Re: Re: January 15 is Personal Firewall Day,help the cause

[Valdis.Kletnieks () vt edu]

On Sat, 17 Jan 2004 21:02:16 +0100, jan.muenther () nruns com said:
> I'd love to see liability laws applied. 

I can't think of anything that would stop Open Source in its tracks faster.

What would have been the last Apache release before they gave up, if they
had been open to lawsuits for each security hole?

When would Linus have thrown in the towel? Probably LONG before OSDL
stepped in.  It sucks to be a college student with a lawsuit.

How many other open source projects would just pack up and leave if they
had to worry about lawsuits?  Remember - it's not just security, it's reliability.

Would the mySQL guys have done it if they had to worry about a lawsuit every
time mySQL crashed and corrupted a database?

Would Larry Wall have done Perl if he had to worry about a lawsuit when some
Perl bug hosed up a CGI and took out a web server?

For that matter, is there *anybody* out there who'd release software if they knew
they could be sued if their software crashed?

Comparing liability for software to (for instance) liability for car
manufacturers is a total red herring.  Car design is well understood, but even
more importantly, the class of hazards to design against is fairly restricted.
You build a prototype, and if you beat the hell out of it for a few days at the
test track, you almost certainly have almost all the oddball cases covered.
Tight turn, wet pavement, something jumps in front of you, and cars will behave
pretty much the same. The outcome depends only on your speed, your tires, your
car's mass, and the general mass of the animal.

The difference with software is that if it's an SUV, it doesn't catch fire if
it's a green bear, but the back hatch pops open if it's a purple bear.  But then,
maybe it does - SUVs never run into green or purple bears.  But software does.
All the time.

Attachment: _bin
Description: