|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: product liability (was 'we should all be uncomfortable with theextent to which luck..')
> > > A check in the mail would be a better incentive to administrators than
> > > "automatic" updates.
> >
> > I think this is flawed.
>
> I'm also not sure how the logic works. If MS had to send me a check
> everytime they screwed up and it possibly cost me some time I'd never
> install a patch.
>
That's beacuse your giving the check to the wrong person for the wrong
reason. If M$ had to shell out a check to everyone who was hit by their
errors (all the sysadmins and other people who've spent time cleaning up
after the web servers they don't run that casued them problems), then
it would incentivise M$ to not release such disastrously bad code.
Think of it as the payoffs to the family in the small car that the
Ford SUV crushed when it flipped after the Firestone tire blew
out. It's not that Ford/Firestone pay every customer when they screw
up,
it's that Ford/Firestone are forced to either ACTIVELY resolve their
problems or face serious financial consequences in damages paid to
those they've harmed. Unfortunately, for some reason, we tolerate
software companies providing such bad products with no liability
whatsoever.
> > Because as long as humans write code
> > and make silly mistakes you will continue to see security vulnerabilities.
> > It's not just a Microsoft problem. It's a Microsoft, Linux, *BSD,
> > Solaris, Cisco, <insert vendor name here> problem.
>
> Its also just a problem of *never* being able to plan for all
> possibilities in a test environment. Its impossible to do this. Hell,
> most of the people doing research in networking are really just trying
> to figure out what the hell we've actually created. The behaviour we see
> in a lab, test network, or elsewhere doesn't necessarily predict how a
> given piece of code will interact when released into the wild.
While that is true to some extent for the current state of the art, it's
also true for testing vehicles to some extent. However, vehicle tests
have gotten a whole lot better because an emphasis has been placed on
testing by the product liability involved. Since software manufacturers
have little or no accountability in this regard, there is little
advantage to them in emphasising improving in this area. Result, we
continue to drive software which careens out of control at the drop
of a hat and wonder why we have multi-server pileups on the information
superhighway.
Owen
--
***********************************************************************
"Every time you turn on your new car, you're turning on 20
microprocessors. Every time you use an ATM, you're using a computer.
Every time I use a settop box or game machine, I'm using a computer.
The only computer you don't know how to work is your Microsoft
computer, right?"
- Scott McNealy, CEO of Sun Microsystems, Inc.,
from an April 1997 interview in Upside Magazine
***********************************************************************
"One World, One Web, One Program." - Microsoft Promotional Ad
"Ein Volk, Ein Reich, Ein F�hrer" - Adolf Hitler
|