We had a lively discussion last night about programmer liability. Consensus (such as there was) seemed to be that perfectly reliable software is extremely expensive and likely futile as a goal given complexity restrictions, basically if every app must meet milspec the industry as we know it is toast, as costs would go through the roof. We discussed paths forward that didn't require milspec reliability, things such as codified best practices which when followed essentially dissolve liability, along with social mechanisms to alter best practices whenever there is an error (i.e. current engineering model). We didn't resolve the question of whether market forces or legislation should be used to require greater reliability.
Notes from the discussion...
The EU is proposing the introduction of liability for computer programs, both commercial and Open-Source:
o required "support" period of 2 years
o "same basic rights as when they purchase a good"
o Is liability a good idea?
o Restricts or enhances user choice?
o Can't find an insurance company
o Prohibitive cost for complex systems
o Reduce security problems?
o Build trust with users?
o Increase reliability?
o Stifle innovation?
o Can't see or verify quality, cannot see errors
o "Without protection, consumer software will explode"
o "Free market rules, baby!"
o "We will find a way"
o We do not want to encourage lawyers to breed
o Would you be willing to contribute to Open Source if you were
liable when someone *else* broke it?
o Would you require a particular working environment (one-true
Linux or Win2k sp4 with only X,Y, and Z drivers)?
o What level of warranty would you be willing to give (with what
o Provide downgrade options to previous software?
o Fixed in some period of time?
o Money Back?
o Damages and Loss of Business?
o Damages and Loss of Life?
o Would a particular methodology let you provide warranties?
o Software review? (NetBSD, code-review, Mondrian)
o Robustness proofs?
o Would a "traceable" trail of liability make a difference?
o Code signing and the like
o "I want someone's arse on the line"
o I installed this little utility that might some day steal
all your data when it's updated, am I liable for that
utility's changed functionality
o Forensics and blame?
o Can we tell who caused a critical failure?
o What is a software failure worthy of a "warranty event"?
o Power failure of the machine, software doesn't run?
o Cosmic ray flips a bit
o Automated "lint" reports an error?
o Code is mal-formed (indentation wrong in C)
o Tests fail to cover an "impossible" condition (coverage ?
o Data/resource file (an icon, for instance) missing from a build?
o Slow operation? (botnet)
o Software doesn't port cleanly to exotic platform X?
o More memory used than expected?
o ERROR-level logged event?
o Error dialog raised?
o Ugly traceback appears on screen?
o User can't access the internet, so your AJAX application fails?
o Allows a botnet to be installed?
o Software core-dumps, but doesn't loose any data?
o Software core-dumps and looses data since last save?
o Software core-dumps and corrupts all data?
o Software security breached via software failure (all data
o Someone injured?
o Someone killed?
o What would you warrant your software to do?
o How would you specify requirements?
o All marketed feature sets?
o Would you warrant it to e.g. "take up 0 or more bytes of
disk space", with all other warranties explicitly denied?
o Does the software do what it is supposed to do?
o You can't use this software for science?
o Environmental restrictions (pre/post conditions)
o Limitation of Liability?
o Personal harm?
o Shell corporations
o Do we only warrant certain types of software?
o Hospital, 9-1-1, aerospace, etceteras
o Reasonable standard of care?
o Two-tiered software?
o Our software is warranted, it won't blow up your machine
(small green sticker)
o Our software is unwarranted, it may blow up your machine
(huge flashing LED red sticker)
o Only monopolies should be liable?
o Is software so irreducibly complex that it cannot be warranted?
o Is it just a matter of money?
o Do we only pay for what we care about? (Life-endangering, etc)
o Should an OS be considered "life-endangering" (what about
when it runs a warship?)
o Money endangering?
o Engineering software
o Best Practices as a defense strategy
o Allow any organization to prove itself non-liable by
claiming (and proving) standard best practices
o License computer users
o You can't sit down at *my* keyboard until I say so
o WGA licensing included
Links from the discussion (thanks to Seneca for collecting these):