...it's not fit for purpose shocker!
We already knew MS wasn't.
Microsoft and the Linux Foundation have penned a joint letter to the American Law Institute, in opposition to its proposal to create an implied warranty that software goods ship with “no material defects”. The odd coupling between the openista group and software multinational came about over a common beef the two parties had …
This is horrendous for two reasons,
The lawyers are only trying create artificial business, imagine the number of law suits that this will create over spam, malware, virus, bugs and software errors. I’m not really surprised at this as I have a fairly low opinion of the legal profession anyway.
The software companies are saying “our product may not work correctly – tough shit”. Would we accept those sort of terms and conditions for our cars, airplane, and critical medical equipment.
The proposals outlined by the ALI “interfere with the natural operation of open source licenses and commercial licenses…” MEH! How date they, everybody knows that that is Micoshits job.
On second thoughts, I’m with the legal profession on this one
This post has been deleted by its author
Lawyers try to do something that will result in a tremendous amount of unnecessary litigation? What a nefarious crime! Who could benefit from such a scheme? oh wait....
What do they mean by material defects anyway? Material such as that related to the functionality of software, or material as in related to the packaging?
So Zemlin says "implied warranties that could result in a tremendous amount of unnecessary litigation" and he wonders why an organization that seems to represent the legal profession would be in favour of increased trade for their members? Go figure ...
Seriously though, what the heck do they mean by a 'material defect'? If they mean bugs, then to expect software to meet this is like expecting no punctuation, grammar or spelling errors in a novel, or expect a painting to be of photographic quality.
Haven't they (the US legal community) got enough mansions, gold-plated Hummer's, etc on the backs of IP trolling without starting a new venture? A zero defect clause would benefit no-one because it's just not realistic - certainly not without a lifetime of testing. No significant piece of software, bridge, ship, plane, automobile can be 100.0% free from defects - they have to be 'good enough' or the makers have to have taken 'reasonable care' to eliminate defects, (the level of 'reasonable care' obviously being a lot more for a nuclear power station than a toaster oven). That's good enough for me.
@"Linux admits..." (AC 11:59). Sorry, I don't see where either organisation said anything about the quality (or otherwise) of their current offerings. Grow up and go back to using iPaint on your Mac (not that I personally have any beef with Macista's).
(Flame icon because I usually get irate when I see most stories involving either the US legal or patent systems.)
...we already know that high-assurance software can be had on the market for specialized tasks on specialized hardware (but may still exhibit 'bugs' or 'working as designed' flaws during their operational lifetime). Contracts for that kind of software do not start below several million dollars _per customer_ and insurance companies / the lawyer sweat tanks demand a cut. Wanna pay out of your spare personal income? Be my guest.
>> Would we accept those sort of terms and conditions for our cars, airplane, and critical medical equipment.
Because people own critical medical equipment and airplanes. Cars are high-volume but I hear the software in there is like sausage and currently moving in the wrong engineering direction of complexification and microsoftation.
***"The software companies are saying “our product may not work correctly – tough shit”. Would we accept those sort of terms and conditions for our cars, airplane, and critical medical equipment."****
What do you want? Cheap (or even free) software with the "tough shit" clause, of *feckin* hugely expensive software without it. Your choice.
While warranty on software products sounds like a good idea for consumers on the surface, in practice it could have all sorts of unintended consequences and problems:
- it would stifle innovation and competition (no one would dare release betas, experimental features and so on, whereas the community is general clamouring for new releases as quickly as humanly possible, warts and all);
- it would inevitably increase price, possibly quite substantially, to pay for all the extra testing and lawyer's fees;
- it would strengthen the hand of people like Apple saying you can't run our software on hardware that it's not qualified to run under because that will invalidate the warranty;
- you're likely to see all sorts of petty limitations such as software that refuses to launch if it detects that your machine doesn't have enough RAM, that you're using an incompatible default browser, etc.
- how's it supposed to work with freeware? If a software publisher gives away a utility for free, do you still expect them to provide a warranty and be able to sue them if it doesn't work?
- many if not most software defects are caused because a computer is a complex system involving interaction of many components, some of which may change over time. If you install a piece of software one day and it works, then a year later you upgrade a crucial system library that it depends on and your purchased software falls over as a result, who is liable?
Does anyone seriously think all this would be good for anyone other than the lawyers, least of all the poor consumer?
Even if a requirement for a guarantee is introduced, I can see a massive get-out clause for Linux.
