InfoWorld Home / Tech's Bottom Line / Watch out, developers: Here come the lawyers
August 06, 2009

Watch out, developers: Here come the lawyers

Developers who 'knowingly' ship buggy software may be held liable for damages. That might be good for users -- but a sloppy set of guidelines could hurt open source

| Print | 37 comments|
344 Recommendations

Here's an odd couple: Microsoft and the Linux Foundation. These two organizations, normally on opposite sides of almost any issue, agree that a new set of guidelines making software vendors liable for knowingly shipping buggy software is badly off base. They claim that the guidelines are likely to lead to a flood of expensive lawsuits against both large commercial vendors and small-scale open source developers. What's more, it could impose expensive obligations to scour support forums and the like for notice of problems, a procedure that would be overly burdensome for small developers, say critics.

Yes, this is a warning that developers should follow the issue closely. But there's another side to the story: Don't software buyers, both consumers and enterprise, deserve to get what they've paid for: software that solves the problem it was written to address?

[ The bugs we love to hate: nine of the strangest bugs ever. |

"There is a sense that disclosing defects is bad for marketing," says Fred von Lohmann, a senior attorney with the Electronic Frontier Foundation. Indeed, big software vendors have been arm-wrestling with buyers and consumer advocates over the issue of responsibility for buggy code since the 1990s, he says.

Changing the user agreements: No more free passes for buggy software
A centerpiece for the sometimes heated argument is the ubiquitous user license agreement. If you are one of the relatively few software buyers who has actually read one, you know that vendors typically disclaim responsibility for the quality of their software. And as the law is generally applied today, that means an aggrieved buyer can't sue. Would we allow, say, an auto manufacturer, the same luxury to disclaim responsibility?

Software developers may be held to the same standard as manufacturers under the new guidelines. A key passage -- Section 3.05 (b), if you want to look it up -- says that user agreements contain an implied warranty that purchased software "contains no material hidden defects of which the transferor [the seller] was aware at the time of the transfer." What's more, no matter what language the vendor places in the user agreement, the warranty still stands.

The guidelines are just that: guidelines. Written by the respected American Law Institute, an organization of law professors and a small number of judges, the guidelines are designed to help judges apply the law in intellectual property disputes. They are not binding, but because the ALI is highly regarded in the legal community, attorneys on both sides of the argument believe that they are likely to be influential.

Related Content...
additional resources
White Paper - How to Improve Delivery of Advanced Web Applications

White Paper

Virtual Workforce: The Key to Expanding The Business While Cutting Costs

Get the independent advice and expertise you need to support a virtual workforce.

Go inside:
The three-step approach to making a virtual workforce a reality.
The four flavors of client virtualization technologies.
The three key initiatives that solve IT challenges.
Download now »
White Paper: Successfully Secure Your Wireless LAN With Wi-Fi firewalls.

White Paper

Addressing Linux Threats Leveraging Fewer Resources

The increase in Linux popularity has increased the frequency and sophistication of malware attacks. Read this 2 page white paper now to learn how you can protect your Linux environment with real-time protection that is certified by all major Linux vendors.

Download now »
White Paper - The 2009 Handbook of Application Delivery

White Paper

The 2009 Handbook of Application Delivery

Ensuring acceptable application delivery will become even more difficult over the next few years. As a result, IT organizations need to ensure that the approach that they take to resolving the current application delivery challenges can scale to support the emerging challenges. This handbook elaborates on the key tasks associated with planning, optimization, management and control and provides decision criteria to help IT organizations choose appropriate solutions.

Download now »
White Paper - Is Your Backup System Outdated?

White Paper

Mid-range Storage Considerations

A common misconception is that mid-range storage requirements are dramatically different than that of a larger enterprise. Mid-range storage users may require less capacity, but they have similar functionality and management requirements. This ESG paper examines mid-range storage needs and reviews a new solution that adjusts size while retaining value, performance and functionality.

