From: Arved Sandstrom on 12 Feb 2010 18:46 Leif Roar Moldskred wrote: > In comp.lang.java.programmer Brian <coal(a)mailvault.com> wrote: >> On Feb 12, 3:14 pm, Leif Roar Moldskred >> <le...(a)huldreheim.homelinux.org> wrote: >>> In comp.lang.java.programmer Brian <c...(a)mailvault.com> wrote: >>> >>> >>> >>>> That is true in a traditional model of exchanging >>>> money for a product or service. If you don't pay >>>> for the good or service, you have no "rights." >>> That's quite simply not correct. >>> >> Who has successfully sued a Boost developer or Boost >> as a whole over their open source code? No one has >> sued Ebenezer Enterprises either. T > > Nobody has successfully convicted me of manslaughter > either, but that doesn't mean that manslaughter is > legal. > > Can you name any incident of a developer of > _commercial_ software having been sued over defects > in their software and found liable? On top of my head > I can't think of any -- but then I can't think of any > cases where manufacturers of chainsaws have been sued > and found liable over defects in their products either. > That says more about my ignorance of case law than it > does of the legal realities. > > That there is no money changing hands and (usually) > no business relationship between developer and user > for open source software _does_ curtail the developer's > liability, and the language of most open source > licenses serves to limit it further. What it doesn't > do, however, is to remove _all_ liability. > > There is a reason why the GPL states that "there is no > warranty for the program, to the extent permitted by > applicable law" and that is that "applicable law" tend > to prohibit the ceding of _all_ liability. You can > cede a lot, but not everything. > You can also make the argument - heck, I _am_ making the argument - that a person or company who gives software away for free could in fact be establishing a business relationship between them and the people who obtain the software. Not a traditional "you bought it" business relationship, but a relationship nonetheless. For example, what about the large number of software shops that provide free "community" (substitute the other equivalent terms as you like) editions of their commercial software? Sometimes feature-limited, sometimes license-limited. The intent of that practise is clearly to compete with other companies, and to establish a market for their commercial software. Furthermore, since the non-free editions (which are often identical, and otherwise rarely anything else than a few extras bolted on to the free versions) clearly are claimed to be suitable for a stated purpose, how can the free editions not be? In a similar vein, what about the free software around which an ecosystem of "support" developers has grown, who sell their expertise in deploying the software in a client environment, or doing a job for a client using the program? Even more specifically, what about software given out for free, around which the _author_ offers such support services? This practise is not uncommon. By doing so, has not the author implicitly guaranteed the fitness of his application? How can he then simultaneously provide the program free of charge for anyone who wants it, and claim that it is so unreliable that he can offer no guarantees for it? This is rather at odds with his own use of it in a commercial setting. Just some examples. AHS
From: Seebs on 12 Feb 2010 18:56 On 2010-02-12, Arved Sandstrom <dcest61(a)hotmail.com> wrote: > In a similar vein, what about the free software around which an > ecosystem of "support" developers has grown, who sell their expertise in > deploying the software in a client environment, or doing a job for a > client using the program? Well, in that case, I think you might have a contract. $DAYJOB sells stuff which is in large part "linux and free software", but there are contractual terms above and beyond the stuff given in the license. But if you don't like it, you talk to us about the contract under which you bought it, not to Mr. Torvalds. > Even more specifically, what about software > given out for free, around which the _author_ offers such support > services? This practise is not uncommon. By doing so, has not the author > implicitly guaranteed the fitness of his application? How can he then > simultaneously provide the program free of charge for anyone who wants > it, and claim that it is so unreliable that he can offer no guarantees > for it? This is rather at odds with his own use of it in a commercial > setting. I don't think so. If you want a guarantee, you buy it. If you didn't buy anything, you haven't established a commercial relationship giving you a reasonable expectation of support or fitness for a particular purpose; after all, the entire point of selling support is to sell the promise that you'll make it fit for a particular purpose if it isn't, which it might not be. -s -- Copyright 2010, all wrongs reversed. Peter Seebach / usenet-nospam(a)seebs.net http://www.seebs.net/log/ <-- lawsuits, religion, and funny pictures http://en.wikipedia.org/wiki/Fair_Game_(Scientology) <-- get educated!
