admins and Tech Writers. Hire all the good ones back. The improve our ability to code by letting us use admins to do the less technical aspects of our jobs. Their hourly cost is less than ours and by offloading some of our work to them we have more time to develop the system that managent wants done yesterday. This creates more cost effective development even though it raises headcount.

10 - Pay. Simple answer. You get what you pay for. If you offer good pay for good programmers you will get good code in return provided your managers need know their programmers (see #2 above)

11 - Overtime. Don't do it. An overworked, stressed developer is a poor quality developer. A little OT before a release isn't terrible, but 50+ hour weeks for months on end will cause poor code. Also, if a little OT before a release happens, compensate the developer with pay or comp time to make them happy.

12 - TEST TEST TEST TEST TEST TEST. Then test some more. Make sure your users test also. This is the most important step.

So you assume everyone can write code?

[xswl0931]

You mistakenly assume that just because someone is given the source code, they are capable of understanding it and making fixes. If your refrigerator manufacturer gives you the blue prints to the frig, does that mean they aren't liable if something goes wrong? Software shouldn't be treated any different than any other product. If there is a safety issue, then the manufacturer should be required to provide a fix. Source code or not shouldn't have any effect.

Re:So you assume everyone can write code?

[xswl0931]

If someone gave you a free frig and it ends up burning your house down, I guess you would still find that acceptable.

Software sucks because...

[Jaime2]

people demand that it sucks.

Seriously. For nearly every case, if there are two available pieces of software (OSS or not), most people will choose the one that is more feature rich. Sure, those in a mission critical situation or the poor people that get to install and support the software long-term will demand quality and maintainability. But, those people are far outnumbered by the masses that use software casually.

So, given a limited set of resources, quality will always be just barely up to what people will tolerate. Yes, even in open source software. Example: Mozilla Thunderbird -- They have a feature schedule out right now. About half of the planned features are in the current build. Do you think they'll wait until the code is 99.99999% error free in all situations before comitting time to add features? They have no deadlines, no financial burdens, no one telling them to ship the software. Yet, they will ship it. If they don't, their user base will entirely desert them and switch to a horrible, buggy, alternative (probably Outlook Express). This is simply because people demand cool crap. That's why they buy half the crap they buy, that's why the US has a $250 billion trade deficit with China. We collectively love crap.

Make liability limit = price of software

[quentin_quayle]

Sure, let's have liability. The software must perform substantially as advertised - counting all advertisements, press releases, interviews given by publisher's officers, etc.. But make the amount of damages simply equal the price paid.

This would keep free-as-in-beer software in the clear. It would also have the side benefit of forcing Microsoft to reveal its OEM prices. :D

I like the source code as condition of immunity suggestion above too, but it would be futile without a licence like those the FSF approves, which would actually allow you to fix problems without violating copyrights and patents.

Re:author is obviously unfamiliar with free softwa

[twitter]

Seriously here people, most free software is complete tripe. The popular projects you hear about, Linux, Firefox, etc. are just a small fraction of what's out there. Peer review only works if people are interested in your project.

You realize what you said is true, circular and bad news for commercial software, don't you?

What you call "tripe" is what the author wanted to get done and what no commercial software vendor would provide. Score one for free software - meeting user needs.

The "popular" projects do indeed rock and will be better than anything commercial because no firm can match the development effort. Look at the gnu debugger. The last time I checked it had more than 87 authors. Show me a commercial debugger that gets that much attention. That's just one of the thousands of gnu projects that make free software actually work. Score two for free software - in the end, what needs to get done gets done better.

Finally, you are half right about peer review only working on projects that other people care about. If you can't find a single other person in the world interested in your project you have a rare project indeed and won't find any help. Most people are not so original and will usually find dozens of projects that do something very close to what they want to do. So far, so good, where did you go wrong? When you turned a blind eye to the most popular non free software getting no such help at all. For all your customers can tell it was written by a lone monkey paid in bananas who was forbidden contact with the rest of the world. Final score - free software 3, commercial software zero.

This message composed and transmitted on a system run with complete tripe that just happens to have more features and run much better than any commercial software available.