Free Software supplied in Source Code form should be treated like flat-pack furniture. The parts are guaranteed to fit together, is all. What you do with the article once you've built it is beyond the remit of the supplier. It's entirely up to *you* to verify its suitability for a particular purpose -- which might require you to engage an expert to assist you.
The Source Code allows you to go up to any programmer who knows the language in which it is written and say, "Will this program do what I want?" And if the answer turns out to be no, then the Source Code also allows any programmer who knows the language to *make* the program do what you want.
To all intents and purposes, the Source Code *is* the guarantee.
At last, it will OBLIGUE ANYBODY wanting to release a 'finished' product to be RESPONSIBLE of it.
Of course, open source will be allways able to release 'beta source code' so anybody will be able to compile for themselves, and share the blame.
But closed source or binary form releases will have to be PERFECT. ZERO BUGS.
It is past time that software gets the same quality level mandatory for other fields of engineering. Welcome to _defensive_ programing, where the programmer has to spend the time to be SURE that has all exceptions covered -> more time working-> more income.
Of course it will increase cost of software, so what? It will also mean that there are more people involved in it, and will stop this nosense spiral of upgrade.
All in all, i only see benefits for all parts involved.
Of course I may be wrong, but i don't think so.
'Would we accept those sort of terms and conditions for our cars, airplane*, and critical medical equipment.'
No we wouldn't which is why critical software is tailored to a specific purpose that doesn't change, 3rd party add-ons are forbidden and the developers charge astronomical prices for it. Keeping a desktop OS bug-free while you have Joe Bloggs installing/uninstalling any random piece of crap every day and doing no routine maintenance is practically impossible.
I am sure that if you asked Microsoft or any Linux distro to tailor the OS to your specific requirements and secure it by ensuring it cannot change ever, they would be more than happy to do so. Once you have handed over the £000s they will charge you for the customisations.
*That would be an aeroplane would it?
I like the way Dan Bernstein phrases it on his djbdns page: "Like any other piece of software (and information generally), djbdns comes with NO WARRANTY."
Of course, this should only hold for open-source software, where you, and anyone else, can read the information. Closed-source software, being unreadable for humans, should come with full warranty and responsibility for the distributor.
As a consumer this is great, if i get a game that is buggy to crap and crashing all the time, i means i would be able to take it back and get my money back (specally as msot games currently are supported for about 3 months then forgotten about). In the short run it will be different but would promote more QA time , more testing and better for the consomer.
As a developer its a bit annoying but so is bug fixing anyway , we can;t account for all scanarios every single time and again in terms of games serious bugs on consoles are still out of line (you know what hardware you are running on) on a pc its a different story with different hardware configs etc.
As a retailer this would be utter utter hell. People will take the micky, complete the game then bring it back saying "it didn;t work" for it to work there would need to be a cnetral store of known bugs (which would be hard as the developers, creators wouldn't want to admit to them), but the customer would still nto want to follow any set out procedures and knowing what the managers were like from when i worked retail, they would just say swap it and then moan a week later about the swap anyway!
is basically what this amounts to, no software can ever be guaranteed to be 100% defect free, no matter how simple.
Admittedly, there has been software released with defects which really shouldn't have gone through, but you'd need a classification system around the severity, obviousness etc before you'd get anywhere.
As "Ponder Stebbins" says
Would we accept those sort of terms and conditions for our cars, airplane, and critical medical equipment.
I have never been able to see why software houses are allowed to say - "Hey product liability laws don't apply to us" only to everyone else. It's a bit like politicians... :-)
If you sell me a piece of software and it doesn't work, I should be entitled to get my money back as a minimum redress, even if I can't sue your ass off.
With Linux, I don't pay them any money for the software, I may CHOOSE to pay them for the media, or for support - but I don't pay them for the software. I can download a copy with the authors blessing, of I can copy CDs etc...
So I don't see why I should have any redress. If it doesn't bloody well work I can fix it, at least I can when I can be arsed!
But for M$ stuff, I pay them, they want my good money, I want good software in return. If it doesn't work (or rather when it doesn't work) I should be allowed to have my money back till they can make it work. Let's face it, I'm not allowed to fix it.
At the moment their lawyers insist on having an EULA which say, "In return for your money you ain't entitled to jack s**t"
How they can claim this after the act of implied sale (ie the exchange of money) I've never understood. But since I don't have the money to sue M$ there is no point in trying.
Change the bloody law
If you want to sell software, or sell software licenses, then write something worth paying for!
