Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • I believe it would fundamentally alter it. Instead of rushing to see how fast we could get our products to market, more time in software testing, penetration testing, fuzz testing, etc.

    Do you have any evidence on which to base this belief? Would the natural response not instead be to divert more money to lawyers and compliance officers?

    Does this mean you would no longer be able to post code to Github, Sourceforge etc. without first performing security audits and CYA?

    --
    -- Ed Avis ed@membled.com
    • There is a fundamental issue well-known to economists that when a good has negative externalities [wikipedia.org] (e.g., pollution), then the forcing those generating the externalities to internalize those costs is widely considered the fairest way to deal with them. The problem is really trying to assess what those costs actually are and which manufacturers are responsible for which portion of the costs (the devil is always in the details). Since software manufacturers clearly generate a product with negative externalit

      • A product does not have negative externalities merely because it harms its owner. If you want to pour diesel in your own fish tank, so be it; only pouring it into the local river is an externality. So just saying that software makers have a shoddy product is not enough to put them in the same category as noisy concerts, polluting factories, and view-blocking skyscrapers.

        Of course, there are negative effects to society as a whole from the existence of botnets, but that is true for almost any product: a car manufacturer is not liable for the effect of traffic jams, although individual car drivers may have to pay congestion charges or taxes. There are also many positive externalities from the use of software, but software makers don't get special subsidies because of those. They make a product and consumers decide whether to buy it or not. The good and bad features of the product are taken into account by consumers when deciding what to buy.

        Now, if consumers are not equipped to make an informed decision, or if market distortion such as monopolies stops them exercising a free choice, then there is a case for regulation. However I really doubt that legislators, civil servants or lawyers would do a better job than individuals of choosing which software should be allowed.

        --
        -- Ed Avis ed@membled.com