I almost fell off my chair when I learnt that EU wants software makers held liable for the code.
According to the gentlemen who are going to purpose the law:
Licensing should guarantee consumers the same basic rights as when they purchase a good: the right to get a product that works with fair commercial conditions.... more accountability for software makers, and for companies providing digital services, would lead to greater consumer choice.
Talk about naivety.
It's not that I think software quality is not important, it's just that I don't think by enforcing a law software quality will magically improve over night. In fact, I afraid that such a law would have the perverse effect, it would kill the software industry in the end.
Yeah, I know, software quality sucks in general. But the reason why it sucks so much is not because software developers are incompetent, or the software companies are negligence. The reason why software sucks is because software, by definition, is the act exploring new things. Unlike manufacturing area where products are created according to a well-known process, software development is always about developing new requirements that haven't been done before ( If your developer has to develop the same thing over and over again like the guy in the assembly line, he's incompetent--- fire him!). Now when you have a well-known process it's easier to put a guarantee on it, but when you are venturing into unknowns it's counterproductive to do so.
Let's assume that the if software liability bill was passed, what would happen then? Software companies would have to expand their testing budget and effort, for sure. This is going to result in a massive increase in software cost and a very slow software release cycle. So if you are expecting your software to upgrade in every 3 months, you might have to wait for 1 year ( or longer) for the upgrade. Are you going to trade the upgrade for "less bugs"?
Maybe the EU has NASA in mind when comes to software writing. NASA software that powers the space shuttle is known for its perfectness. The ratio of bugs, between NASA software and other commercial, is 1 to 294. But it's instructive to consider at what cost NASA pays to achieve this:
At the on-board shuttle group, about one-third of the process of writing software happens before anyone writes a line of code. NASA and the Lockheed Martin group agree in the most minute detail about everything the new code is supposed to do -- and they commit that understanding to paper, with the kind of specificity and precision usually found in blueprints. Nothing in the specs is changed without agreement and understanding from both sides. And no coder changes a single line of code without specs carefully outlining the change. Take the upgrade of the software to permit the shuttle to navigate with Global Positioning Satellites, a change that involves just 1.5% of the program, or 6,366 lines of code. The specs for that one change run 2,500 pages, a volume thicker than a phone book. The specs for the current program fill 30 volumes and run 40,000 pages.
"Our requirements are almost pseudo-code," says William R. Pruett, who manages the software project for NASA. "They say, you must do exactly this, do it exactly this way, given this condition and this circumstance."
This careful design process alone is enough to put the shuttle organization in a class by itself, says John Munson of the University of Idaho. Most organizations launch into even big projects without planning what the software must do in blueprint-like detail. So after coders have already started writing a program, the customer is busily changing its design. The result is chaotic, costly programming where code is constantly being changed and infected with errors, even as it is being designed.
"Most people choose to spend their money at the wrong end of the process," says Munson. "In the modern software environment, 80% of the cost of the software is spent after the software is written the first time -- they don't get it right the first time, so they spend time flogging it. In shuttle, they do it right the first time. And they don't change the software without changing the blueprint. That's why their software is so perfect."
How many of you are willing to spend that much time writing specs? And how many customers are willing to PAY for that kind of specs? Who is going to develop something that no customers are willing to pay for?
Furthermore, a lot of times software bugs are resulted from the interaction between different applications. And in this case it can be extremely hard to pinpoint the culprit-- which applications that you are going to put your blame on? And how would the bill going to arbitrate on this?
Software perfection can only achieved when there is a perfect understanding of requirements, but this is not how software development works. More often than not software is developed in iterative manner. The software vendors-- or the software users don't really know what they would get before the software is passed in their hands. And when the software doesn't perform in the way the users want that is considered as a bug. Now is it fair to penalize the software vendors because the users don't know their own requirements?
If the EU bills were adopted, the cost of software would skyrocket, it would take a longer time to deliver the software, and software industry would become unprofitable, resulted in a massive deaths of software companies, large and small.
That would be an ideal way to kill the human civilization.