10 Comments

Very informative.

Expand full comment
Feb 7, 2023Liked by Walter Haydock

Interesting retort and critique especially the risk management aspect. However Walter missed a clear cut opportunity to pin the tail on the root cause…Congress caving in to the Software Business Alliance lobbying effort to give the software industry a permanent waiver on the Universal Commercial Code’s warranty of merchantability and fitness for use requirements for their software products. They basically have ratified the bad business behaviors of software companies using their customers as crash test dummies without compensation or liability for damages. And OBTW neither free patches or gratuitous subscriptions to identity and credit protection is compensation.

Since you used the the analog of the Nation Highway Safety Administration and automobile safety…the difference is the automobile industry and almost all other consumer products industries are held accountable for damage if their respective products create a safety risk. As Ford about their Pinto gas tanks, Boeing about it 737 Max, GM about its Corvair, etc. The software industry assumes neither risk for it’s shabby vulnerable software nor accountability for the damages.

Expand full comment

Sorry, I think the “transparency” approach is far superior to the liability regime you suggest. Mandating that software vendors tell consumers what they’ve done to secure the software we trust our lives to is the least intrusive gov’t intervention. And it’s the right one. It’s designed to fix the asymmetric information market failure and will let the market (not government) decide the right level of security.

Expand full comment