Stop trying to hide behind hidden contracts that aren't even visible till after the actual sale.
so long as you can make sure when it's self-certified "definitely fit for purpose". So most IT people wouldn't roll out Windows 7 until it was certified as being perfect, at which point it'd fail spectactularly and MS would die under metric tonnes of litigation. Some could be passed off to the people who write the device drivers, but most of the crap would accumulate in Redmond.
Linux, however, can sail along with self-certified kernels that really do work perfectly, checked in great detail. Then the distros can wrap whatever crap they want around it, safe in the knowledge that they've got a stable, secure, reliable base.
Of course, you'd not certify software as "fit for purpose" until you actually knew it was.
So you still need more lawyers to sort out all the paperwork, but at least it'd favour an Open Source model- and as it'd not be compulsary no-one could really moan about it stifling innovation.
Material defects as in the software doesn't perform as expected.
The lawyers are trying to write into law something that isn't feasible. If it does make it in to law, you can bet that there will definitely be a rapid decline in innovation and software/hardware releases. (Your hardware has embedded software in it.)
There's a pretty serious ripple effect.
First there will have to be some sort of professional licensing or criteria that all developers must have at a minimum. (Like an engineering degree from an accredited 4 year university )
Codified Best/Acceptable Practices that all developers must follow and it must be documented in case of litigation.
Probably a de-evolution back to Waterfall development methodology. You want to have a defined set requirements document with no or minimal scope creep. Sorry but Agile development would potentially introduce too much risk and a greater chance of litigation.
You can also bet your bottom dollar that offshoring will suddenly drop due to the potential litigation.
While the lawyers will attempt to make out like bandits, the real winners are those who design software development tools.
I can understand where MS and the Linux foundation are coming from.
How are either supposed to make 100% sure that their software works on 100% of the machines made. Seeing they support millions upon millions of combination's of hardware and software. Truthfully MS OS's are pretty stable IMO the instability starts coming with some of these hardware manufacturers half assed drivers that don't play nice with each other and likes to install TSRs to use the hardware they made that conflicts with something else that is running.
So technically if they get that passed MS and Linux distros will have to go the apple route and make closed systems that their OS is specifically tuned for to work 100% on and will not work on any generic brand computers released by competitors.
Now if this law would pertain only to drivers and firmware made by hardware manufacturers than it would be a good step.
If everyone who wrote software had to guarantee it to be free from material defect there would be no IT industry at all. It would fairly stifle any will to develop software of any kind.
Of course, in ye olde days of lore, software _was_ guaranteed and fit for purpose because it went from a highly detailed spec or algorithm from a certified Systems Analyst to a lowly programmer who knew one language extremely well (say, COBOL -- it was actually a legal requirement in some industries, or some variant of Assembler) who's humble task was merely to actually implement said spec or algorithm with NO DEVIATION (how he did it was not really important) and NO SELF-OPINION or free interpretation of his own. There was no OS war, no "my programming language is better than yours" or you would simply be fired.
Said software was delivered on time and in budget and did what it did, usually very little when all said, extremely well. It very often still is, 30-40 years later. It was the basis on which the mainframe epoch was built.
Software developers are taking potshots from people demanding they hit a bullseye on a moving target. Hardware continues to follow moore's law and my old saw of not adopting new software until the underlying hardware has been on the shelves at least 18 months is in need of revision as personal computing software struggles with multicores while the world moves onto netbooks with their heads in the clouds. The job of software developers has become apparent as everyone wants to be a rock star starring in a movie about their life. People want to be able to upload a hollywood version of their sad lives onto youtube, or some such place, and, do it all with a few clicks of a mouse. The hardware is on a pace to provide the means for such a worldwide circle jerk but writing the software is proving to be a bit of a bitch.
A satisfactory solution might see an explosion of geek maintenance companies dedicated to tweaking individual's personal computing devices on a daily, or, at least weekly basis. The software developers have to stop bullshitting the public with exaggerated claims echoing up from their mom's basements about how they finally done it all. Until then personal computing on all platforms remains, quite happily in my case, in the hands of those capable and willing to log the long hours enabling maximum performance from their many, varied toys.
PH because she is the archetypal, brain dead, tech zombie, "I don't deserve to be famous, but I need to be and will do anything necessary to be famous", too fucking stupid to own a computer, tech consumer.
What's wrong with an implied warranty that the product does what it is supposed to do? This is the case for most products out there, why should software be treated differently? Software makers have had it too easy too long, and Microsoft has had its fingers for too long in that pie. They've trained the users over 30 years to accept critical faults in important software. It's time to put some consumer protection back into software sales, and stop that kind of asinine attitude that software cannot be made reliable.