Download now »
37 of 37 comments
Sign In or Register to comment
silverlokk 6-Aug-09 8:37am
<quote> As we all know, open source software may or may not be free -- and free software may or may not be open source. What defines open source isn't the price or lack of a price, but the freedom of the community to modify it under the terms of the GPL or other relevant license. </quote> Wait a minute, price has nothing to do with the 'free' in Free Software. If you check the Free Software Foundation (http://www.fsf.org), you'll find the GPL right there -- after all, they formulated it! Bottom line is that the difference between Free Software and open-source software is a matter of philosophy. The Free Software Foundation believes that users should enjoy the four freedoms, whereas the Open Source Initiative sees open source mainly as a development model.
mtsinc 6-Aug-09 9:02am

Actually, the most miserably pathetic software it has been my (non)pleasure to encounter hasn't been either commercial OR open-source. It's bespoke.

A lot of this stuff is intended for in-house use, but much of the really bad stuff I've seen was either intended to be accessible by employers or clients via the Internet (and not properly secured) or actually public apps. Online employment processes are among the consistently worst offenders.

One-of-a-kind software is generally not all that pretty, but in recent years it has descended from warty to outright paper-maché. It's mostly rush-job stuff done by the lowest bidder, yet it's often deployed publicly enough to offer a major exploit portal into the corporate network.

Even purely in-house apps have their issues, if not in security, then in reliability.

All in all, we've just gotten too easy with the idea that software should be flimsy, shoddy, and - cheap. Maybe it's time for some reflection. Laws usually get passed when self-regulation fails, but laws are not the ideal solution.

philosopher 6-Aug-09 9:16am

It's well-known that software developers who work for someone else (in other words, do not own their own company) have signed agreements in which they and their employers acknowledge that their code is a "work for hire".

In which case, it is the company, and not the developer, who is considered to have legally written the work.

So, the developer releases buggy code, but if anyone is fined or goes to prison for it, it is the legal author. And that legal author is not the developer.

So, developers, ignore Mr. Synder and code without fear. Those draconian agreements which you were forced to sign if you wished to be employed may now come back to haunt the company that forced you to sign them.

Isn't Karma wonderful?

bblatchley 6-Aug-09 9:48am

Well, this is yet another sign of the times!

The author writes: "I'm not in the least concerned about Microsoft and other large commercial vendors who have inflicted buggy software on users for decades."

To which I reply: You will care when the entire industry is enmeshed in lawsuits and innovation seizes tight, and even current products (like operating systems and office suites) are removed from the market because they have exposed their companies to too much liability.

Getting the lawyers involved in this way is an invitation to disaster. It is using a nuclear bomb where a rifle is more appropriate.

There is NO KNOWN WAY to prove that any (significant) bit of software is correct. NONE. It's a problem that has been worked-on for decades. Provably correct code is a dream that only happens with trivially simple code.

Now, I don't care for the free-for-all that occurs now, but inviting the lawyers will destroy the computer industry in our nation.

If it happens, I'll look seriously again into giving-up my role as a senior software engineer and take-up short-order cooking where a mistake only costs around $1 instead of potentially millions of dollars.

But you now what? The way things have degenerated in the world and especially America, I can see this happening soon. Good thing there is a Waffle House around every corner!

