Outlining a World Where Software Makers Are Liable For Flaws

← Back to Stories (view on slashdot.org)

Outlining a World Where Software Makers Are Liable For Flaws

Posted by timothy on Thursday September 29, 2011 @09:39AM from the mattress-has-a-pea-beneath dept.

CowboyRobot writes with this piece at the ACM Queue, in which "Poul-Henning Kamp makes the argument for software liability laws. 'We have to do something that actually works, as opposed to accepting a security circus in the form of virus or malware scanners and other mathematically proven insufficient and inefficient efforts. We are approaching the point where people and organizations are falling back to pen and paper for keeping important secrets, because they no longer trust their computers to keep them safe.'"

4 of 508 comments (clear)

Min score:

Reason:

Sort:

Re:Sure by sqlrob · 2011-09-29 09:48 · Score: 4, Informative

What liability?
Clause 1. If you deliver software with complete and buildable source code and a license that allows disabling any functionality or code by the licensee, then your liability is limited to a refund.
You can't trust code ... by LordNimon · 2011-09-29 09:48 · Score: 5, Informative

"You can't trust code that you did not totally create yourself."
I can't trust the code that I did totally create myself, either.

--
And the men who hold high places must be the ones who start
To mold a new reality... closer to the heart
1. Re:You can't trust code ... by dohnut · 2011-09-29 10:57 · Score: 3, Informative
  
  I can't trust the code that I did totally create myself, either.
  When was the last time any of us totally created code? I've been coding to various operating system APIs for a long, long time. Even back in the DOS days I made quite a few DOS and BIOS calls. We use(d) lots of 3rd party libraries for various things. Not to mention the libraries that come with your compiler/IDE.
  I'm pretty sure I've never totally created any runtime code. Maybe some useless crap I did back in an assembler class would count?
  I did have a radio-shack 8-bit processor kit when I was a kid though. That was all machine language (there was no ROM or non-volatile storage). However, I still had to trust that the opcodes did what they were supposed to do. Intel (and others) have shown us you can't even count on that all of the time.
  
  --
  Stupider like a fox! - H.S.
Re:Sure by publiclurker · 2011-09-29 11:37 · Score: 3, Informative

Or even the cost of defending things that are not your fault. I worked for a company once where a contractor provided module required 3rd party drivers. The installer for these drivers would occasionally do strange things, making the module act funny causing problem in our program. The customer does not care about any of this, all they know is that they bought your program and every so often the screen goes blank. they are going to sue you, and then you'll have to go through the chain of ownership to get things straightened out.