|
|
By Declan McCullagh
Staff Writer, CNET News.com
August 26, 2003, 4:00 AM PT
Thomas Leavitt, a system administrator and veteran of three Silicon Valley start-ups, has dealt with computer worms and viruses before.
But the severity of last week's Sobig.F and MSBlast.D attacks got him thinking harder than ever about a cure. Finding and punishing their anonymous authors would be a start. But shouldn't Microsoft also be partly to blame?
Civil engineers very rarely make a mistake, and when they do it's a career-ending one, Leavitt said. The software we're using at this point has the potential to create damage as bad or worse.
Microsoft's security failings may draw repeated beatings in the court of public opinion, but they will likely never be tested in a court of law unless current product liability statutes are rewritten, legal experts agree.
Problems with physical products routinely yield multimillion-dollar verdicts and settlements in litigation-happy America. But software vendors are largely protected from product defect claims thanks to unusual exemptions enshrined in typical software licenses--boilerplate known in the industry as End User License Agreements (EULAs) or shrink-wrap licenses, so called because they're often printed inside the shrink-wrapped box containing the product or incorporated into the software itself.
These agreements normally take effect as a condition of installing software, and they ordinarily require customers to waive their right to sue over alleged defects. Such EULAs have been repeatedly upheld by the courts.
Unless someone is injured or dies, it is almost impossible to successfully sue a software publisher for defective software, said Cem Kaner, an attorney and professor of computer science at the Florida Institute of Technology. The serious proposals to change software law have primarily been to reduce software vendors' liability even further. The most recent battles involve embedded software. You might soon discover that when you buy a car, the body is covered by one set of laws but the software that controls your brakes, fuel injectors, etc., is covered by a different set of laws that are more manufacturer friendly.
Microsoft's security practices have been in the spotlight before over alleged lapses, but the astonishing speed with which Sobig.F and MSBlast.D overwhelmed corporate networks has put the finest point on the problem in years.
Source: CNet News
"
|
|
|
 |
|
No Comments Allowed for Anonymous, please register |
|
| |
|
Login |
|
 |
|
|
|
|
· New User? · Click here to create a registered account.
|
|
|
Article Rating |
|
|
|
|
|
|
Average Score: 0
Votes: 0
|
|
|