clivew 6-Aug-09 9:57am
So what is an "actionable" bug and how long after being notified before the developer incurs liability exposure? Given the plethora of environments out there it seems developers need a defense which' itself, would be unworkable. e.g. "This software contains no known bugs when run on Windows XP SP3 with no other software or hardware drivers running or installed." I earn my living writing what I (and my long time clients) consider high quality and robust software, so I am all in favor of holding everyone, including my competitors, to a high standard. However, this has the severest potential to be either unfair or unworkable. Personally, with the current state of the technology, I believe everyone who "buys/licenses" critical software should test it thoroughly before deploying it and should certainly be entitled to a refund if it can not be made deployable.
merrill77 6-Aug-09 10:04am
This is NOT going to help consumers. For starters, where do we draw the fine line between "bug" and "design limitation"? Next, who do you blame when software X fails because some other software Y installed on the system caused a change in the behavior of an OS API? Vendor X, Vendor Y or the OS vendor? Good luck figuring that one out! I've been in software for 25 years and I can tell you that these things are not black and white. Who seriously thinks you can legislate quality? Fools. The simple answer is don't buy software without a thorough evaluation and don't expect the software to run on some other combination of hardware, drivers and OS until you've evaluated it. If you go into every transaction with that preparation, you'll be much happier.
Streetrodder 6-Aug-09 10:07am
1 reply
Methinks Mr. Blatchley doth protest too much. What I see is no different than what's been required in engineering for decades. Items designed should be well designed. If there truly is no way to prove software is correct, that says more about the state of software design than anything else. Is there a piece of software more complex than the CPU it runs on? That assumption of legal responsibility is part of what licensed professional engineers deal with every day. Of course, if you call yourself an engineer without actually having an engineering degree... Anyone who didn't see this coming has themselves to blame.
markl1977 7-Aug-09 1:23am
1 reply
"Is there a piece of software more complex than the CPU it runs on?" Are you kidding? The browser you used to enter your comment would be more complicated than any CPU. The belief that all engineers should be held to the same standard is obviously flawed - even outside of the world of software development. Consider two Engineers: one designing a passenger jet and the other designing a mop bucket. Which is more regulated and more liable for his errors? A poorly written application might cost time spent working on a spreadsheet. A poorly designed machine might cost lives.
Gray_Hair 7-Aug-09 5:56am

Bzzzt, wrong answer. Clearly you do not understand the impact of four decades of Moore's Law on the complexity of hardware. Browsers are simple compared to an eight-core, multi-pipeline, tri-level back-side cached CPU!

Moreover you also do not seem to know that the majority of computer instructions executed are in imbedded code the VERY often have life or death consequences.

thirdvalve 6-Aug-09 10:53am
Software is remarkably complex stuff. In order to fully test and truly "guarantee" a bug free system would require testing each and every permutation, and every single decision tree combination, which can easily run into the hundreds of thousands or millions - even in SIMPLE software. Then, all those permutations would need to be exercised against each and every possible environment (operating system versions, patches, drivers, chipsets, etc). This is impossible. Today, there is virtually NO piece of software - be it an operating system (Unix, Linux, Windows, MacOs...) application software (MS Office, Open Office...) or drivers (for printers, display devices,...) - that is "bug free". They ALL contain defects of some kind. It is simply a matter of degree - and whether they are discovered in use. Were this kind of legislation in place 30 years ago, it is doubtful that ANY of the software we all use and enjoy today would have evolved as quickly and efficiently and affordably as it has. This kind of legislation will stifle innovation beyond imagination. But it WILL line the pockets of attorney's - that is certain. This proposed legislation is (at best) the product of ignorant people with very little understanding (even if they are "well intentioned"). It is a fantastically stupid idea.
dmarois 6-Aug-09 11:08am
As a consumer I don't want to see this happen because software will become either unaffordable or unavailable since every damn publisher will be in the courts defending his greediness. BUT, I DO want to see legislation forcing software publishers to actually support their products rather than making the oft-heard retarded comment that "it's normal". However, now that I think about it, I want to see legislation forcing the computer industry to bring the PC into the 21st century using already existing technologies. To force it to make a quantum leap in modernizing the PC; which they can easily do as we already know. We all hate too much govt. involvement in our lives but who here is willing to claim that without govt. modern automobiles would be the cleaner and safer vehicles we have today. Maybe govt. can provoke the equivalent effect with the computer industry. An industry that has gotten away with selling lies for far too long.
blurgh56 6-Aug-09 11:11am
1 reply
If this passes muster and becomes law, I predict that many small developers and contractors will never allow their software to leave "Beta" or "Release Candidate" status, simply so that their obligation is to fix the errors instead of being sued out of existence.
jwaldron 6-Aug-09 12:48pm
It ain't about what you call it; it's about whether you sell it. Calling it a "Beta" won't save you from this!
jwaldron 6-Aug-09 11:32am
GUYS: slow down and go back and re-read the text! The proposed language doesn't require perfect software. It doesn't penalize bugs per se. It penalizes for bugs you actually know about and fail to disclose to your purchaser. And even then the penalty remains very business-like: when you sell software, you make an implied warranty - that you can't disclaim in your shrink-wrap or EULA - that you're not hiding flaws from the purchaser. That's the law for all the rest of the business world - and they have learned to live with it. Why should software be immune to the same liabilities as everyone else who provides - or licenses - a product. Software vendors have gotten away with marketing "beta" software as commercial products and (ab-)using buyers as testers for far too long. Would you want to buy a Buick that had all those flaws? It's those warranties that protect you when you buy your Porsche or a new house or a new barbecue grill for your back yard. Are you too special to be held to the same standards as the rest of the world? Grow up!
Loerps 6-Aug-09 11:39am
1 reply
The state of software design, which was referenced above, can never reach the point where anyone can guarantee that any particular product will always work correctly. Consider the number of things any piece of software contends with at any moment. No software developer could conceivably test their software on every possible hardware configuration and every possible service pack and every possible combination of device drivers that could be running at any given time and every possible combination of other software the user could run simultaneously and project all the variations on all of these over the projected lifetime of their particular product.