Unfortunately, the American Law Institute requires one to pay for the privilege of reading their stuff. That right there tells me that they're more interested in creating more revenue for lawyers than actually protecting the public. Which in turn implies that their proposal isn't necessarily the best to force software providers to consider quality and fitness of purpose.
So I'm torn on this one. Yes, we need to enforce some better consumer protection for software. But do we do it in such a way as to create a bonanza for lawyers, or in such a way as to truly protect consumers? I'd go with the latter.
All the people here who are bleating that making software companies responsible for making their products work would kill the software industry are just plain wrong.
It is not impossible to write good quality software. It is just that at the moment most software companies don't seem to put quality very high up the list of product requirements. If they can save a few bucks on their development costs that is seen as being better than applying a little more thought doing it right first time.
I'm sure if you have talked to people in the car industry in the seventies and said "you shouldn't be allowed to sell cars that rust to pieces within seconds of leaving the showroom (if they even lasted that long)" they would have told you that making such a requirement would kill off the whole of the car industry. Then the people did start to make cars that lasted, the others were forced to compete or die. The problem in the software industry is there is not enough competition, and the virtual monopoly products aren't of saleable quality. Given a choice between broken products and working ones customers would vote with their wallets. The software industry would get off its collective lazy ass and start writing something decent. Perhaps if they did they would learn that they'd save a very large fortune in the support costs and that all the programmers currently employed in fixing the junk the original development team through together could then be re-deployed in writing new software they could sell.
"Developers should just write good quality software that works"
So who's fault is it if the OS vendor changes a system library that an application depends on (perhaps because a security flaw is found) and the application *subsequently* stops working??
"The problem in the software industry is there is not enough competition"
How exactly will imposing strict liability and warranty for software help?? The more regulation there is, the more barriers to entry there are for small independent software vendors to break into a market. It will only be the large monopolies who'll be able to afford the teams of lawyers and testers necessary to release anything!
They just need to change “no material defects” to “no KNOWN material defects”.
Buying software is much like renting a porn video. You can't trust the promises on the box for either of them. The packaging may be great, but the contents could be shit.
Too often, software companies ship software that they know is incomplete or has major flaws. Promised (on the box) features may be unusable or completely missing in the release version.
If software companies built cars, the advertising would be: Fast - 0-60 in 3.4 seconds! Safe - 12 air bags! Looks great! Smooth ride!
But after purchase, you would be told: "Brakes? We're working on brakes. We hope to have brakes in the next version."
Nobody's perfect, so I can deal with incompetence. Just don't lie to me, or I'll sue you.
The software works as designed. It's -designed- to behave that way when your hardware appears to be in that state. Maybe you should look into why your RAM contained data that looked like an exception, or why your video card stopped responding...
Or for the entire OS/device driver issues, where it is common for a device driver to use undocumented, unsupported features (spoken "Bugs"). When the features are removed/fixed in a later SP, the device driver no longer works. Who do you blame for that? The person who wrote the driver that worked until you changed the underlying architecture, or the person who -fixed- the memory leak in the underlying architecture? For that matter, once you and your lawyer have looked into the problem enough to prove who is to blame, you can just fix it.
Flames for to burn the evil empire of lawyers.
Lots of people above saying "Write bug free software". I guess this is from people who don't actually write software. You can spend a huge amount of time (and I do) writing code that appears to be bug free. It passes all the tests you and others can think of, and does what it says on the tin. This takes a long time. A very long time. A very very long time. Way in excess of the schedules that the people complaining above (as customers) force upon the developers v ia the ocmpanies making the product. It also costs a LOT of money, money that those people above (as customers) don't want to spend on the product. Do you people want to wait 4 years for the next version of your mobile phone, that cost 10 times more than the current one? Probably not. Do you want to wait 6 months, pay peanuts, but get something with a few bugs in that don't really affect the phones usage?
Of course, even if you do do all the above, and create a 'bug free' piece of code (let's say about a millions lines of code, that takes 10 years - starting the get the picture?), how do you PROVE it's bug free? That, I am afraid is impossible with current technology. Testing isn't good enough, something will fall through the cracks. There are no automated tools that can do it.
In general, most software out there is fit for purpose, with maybe a few bugs affecting obscure bits/combination's of actions. Generally, bugs that are found are fixed (even MS fixes bugs occasionally). Ok, some companies SHOULD spend more time before release, to get rid of some of the more obvious issues, but on the whole, things are not too bad. Even Vista appears to work on the other half's PC, and Ubuntu works on mine.
