http://www.techrepublic.com/blog/european-technology/should-developers-be-sued-for-security-holes/1109 By Nick Heath TechRepublic August 23, 2012 Takeaway: Software makers should face legal action if sloppy coding leads to hackers emptying users’ bank accounts, argues a Cambridge academic. If you’re poisoned by a burger you can sue the restaurant that sold it - so why can’t you take a software developer to court if their negligent coding lets hackers empty your bank account? That’s the question asked by University of Cambridge security researcher Dr Richard Clayton - who is calling for software makers to be made liable for damage resulting from avoidable security flaws in their apps. Today software generally comes with End-User License Agreements that require the user to sign away their right to sue software developers if their app contains security flaws that leaves the user’s computer open to attack by malware. Clayton is arguing for regulations that remove the developer’s right to waive any responsibility for security flaws in their software. It’s an argument that has already won support from officials across Europe, with a House of Lords committee recommending such a measure be implemented in 2007 and European Commissioners arguing for the requirement in 2009 - however agreements to this effect have not been passed. “It’s remarkable that of all the things that you could buy as a consumer, software is the one where you’re expected to make up your mind whether it’s dangerous,” Clayton says. [...]Received on Fri Aug 24 2012 - 06:09:34 PDT
This archive was generated by hypermail 2.2.0 : Fri Aug 24 2012 - 06:13:12 PDT