This would be like expecting the company that does your lawn service to guarantee that every blade of grass on your lawn will be a certain shade of green or darker and that there will always be enough moisture and that there will be no thin spots, and guarantee this for some number of years from now. They can't control the weather, they can't control who walks on your lawn or throws trash on your lawn or which neighborhood dogs do their business on your lawn or how much rain you get or how long the sun shines each day, or what other activities occur on your lawn, or any of a myriad of other factors.

Anyone who has done tech support knows how many ways a user can find to misuse or abuse a piece of software. And then you have the almost impossible task of trying to reproduce the exact conditions within which a problem occurred before you can determine who is at fault.

You can hold a vendor to a reasonable expectation of good performance under conditions within which the product has been designed to run, and you have a right to expect the product to perform as advertised. And that's all. Not every error is a bug. Some errors are simply conditions under which a piece of software was not designed to run.

By the way, I don't work for Microsoft or any other software vendor. I just have enough common sense to know that writing software is no more an exact science than maintaining your lawn is.

jwaldron 6-Aug-09 12:53pm
You said: You can hold a vendor to a reasonable expectation of good performance under conditions within which the product has been designed to run, and you have a right to expect the product to perform as advertised. And that's all. Not every error is a bug. Some errors are simply conditions under which a piece of software was not designed to run. When was the last time anyone got to hold a software vendor to the "perfom as advertised" standard? Bet you haven't. Read and EULA disclaimers recently?
philmarcus 6-Aug-09 12:08pm
2 replies
At the (small) risk of being burnt in effigy, I am a lawyer, but I am also a software developer, primarily custom but some "shelf." Two points. The simple one is that no one get jail time or a fine for a breach of warranty. This is a civil matter that at most leads to defendant paying money to defendant to compensate for a money loss. More importantly: There are two threads running through the law, pretty much independent of where. One is the 'expectation' interest that is protected. If people expected 100% bug-free code then maybe every single bug would be "a material defect" as the law views it. But judges know better--many bugs are just not 'material'--they carry only trivial weight. Further, the law is not in existence to (surprise) make lawyers rich. It is instead to ensure people be fair with each other, and to intervene when someone is not and will not be, despite being reasonably asked. Fairness is not exactness, as the precedent cases often say. Relax everyone. Nothing to see. Go about your business.
clivew 6-Aug-09 1:06pm
No need to fear. Some of my best friends.... Seriously though, and originating from a less litigious U.K., my personal complaint is the combination of the cost of defense with its true evil - the resulting prevalence of meritless extortion settlements.
dhigginx 7-Aug-09 9:23am
I don't know if this qualifies as effigy but I believe that this effort is just another way for lawyers to make money, PERIOD. I see a new branch of the legal profession being born that will scour software products for bugs then make up class action lawsuits that provide the lawyers millions of dollars and the users they're trying to protect 20 bucks each. The market place is very self correcting, if truely bad software is produced then it is either corrected by the publisher or users will switch to competing products. User complaints can and do result in refunds for defective products from reputable companies.
jspurr01 6-Aug-09 1:11pm
1 reply
