 |
|
| technology > computing |
![[CNN Money]](http://i.cnn.net/cnn/images/main/fn.logo.newsnet.gif){kind=logo}
![[SI.com]](http://i.cnn.net/cnn/images/main/si.logo.gif){kind=logo}
( | |
 |
|
| |
| |
EDITIONS: | |
MULTIMEDIA: | |
E-MAIL: |
Subscribe to one of our news e-mail lists. Enter your address: |
DISCUSSION: |
CNN WEB SITES: |
 |
TIME INC. SITES: |
CNN NETWORKS: |
|
SITE INFO: |
WEB SERVICES: |
Protecting consumers from lousy software
|
(IDG) -- There is a well-worn argument against the Uniform Computer Information Transactions Act (UCITA) -- and in favor of consumer software rights in general -- that goes, "Software isn't guaranteed by companies the way other consumer goods, like cars, are."
That is certainly true, and I deplore the fact that there are software companies out there which not only foist schlock on an unwitting public, but call it production-quality software. However, I also can't agree with the general prescription offered to solve the problem. Making all software companies responsible for all defects in all software will invite suits and settlements like of the infamous McDonald's "Warning: coffee is hot" case. (Those who aren't already familiar with UCITA can find relevant information in the Resources section of this article; the facts on the McDonald's case are also there.)
Bugs? What bugs?
The problem lies in the nature of software programming itself. While any computer novice will tell you, "It's easy -- just don't put in the bugs in the first place," the rest of us know that this is akin to saying, "It's easy -- just pole vault without ever falling down." To hold software companies absolutely liable for software is like holding all pole vaulters liable for falling down. After all, the people in the audience paid their money, they deserve a good show. I can imagine the class-action suits now, and even the end result -- the pole-vaulting promoter going out of business, along with the pole-vaulting arena, with the end result that the audience now has no pole vaulting at all.
A car can be guaranteed -- it's mechanical. But software isn't, and even the best-written code will stumble on occasion. You can't test software for all defects, and I guess the pervading belief that you can do this is at the root of an even worse problem: the reluctance on the part of companies to admit to the need to issue patches, or report bugs or security holes. While the mythical "perfect software package" is an ideal we should try to live up to -- and which open source attempts to facilitate -- it isn't reality. Unfortunately, the companies who admit to the fact that their software isn't perfect are punished in the marketplace or in the media or both, (see Resources for some examples), and so the industry tries to hide patches behind names like "service packs" or "upgrades," and refuses to take a realistic stand on vulnerabilities. If we could dispel the myth that software is a consumer product "like cars, toys, or food processors," and let the truth be known about bugs and vulnerabilities, then perhaps patches, fixes, and security issues could come out of the closet and take their rightful place before the public eye, which is precisely where they belong.
| MORE COMPUTING INTELLIGENCE |
IDG.net home page
|
| How to copyright your software and choose a license |
| A guide to rights in Net content |
| Web site helps hunt down pirates |
| Pirates lag behind Win2K launch |
| Reviews & in-depth info at IDG.net |
| E-BusinessWorld |
| TechInformer |
| Questions about computers? Let IDG.net's editors help you |
| Subscribe to IDG.net's free daily newsletter for IT leaders |
|
Search IDG.net in 12 languages |
| News Radio |
Fusion audio primers
|
|
Computerworld Minute
|
What is software?
Software isn't in the same product category as cars -- if it were, you would be able to sue manufacturers for defects. And software isn't a service, either -- if it were, you could sue programmers for malpractice.
So then what is software? Well, I have my own ideas on what software is, but my editor has me under strict orders to stick to one point per column, and so I'll have to return to that another time.
In the meanwhile, I ask you to bear with me and consider that software is something "else." Everyone keeps talking about this Brave New Economy of ours, and how it's different, and then they go around applying the same old Old Economy rules, like this idea of a "guarantee" for a "product." So let us assume that all of this software really is something new, something that perhaps falls into that strange and murky nethercategory of "intellectual property," and let's take a look at it from another perspective.
After all, it's less important to figure out what software is than it is to figure out how to protect consumers from those who do software badly. So what we need is to come up with some kind of system that OKs quality software, while it either punishes (or at least doesn't OK) bad software.
We're from the government, and we're here to inform you The US State Department provides an advisory service to US citizens who are travelling abroad, so they can avoid the countries that currently hate Americans the most violently. Now, when the State Department says it's OK to travel to Britain, but not OK to go to Libya, it's not guaranteeing that you'll survive the trip to the former and be taken hostage in the latter. You could easily be hit by one of those cute double-decker red buses in London and die -- or visit Tripoli and have a wonderful time (um, I guess). The warnings offer travelers a way to gauge the level of safety (or lack thereof) for their planned vacations. Every experienced traveler knows to check the State Department advisories before taking a trip to an unfamiliar destination. If similar, centralized information were available on software safety, it would be easy to teach computer users to access a centrally run database of software warnings. But such warnings are currently spread over many sites, and are not particularly accessible to the average consumer.
If the government oversaw a similar database, then computer users who trust the government could sign up to receive email alerts when patches or bug fixes become available for the software they are running, and those who don't want the government to know what they are running could use ZeroKnowledge or some other privacy-protection service to access the Website regularly and anonymously.
The point is that the information would be centralized, readily available, and easy for the average user to understand. We constantly tell Joe A. User that he should keep his box secure, but the fact of the matter is that most people, unlike ourselves, have lives -- and just don't have an extra 30 hours a week to devote to visiting the top 10 security sites regularly and keeping up with Bugtraq. You probably wouldn't be interested in Joe's hobby, either, so if you agree that security is important, it has to be easy.
RELATED STORIES:
Technology - Software-licensing regulations pondered in Maryland
February 28, 2000
Microsoft files piracy suits in two states
February 25, 2000
Opinion: Who invited the pirates to the Linux party?
February 3, 2000
Controversial software licensing law approved
August 2, 1999
Opponents blast proposed U.S. software law
July 12, 1999
RELATED IDG.net STORIES:
IDG.net
Of copies and rights
(Network World Fusion)
A guide to rights in Net content
(CIO)
How to copyright your software and choose a license
(Linuxworld)
Will a Web startup replace the copyright office?
(The Industry Standard)
Web site helps hunt down pirates
(Computerworld)
Pirates lag behind Win2K launch
(Computerworld Honk Kong)
Free speech or DVD piracy?
(Linuxworld)
Making the grade
(Linuxworld)
RELATED SITES:
Writers Against UCITA
Cem Kaner's Bad Software page
Papers on the Law of Software Quality
The Actual Facts About The McDonald's Coffee Case
Note: Pages will open in a new browser windowExternal sites are not endorsed by CNN Interactive.