Many of the commentators on this story don't seem to realize what "material" means in legal jargon. The proposal isn't that software must be 100% bug free. It means that the software developer provides a warranty against "significant or substantial" (ie "material") defects in the software.
Speaking as a professional software developer, software development practices are generally atrocious. Most development shops don't followed even the most basic of best practices when developing code. It's hard to be sympathetic towards my own industry, as I know that it pays the bare minimum attention to software quality. Putting into place an implied warranty that would at least require software companies to address the material flaws in their products seems completely reasonable. A wide range of other industries live with this requirement, and it hasn't apparently crushed their ability to innovate and deliver new products.
***"All the people here who are bleating that making software companies responsible for making their products work would kill the software industry are just plain wrong."***
Nope, it won't 'kill' the software industry. It will just make software development a much longer and, therefore, more expensive process. And that cost will be passed on to the customer.
So how much are you willing to pay for your software to ensure its defect free?
If this "lets create loads more business for lawyers" plan goes ahead then it needs to take into account versions. Fucking lawyers.
Lets say that my program foo is stable for release 01-00-00, then if add on some bleeding edge functionality - basically a quick hack so that it can do x, and I tag it as version 01-00-01. Then you can't sue me as the version number is not STABLE.
You can only sue me for version 01-01-00, when we consider this functionality stable.
That seems reasonable to me, hopefully the lawyers would buy it, then watch every project stay in an xx-yy-zz tag where zz!=00
You know that doctors only ever "practice" medicine
There are no guarantees with medicine. There are a lot of ambulance chasers in the 'States but it has to be an egregious case to actually collect on the malpractice insurance. (Otherwise the insurance companies wouldn't offer any.)
The software developers can never claim to do more than practice their trade because there are certain standards that the practitioner of these dark arts would be held to otherwise.
That would require examinations, board certifications, best practices, standards and years of training before they would let anyone loose on a keyboard. Since its not rocket science, the developers have gotten away with that kind of substandard, amateurish crap-fest and cluster-f*ck
BTW. if airplane pilots were held to the same standards, there could/should/would be no commercial aviation and nobody would even get onto an elevator because they couldn't/shouldn't/wouldn't trust that the architects to know enough to line up the holes from one floor to the next.
I sort of like it, it would just mean most software would disappear overnight, who would take the risk of letting others use their code.
There will be only Stallman, De Raadt and Torvalds on the Net, and it won't be the Net as we know it, it will be a little LAN they will have cobbled together, from stray bits of Fibre.
This is the thing, if people prepare for this and it doesn't happen who pays for all the development time folks put in, so they can run their own software post the 'no material defects or you get sued epoch'.
I for one welcome the challenge but I am not going to feel like a chump when it doesn't happen. They better not bottle this, if they think that software should only be released to others with no material defects then they better stand behind that conviction. I will be suing anyone who dares to release software with a material defect to me, when this goes through.
Right what to do first, I suppose a kernel, then some basic build and admin tools, then a compiler probably best to start with an assembler, now AT&T syntax or Intel hmm, choices, choices.
In the democratic world (outside of America) , if this became law, it would not have any effect.
Things like Linux and in particular , Ubuntu are beyond the reach of American law.
Such a law would only help to generate software in Europe and Asia, while America stagnated.
Would put America even deeper into an economic meltdown.
To avoid the consequences of the law in America, you would have revert to something simple like DOS.
Good luck to you.
The easy way to deal with the "no material defects" concept would be to promise to ship your software on only the finest CD or other media.
Then argue vigorously that the software itself isn't material; that it is, factually, immaterial, as in software has no height, width, depth, or mass.
Software is more ephemeral than moonbeams. Software is just a very particular arrangement of concepts (programs), and methods of implementing those concepts (languages).
It might be that the American Law Institute of Law could better achieve its goals vis a vis software contracts by focusing more on truth in advertising, or other representations of the usability of particular softwares, and attempting to standardize software licensing terms. For example, if you have a license for a server and a license for a client, why should you need a third license for the client to talk to the server?
It occurs to me that even if I could write totally bug-free (from my perspective) software, what's the guarantee that when it is compiled, the compiler and various dependencies are similarly 100% bug free?
They wouldn't be. So even if your end of the equation was guaranteed bug-free the final distributed binaries could never be.
The only alternative would be to first create your own bug-free compiler (good luck with that because a lot of compilers ONLY WORK by exploiting hardware bugs and tricks) and libraries BEFORE writing any actual saleable software.
Oh, and speaking of which, the microprocessor's own microcode is unlikely to be 100% bug free either.