Mr. Streetrodder asks if there is a piece of software more complex than the CPU it runs on ... the answer is "yes ... most of them". RISC and CISC processors only have to execute a couple of hundred specific instructions. (I realize this oversimplifies a CPU, but the point is that a CPU is a finite device that must do only a limited and specific set of functions, generally one at a time in a controlled environment. It is like a set of legos ... a limited set of unique pieces (the CPU instructions in controlled conditions) that can be assembled in infinite combinations and quantities.(all the possible software / conditions and user interactions). How many warnings have to be included with a Step Ladder to ensure that such a basic device is not used against its design intent? Many more than stating what it is supposed to be used for. Either way ... the ladder manufacturer can't prevent you from putting the ladder on the sofa, standing on the top step in your bedroom slippers, while balancing a glass chandelier over your head, trying to connect to a live electrical box ;-) etc, etc. Early in the days of Use Cases and Function Point Analysis, we did some calculations to determine how long it would take to fully test all determinable permutations at 15 seconds per test ... the answer became 105 years for this particular project which was considered only moderately complex in the mid 90s. A simple ladder has many more warnings 'not designed for' than design intent use cases -- software is the same, but the magnitude of complexity is far greater. "Bug" legislation would need to be limited with common sense against reality, design intent, and the reasonable expectation of a good-faith delivery against advertised capability ... and yes, disclosure of know bugs in an understandable fashion. 'Penalties' of sorts should lean more toward reasonable warranty aspects and truth-in-advertising concepts, with some consideration for situations of malicious intent or willful negligence.
jwaldron 6-Aug-09 1:38pm
BY GEORGE, HE"S GOT IT! That's exactly what the ALI language is shooting for: a reasonable warranty (where today there is none) built on truth in advertising (where today there is often none) and enhanced penalties for malicious intent or willful negligence - that's the "knowing" part of the ALI thing. The ALI language doesn't ask for perfect software. What it does seek is candid disclosure of known defects. Beyond that, all is hysterical frothing at the mouth.
danishctc 7-Aug-09 12:05am
So does that mean that now on issues will be determined in Courts ?
jacko 7-Aug-09 1:19am
The favourite American saying is "God bless America" I ask, why would God bless such a corrupt country??? Anything and I mean ANYTHING, is fair game to a lawsuit.
markl1977 7-Aug-09 1:31am
I worked as a developer for a company which was driven strongly by sales and marketing people (the top management were all part of the sales team, with the engineers in the 'back office') All of our project deadlines were written by salesmen, with little or no consultation with the developers, and we never once wrote an application which I considered to be well engineered. (Hacked together would be a more apt description.) If the proposed laws were implemented then this company would either cease to exist or would need to hire a lot more engineers. So assuming they survived this would be good for people like myself. However, I'm afraid in those sorts of conditions it would only be the big companies that would survive (or at least those with good lawyers.)
muzzdeni 7-Aug-09 1:47am
Wow what a lot of rubbish, Firstly software, does that go down the same lines as shoddy javascript for webpages. I just registered and pressing the tab at each field took me back to the username for login, I am trying to register duh. so that is I assume a bug for the register page for this site..... I'll sue the site for 5 seconds of frustration. Ok I do see the point but, the comparison is wrong, I mean WRONG in auto assembly you can "physically" check each part in the assembly, but with tens of thousands of lines of code? there is not time enough in the universe to check it! Not to say the least of testing the code on every combination of os version(win98,2000,xp etc), and hardware combination. Now my second to final point I didn't read anyone else's post's (Im a computer programmer). Finaly patches and updates are there to remove any unforseen and known bugs in the app over its lifetime. lastly I think thats enough dribble for now.
ramnick 7-Aug-09 2:17am