Software IS different

[Midnight+Thunder]

I thought about this the other day, asking myself why we can't have the same approach in software development as bridge building, or other engineering disciplines. The difference seems to be that of prototypes. When you build a bridge you create a prototype, test it as much as possible, tweak it where necessary and let the cycle continue until there is a working solution. Once that is done you are ready to build the bridge, based on specifications that in a certain sense are easier to follow than what software does.

Look at software and ask yourself where that prototype is, that can tweaked reworked until all obvious and so obvious issues have been tested for? You will end up noticing that the prototype and the final product is the same thing. While a bridge can be tested based on a number of complex mathematical formula, I am not so sure that software can be tested in the same way. Software is designed and developed based on a number of philosophies and sometimes these even have to interface with other programs based on other philosophies. Over time the complexity grows to a point where testing it 100% is like trying to predict what the stock market is going to do next week. I would like to give a figure to what we are able to predict, but that I will leave that for someone else, since I am not sure I am qualified to do so.

At the same time I will say that there are a good number of things for which you can create unit tests for and these help avoid the most obvious issues. The non-obvious issues, based on difficult to reproduce scenarios, variable dependencies are a little trickier.

Things are also improving thanks to libraries that implement much in the way of reusable code, but here too there is an issue. Imagine that you designed your program to be dependent on libraries x, y and z, and then the user adds libraries that effect the libraries you depend on, how can you predict what is going to happen?

You will notice that most mission critical systems are designed to have only the most essential features (as compared to desktop software) and are often coded with very precise memory management and sometimes even avoid the pointer type and instead using only primitives. Trying to develop most applications this way would be long and laborious and your users would be complaining that his complex office software doesn't do what (s)he wants (remember they can't agree on what they want), even if it is 99.999% stable.

I am not saying it is impossible, its just that I have yet to see an approach that is 100% effective and for 100% of cases. Yes I am a software developer, so I do have a certain bias.

Re:Software IS different

[Anonymous+Brave+Guy]

What you say may be true, but I don't think it's the use of prototypes and up-front planning that separate true engineering fields from software "engineering". Those are merely the processes that have been found to work effectively in other disciplines, and we know many processes that work and many that don't for software development, too.

I think what really separates engineering from most of today's software development is that in real engineering, you have an engineer. This is a highly trained, experienced, skilled and independently assessed professional, whose sign-off is required before a project can continue regardless of what the bean-counters say, and whose personal reputation is on the line if they sign something off inappropriately. In other words, it gives a veto to the guy who actually knows whether something's going to be crap or not, and that guy has a very strong motivation to use the veto when it's appropriate.

Now, suppose I were a software engineer in the real engineering sense. Let's say my signature was required before shipping a release from the software project I was supervising, to confirm that reasonable care had been taken to keep the bugs as few and as minor as possible. In all the professional projects I've ever worked on, I can't think of more than a couple I would have approved. How about you?

The bottom line is that in today's software development world, the business guys can come in and trump the development guys, and frequently do. That's cutting corners in the interests of making more money, pure and simple. It may be the way to run a more successful business in a competitive marketplace, but it's nothing to do with real engineering.

Re:Software IS different

[man_of_mr_e]

You raise an interesting point, however, let's look at how a bridge is built versus how software is built.

When you build a bridget, an architect designs every detail of that bridge. An engineer ensures that the bridge is structurally sound, and develops the methods used to build it.

The people that actually BUILD the bridge, are, for all intents and purposes, monkeys. Skilled monkeys, to be sure, but monkey's no less. They do what they're told, and have no "creative input" into the building of the bridge.

In software, typically everyone working on it has creative input of some kind or another. There are no standardized ways to do the jobs they're told to do, and they often have to engineer their own solutions, and depending on their experience and skill can choose some pretty poor ways to do it.

Software engineers ARE engineers in every sense of the word, because they're DOING engineering tasks. That doesn't mean their qualified to BE an engineer, they just are by default.

Until such time as the software can be 100% specified by a qualified engineer, and no creative input is required by the workers, you won't get a well engineered product. In fact, if that were possible, you wouldn't even NEED programmers. The software could be specified, and then other software could build it based on the specifications.

So, until programmers are no longer needed, you're not going to have well engineered software.

Re:Software IS different

[Anonymous+Brave+Guy]

I agree with much of what you say as things stand today, but I think you're making an unstated assumption that this is the only way things can work.

