Outlining a World Where Software Makers Are Liable For Flaws 508
CowboyRobot writes with this piece at the ACM Queue, in which "Poul-Henning Kamp makes the argument for software liability laws. 'We have to do something that actually works, as opposed to accepting a security circus in the form of virus or malware scanners and other mathematically proven insufficient and inefficient efforts. We are approaching the point where people and organizations are falling back to pen and paper for keeping important secrets, because they no longer trust their computers to keep them safe.'"
Re:Sure (Score:5, Informative)
What liability?
Clause 1. If you deliver software with complete and buildable source code and a license that allows disabling any functionality or code by the licensee, then your liability is limited to a refund.
You can't trust code ... (Score:5, Informative)
"You can't trust code that you did not totally create yourself."
I can't trust the code that I did totally create myself, either.
Re:You can't trust code ... (Score:4, Informative)
I can't trust the code that I did totally create myself, either.
When was the last time any of us totally created code? I've been coding to various operating system APIs for a long, long time. Even back in the DOS days I made quite a few DOS and BIOS calls. We use(d) lots of 3rd party libraries for various things. Not to mention the libraries that come with your compiler/IDE.
I'm pretty sure I've never totally created any runtime code. Maybe some useless crap I did back in an assembler class would count?
I did have a radio-shack 8-bit processor kit when I was a kid though. That was all machine language (there was no ROM or non-volatile storage). However, I still had to trust that the opcodes did what they were supposed to do. Intel (and others) have shown us you can't even count on that all of the time.
Re:Sure (Score:4, Informative)