so does this suggest that individual devlopers/companes should charge 100 times or may be more then the usuall price to their costomers just in case if someone sues him/company for the 'might be buggy' software in order to tackle many lawsuits, cuz its next to impossible to test the software for all existing OS and all the environment combinations,it will take years to test each line of code !!!! ????

Big Fishes only care for themselves.Where would small time developers/companies be if this is imposed strictly,not because they sell buggy softwares,bugs might occur any time in any condition ..not known at time of developement.

dhigginx 7-Aug-09 9:10am
The easy way to solve this might be to limit compensation to the amount that a customer has paid to license the offending product. This would mean that free software would be exempt from all lawsuits because there would be no possible financial gain. I don't think it's possible but if 'class action lawsuits' could by prohibited then we could almost completely keep the lawyers out of this arena.
johnKoy 7-Aug-09 9:14am
Disclaiming all warranties and responsibilities inherently implies defective/buggy product. So it should be open-sourced, which *logically* conveys the plea that "OK, we agree this software is buggy, so we open-source it, help us fix it". But when its source is closed, there's no one but the producer to fix it, which is a paradox since they would not release such a defective product if they were ever able to do it right. Bottomline is: Only those who open-source their product should be granted the right to disclaim all warranties, others not.
SandyAsman 7-Aug-09 3:41pm
By way of background, I am a lawyer. I am also a Computer Science graduate of MIT. I have written and licensed software since before the IBM PC existed, and I still write and license legal application software. As an attorney I have written thousands of software license agreements, and I have litigated numerous software related cases (both for developers and for licensees). In short, I feel quite qualified to state the following: 1. According to Sandy's Law of Software Licensing (something which I have passed on to clients, and others, for many years), when all is said and done, a Software License needs to say only four things, two of which are for the benefit of the licensor - (a) that all, appropriate, license fees will be paid; and (b) that no "improper" copies of the software will be made. Similarly, the licensee should require two things in a Software License - (a) that the software "kinda, sorta" does what it was represented to do; and (b) that no one can claim that use of the software infringes their intellectual property rights, (i.e., that the "license" from the licensor is all that the licensee needs to use the software). 2. Given the foregoing, it seems self-evident that many of the comments made do not address the issue which any reasonable software developer (licensor) or user (licensee) would expect. No guideline should state that software is perfect. We all know that bugs happen, and we all understand the overall complexity of software. Nevertheless, for a developer or other licensor to withhold from the licensee known, material defects, is no different than the licensee paying the license fees with a check he knows will bounce. The issue is not whether there is a defect, but that the developer was aware of it, and he withheld that information from the unknowing licensee, who was then damaged as a result of that very defect. In any other context, the withholding of material information by one party, knowing the other party will rely upon the representations and be damaged as a result of such reliance, is simply considered fraudulent. 3. The comparison of software to other items, such as cars, is irrelevant. It is just as unconscionable to place an unsafe vehicle on the street (See, "Unsafe At Any Speed", Ralph Nader's book about the Chevrolet Corvair), as it is to knowingly market software which is embedded in a life critical application (e.g., a "911" call center, a heart pacemaker, etc.). The issue in each case is not to punish the vendor/licensor for an unknown defect, but to compensate the unknowing victims of the hidden, but known, defect, and to punish the vendor/licensor for his improper conduct in selling/licensing a product which is known to be materially defective in a way which can cause predictable harm. 4. It's silly and naive to say, or even think, that a "disclaimer" will act to save the vendor/licensor from defending a lawsuit when known defects are released to an unsuspecting customer who is then damaged. One cannot "disclaim" liability while withholding information about material, hidden defects. Anyone who thinks otherwise, and acts on those thoughts, should not be terribly surprised when the process server shows up at their door. Clearly, the time spent in such thinking would be far better spent in resolving the known defect, rather than conjuring up some futile scheme to avoid the forthcoming liability. Sorry, guys... but guidelines, developers, and even lawyers... have their place. Remember, also, that if a developer simply released software which had an unknown bug, that it will (hopefully) be a lawyer who successfully defends him. We are not seeking perfection, but only honest dealings.