A lot of programming is donkey work, and requires little more than joining the relevant library code together in the appropriate pattern. IME, the key to getting this right is that you usually need:

• a small number of very good people at the top of this process, co-ordinating the design;
• a small number of very good people at the bottom of this process, writing the tools and library code everyone else will use;
• a large number of code monkeys in between, joining the libraries according to the design.

It is possible to get much better (faster, safer, whatever) results out of code monkeys by using monkey-friendly tools: look at the success of Java, which is less powerful than many other languages, but provides an effective tool for many average programmers to produce decent quality work, while helping to avoid making average programmer mistakes. However, such a tool is almost certainly the wrong choice for the specialist guys at either end of the plan, who will feel the lack of power and would be less likely to make those classes of programmer error.

I think the next wave of robust software development will come from realising that these three levels require very different skills and skill levels; very different tools with different balances of power, flexibility, safety, etc.; and in particular, very different proportions of the work force. Not all programmers are equal, and not all developers fall onto a simple scale from "crapware newbie" to "L337 hax0r".

Re:Software IS different

[man_of_mr_e]

While I agree with you that things will not always be this way (I did lay out the criteria I believe will solve the problem), I don't agree that it's possible today.

When you build a bridge, you need a human to make decisions about various things, but those decisions are based on how to build the bridge, not how the bridge will operate once built. Programmers make decisions every day that effect how the software runs even after it is built.

A bridge builder might have to decide whether to use a shovel or a backhoe to do something, but once the thing is done, it's the engineers choices that depend on how well the bridge works, not the bridge builders.

As an example, as a programmer, I have to make decisions about how to build the product to meet the specifications. This would be equivelent to the bridge builder having to decide how to make the steel, or the the composition of the concrete. SOMEONE has to make those decisions, but not the grunt in the trenches. Programmers make those kinds of decisions every day, such as choosing an algorithm that may have O(1) performance, or O(N) performance, or even worse. Maybe they don't even understand O notation and what it signifies.

Until the basic "pieces" of software are standardized, an engineer cannot fully control how the finished product will function. And once those peieces are standardized, there is no need for a programmer anymore since the computer can just join those pieces based on specifications.

Software insurance

[click2005]

It makes me wonder why no insurance companies offer insurance against loss via bad software. House insurance is dependant on suitable locks and security. Software insurance could be made available on the condition that suitable AV/Spyware/Firewall software was installed and patched.

Complex Algorithmic Code Is Unreliable

[MOBE2001]

Bug free software is possible, so long as it is done right and people are prepared to pay for it.

It is impossible to guarantee the reliability of complex algorithmic software. This is something that Frederick P. Brooks has shown in his famous "No Silver Bullet" paper. However, Brooks' arguments fall apart in one important area. Although Brooks' conclusion is correct as far as the unreliability of complex algorithmic software is concerned, it is correct for the wrong reason. Software programs are unreliable not because they are complex (Brooks' conclusion), but because they are algorithmic in nature.

Last week, an article in the Wall Street Journal's OnLine Edition gave a vivid description of the costly software reliability problems that Microsoft has had to endure in its effort to develop the next version of its Windows operating system. It drove home a point that I have repeatedly made in the past. The biggest problem with software is communication. I am not talking about the lack of communication between programmers (nothing can really be done about that since programmers come and go) but about communication between various parts of the software. Microsoft is suffering from a classic case of the "right hand not knowing what the left hand is doing" syndrome.

The problem has to do with what I call blind code and it is not just Microsoft's problem. It is an old problem that has plagued the entire software development industry from the beginning. It is proportional to complexity but it does not have to be. In fact, it can be completely eliminated. The solution requires a rethinking of software construction, not only at the single program level but also at the operating system level. It calls for the reinvention of computing at the fundamental level. We must abandon the algorithmic model of software construction and embrace a signal-based, synchronous model. Eventually, even basic microprocessor architecture will have to be overhauled. For more on this important subject, see the link below.

Software Brownshirts

[Arandir]

But I still believe that the current situation is unsustainable, and that we should be working harder to improve the quality of the code out there.

