From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu)
Subject: Support the Sasser-author fund started 

On Thu, 13 May 2004 15:55:34 PDT, Mister Coffee <live4java@...rmcenter.net>  said:

> It doesn't excuse their business practices, or the original code flaws, but
> writing bad code isn't illegal.  Lame perhaps.  But not illegal.

And be careful of unintended consequences of any attempts to make bad code
illegal.

Remember that Microsoft is sitting on $52B in cash, and can afford to fight
a charge of "criminally negligent coding".  There's very few open source
projects that can bankroll a legal defense if their programmers screw up.

If you make programmers liable to civil actions for their screw-ups, then it's
possibly almost workable - programmer insurance similar to medical malpractice
insurance will spring up, rates will be set according to the perceived risk of
frequency and cost of errors, and life will go on, more or less.

Also - remember that there's a distinction between civil liability and criminal
liability.  Doctors become doctors because they can afford to pay for
malpractice insurance (I'll overlook the issues in high-risk specialties).  On
the other hand, it's *very* hard to get a doctor convicted of criminal
negligence and sent to prison for the simple reason that if the standard for
getting sent to jail was anywhere near as low as for losing a malpractice suit,
we'd have no medical profession left.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040513/217a7e0e/attachment.bin

Powered by blists - more mailing lists