_Mutex_ 8-Aug-09 4:44am
Case Study: Therac-25 The Therac-25 was the infamous medical linear accelerator that massively overdosed six radiation therapy patients over a two-year period. Three of those patients died shortly after their treatments form complications immediately attributable to the radiation overdoses. The case of the Therac-25 is troubling on several counts. first, the level of personal injury is disturbing. There is nothing pleasant about the damage that a massive radiation overdose can do to a human when concentrated on a small area. Second, the attitude of the manufacturer (Atomic Energy of Canada Limited AECL) was unbelievably cavalier in the face of such serious claims of injury. Even after lawsuits were being settled out of court with the famalies of deceased patients, AECL continued to deny that the Therac-52 could be the cause of the injuries. Their internal investigations were sloppy, their reports to the relevant government agencies inadequate, and their action plans distutbingly naive. As an example, their earliest investigations into the accidents did not even cnosider the possibility that software coul have been the root cause of the overdoses, even though software controlled virtually all relevant mechanisms in the machine. Finally, a thorough investigation revealed an incredibleinattention to rigor in the software development process at AECL. There appeared to be littlein the way of formal software product life cycle in place, with much critical work being done in an ad hoc fashion. Even critical systems tests were not necessarily documented or repeatable by engineers. In Leverson's report, tshe identifies the following causal factors: Overconfidence in software: !!! Confusing reliability with SAFETY: lack of defensive design Failure to eliminate root causes; complacency; Unrealistic Risk assesssments: Inadequate investigation or follow up on accident reports. Inadequate SOFTWARE ENGINEERING practices; software reuse; SAFE vs Friendly user interfacesp; User and Gevernment oversight and Standards. Anything missing ?? , We can't think of anything. It's almost unbelievable that such sefety critical software could be developed in such an ineffective fashion. REF: Embedded Systems Programming November 2000. ************ As some have posted, embedded programmers, and the rest of society live by this rule all day, in everything they do. If you drive a truck, you have to be responsible for driving it correctly, if you wire a house you are liable if you do the job wrong and kill someone. If you design a bridge and it has "bugs" (design faults) then you failed in your job as an engineer, (got it wrong) and if that mistake results in loss of property of life you are liable. Ask the engineer who designed the walking bridge that collapsed during the special olympics and a few people dies, he went to prison !!. Its only some arears of software development where there is an opinion that mistakes and poor engineering is accepted. It should not be, its a cop out and an excuse for poor quality work, programming is not an art, its a science and engineering disipline, same rules should and do allready apply.
lurgid bee 8-Aug-09 4:50am
This is the funny part ... "What's more, it could impose expensive obligations to scour support forums and the like for notice of problems, a procedure that would be overly burdensome for small developers, say critics." You mean Microsoft would have to actually respond to the reports of bugs? Pay someone, who might speak English, to review and track progress of reported problems? And this is the big one. Do you realize that according to the EULA of most of these big software companies, they could give us a dog log wrapped in lettuce ... instead of a CD with their buggy software on it and there would be nothing you or I could do about it. "Not even the implied fitness of merchantability ..." What is that supposed to mean? I say stick it to em and insterad try out my software on special at www dot retro reader library dot com.
dave.keays 10-Aug-09 7:54am