This is a very different thing that legislating mandatory guarantees on software. Yes, we SHOULD be working harder to improve the quality of our code. But not at the price of authoritarian government.

There are few things in life that are truly a free market, but software comes close. It's no surprise then that spoilsports want to come in and regulate it. That happens wherever freedom begins to bloom. Let me clue you in: the marketplace has decided on a low (as in almost non-existant) demand for guarantees and warranties on consumer software. It's not developers doing this, it's the users.

Re:Software Brownshirts

[joelsanda]

Let me clue you in: the marketplace has decided on a low (as in almost non-existant) demand for guarantees and warranties on consumer software. It's not developers doing this, it's the users.

Which is precisely where regulatory practices are born. I can understand the general point you are making, however the statement "But not at the price of authoritarian government" is a little over the top. Name one regulartory control that seeks to govern quality rates that has not come about as a result of consumer injury; either fiscal or physical. Once those costs get high enough to garner enough attention legislative controls that set minimum standards are put into place.

More reasons

[alan_dershowitz]

The hugeass elephant in the room here is that for centuries builders have been relying on reusable components and clear standards, while massive numbers of programmers shun these despite their availability, and constantly reinvent the wheel. I'm looking directly at every dink on Slashdot that bitches XML is too complicated and trashes (ha!) on automatic garbage collection. (if someone has some obscure exception, keep it to yourself. The exception isn't the rule.)

Another difference is, typically if an engineer says something is unsafe, people actually fucking listen to her.

Oh yeah, and you can't hide how a bridge works. Proprietary code encourages cut corners.

I believe that good software is attainable. But that won't necessarily come from legislation, it'll come from the industry growing up.

Re:More reasons

[spongman]

wouldn't work. nobody in their right mind would chose anything but a "0". i'd buy a copy of the first non-"0" package, find a bug and sue.

Re:More reasons

[Jussi+K.+Kojootti]

On the other hand, getting from the first log-over-the-river kind of bridge to the bridge building standards you speak of took thousands of years. Digital data formats / algorithms / standards are a few decades old at most.

Gamble or hedge: the buyer knows best

[Julian+Morrison]

Computer software has been mostly unregulated. This has allowed us to watch the "invisible hand" of the market in its purest form. Commodity programs have disclaimers, buy bespoke and you get guarantees, pay yet more and you get formally certified code. The cost of risk and the cost of the program are in effect two seperate purchases - product and insurance.

If you force programmers to carry the risk cost, you don't magically get bugfree code. You just delete the no-guarantees market. In effect you're forcing programmers to bundle insurance with every installation. "Free" disappears. "Libre" might survive in an attenuated form - edit "open source" and you become the liability carrier. You might do it in house, but few could afford to publish.

The guy points out that other industry sectors have this sort of law. Yup, they do, and I contend we're all worse off as a result. Amateurs are frozen out, because they can't afford to jump insurance hoops. Innovations are stifled. Saleable skills are wasted. Personal self-expression is denied. Even though all parties are willing, the law stands in between saying "no". This is nothing to emulate!

Nanny liberals would contend they are protecting buyers from risk. As an adult you have to accept that the universe has dangers. You can't wish it safe, and the utopia of your childhood was an illusion. Who then is best placed to decide when you should gamble and when hedge? Philosophically, no action can be said to be "better" or "worse" without a reference to a person whose goals it serves or thwarts. No person can know another's mind. Therefore, you alone are properly placed to weigh the options and decide on your own behalf. At best a law commands you to take your best choice. At worst, bans it. Neutral or harmful, and (given diversity) certain to be harmful to some. This is why regulation is never better than a free market, even in risk.

What do you mean?

[Sycraft-fu]

My car is way buggier than my software. My car is horrible at dealing with unexpected siutations and abuse. If someone attacks it, say by breaking a window, the window is broken and I have to pay to have it fixed. With software, I get mad and demand that they should fix the bug so the attack CAN'T break it. Likewise the car is not forgiging to unexpected operation. If I floor the gas in neutral, the engine will seize up. However I expect that software can deal with unexpected input and not have any ill effects. Also my car costs money for matenance. I have to regularly pay for things like oil to keep it working, however software I expect updates at no charge.

So all in all it seems I expect MORE out of my software than my car.

They are different things, you really can't compare them.