As a desktop developer 35 years ago who is recently entered the freelance web dev community, I have a few things to say. How can I be held responsible for deficiencies when I am not told and not allowed to discover what is deficient? A common request is to install "something like facebook". If you are lucky, they will provide you with a wireframe and you will lose the contract if you ask any more questions. How can "project managers" expect anything other than a shoddy product when they create an environment where it is detrimental to ask questions?
jcouture 11-Aug-09 7:02am
One possible future - Congress passes this and software companies start getting sued. Software companies start hiring more lawyers to find loop-holes in the law to avoid law suits (e.g. "We provide our software for free, but charge a fee for a key code that lets the software save data, blah, blah, blah"). A lobby group representing "the people" gets Congress to close loop-holes. Software companies get more lawyers to knit-pick the law to escape being sued. Repeat this cycle until it becomes to costly/troublesome to develop software inside the U.S.. Software companies move outside the U.S. to avoid further law suits. U.S. Software developers, engineers, QA all go to work at your friendly neighborhood Waffle House because we legislated ourselves out of being competitive.
zornwil 11-Aug-09 11:04am
Let's be clear, this "merely" extends the rights companies reserve when signing a REAL contract with a vendor of software to consumers, as it should be and as it exists in other realms. And as with companies, I don't think you'll see nor will courts tolerate (okay, in the mid-long term, granted we'll probably see stupid stuff in the short-term) "the browser bar's orange prevents me from working!" The issue as someone pointed above is MATERIAL breach, something that is a clear break, and while I fully grant this will introduce some gray areas and occasional controverial lawsuits, I also fully support this over leaving consumers without recourse for purposely poorly developed or recklessly developed software. I would expect that this will mean a whole massive listing of bugs and likely bugs by vendors just as pharmaceutical companies protect themselves with lists of side effects for medicines, but I think this is a far better condition than we have now. At least a list of bugs I can read, if it's worth it to me, and consult and make a decision about, just as with side effects, as opposed to simply signing my rights away with what is essentially a bogus "agreement" to run the software as today. I can't even begin to understand the hue and cry over the basic principle at work here. I understand the essential concerns over unnecessary or counter-productive litigation. So for those who take such umbrage with this proposal, by all means please make a counter-proposal. But certainly the current state of affairs is completely unacceptable, there's simply no reason that a purchase of software shouldn't have the same protections as a piece of clothing, some food, or a mode of transportation.
Carl Street 11-Aug-09 5:11pm
I sincerely doubt the solution to software deficiencies will be found by judges who probably still have 12:00 blinking on a VCR somewhere and juries who believe that a mouse click is a rodent populated closed social group. The only REAL law that will be implemented will be that of unintended consequences -- brace yourselves for increasingly idiotic regulation all borne out of "good intentions" -- I can see the day when we will be required to wear helmets, safety goggles, and seatbelts to use our systems; T-1 lines will have speed limits and crash proof car seats for kids playing on line games. Apparently, despite eons of irrefutable negative historical evidence the doo-gooder little old ladies of either sex now believe they will get it right and save us, once again. I ask little of the Deity other than being saved from the saviours!
Privacy Paramount 12-Aug-09 1:29am
I'm much prefer the starting point be: EULA available OUTSIDE the sealed software box... no more 'please sign your rights away. we'll tell you what you've waived after the product is no longer refundable'
nicholdraper 13-Aug-09 4:03am
I'm surprised that the open-source community is against this provision. Open-source projects don't have "known hidden defects." All this would do is force commercial vendors to place their bug databases on the Internet. Its just a dumb law, since known or unknown the defects are what differentiate successful companies from unsuccessful ones. And just not hiding defects will do nothing. Any large project deals with thousands of issues, bugs, enhancements, just publishing these databases won't solve anything.

Sign up to receive InfoWorld Resource Alerts

Subscribe to the Today's Headlines: First Look Newsletter

Find out what will be news for the day, with our first-thing-in-the-morning briefing.

©1994-2010 Infoworld, Inc.