From: Jerry Coffin on 12 Feb 2010 21:01 In article <eab51075-377a-4714-ab9d-853df4fcae95 @b2g2000yqi.googlegroups.com>, electricdelta(a)gmail.com says... [ ... ] > Nobody knows how to build earthquake-immune buildings, yet > engineers give certain guarantees. When those are failed to be met, > (s)he is held liable. Maybe it's about time some "software > engineers" were held liable for their unreliable code in the same > way. Unfortunately, I'm afraid you're mostly wrong. If a building falls down, grounds for a lawsuit would be that the engineer(s) involved in the design were "negligent". In this case, "negligent" is generally defined to mean that the care with which they did this particular job was substantially less than would be expected of most others in the same profession. To put it somewhat differently, to win such a case, you need to show that (in essence) if virtually and of their direct competitors had done the job instead, you'd have a reasonable assurance that you would have received a result of substantially better quality. In the case of software, showing such a thing would be next to impossible. Software disasters of truly epic proportions are commonplace, well known and easy to cite. Offhand, I'd be hard put to think of even one "good practice" that's sufficiently widespread that I could testify that it was at all surprising when it wasn't followed! -- Later, Jerry.
From: LR on 12 Feb 2010 22:22 Arved Sandstrom wrote: > To my way of thinking there are some > implied obligations that come into effect as soon as a software program > is published, regardless of price. Despite all the "legal" disclaimers > to the effect that all the risk is assumed by the user of the free > software, the fact is that the author would not make the program > available unless he believed that it worked, and unless he believed that > it would not cause harm. Aren't some programs released with known defects? > This is common sense. Applied to what is most likely a branch of mathematics or applied to the law? > I don't know if there is a legal principle attached to this concept, but > if not I figure one will get identified. Simply put, the act of > publishing _is_ a statement of fitness for use by the author, and to > attach completely contradictory legal disclaimers to the product is > somewhat absurd. I think this may be part of an ongoing controversy. Here's a taste of what's coming. http://www.tampaflduilawyer.com/Defenses/DUIBreathTest.aspx (Look for "Throughout the State of Florida, DUI defense attorneys are demanding that the State of Florida provide the source code") and there's this: "Reasons Why Production of the Source Code is Necessary" "7. # The extent that known and unknown flaws in the program affect the accuracy of the test results." LR
From: Jerry Coffin on 13 Feb 2010 01:09
In article <hku5go$af0$1(a)news.eternal-september.org>, John.koy(a)example.com says... [ ... ] > Exactly. Engineering is about measurable outcomes, quantification. > What's the equivalent of "this building can withstand a quake of > magnitude 7.5 for 30 seconds" in software? Can any of us state "this > software will stand all virus attacks for 12 months" or "this software > will not crash for 2 years, and if it does your loss won't exceed 20% of > all digital assets managed by it" ? Your analogy is fatally flawed, in quite a number of ways. First of all, a particular piece of software is only one component in a much larger system of both hardware and software -- where the final system is generally designed and assembled by a somebody who's not an engineer at all. What you're asking for isn't like a warranty on a building. It's more like asking a vendor of steel beams to warrant that any possible building of any design will withstand earthquake X as long as it includes this particular component. Second, an earthquake of magnitude X is a known and measurable quantity. "all virus attacks for 12 months" is a completely unknown and unmeasurable quantity. Worse, it's an attack with malice aforethought -- so in terms of buildings, what you're asking for is more like a bunker guaranteed to withstand any weapon with which anybody might attack it. Just for one example, that was the intent of NORAD headquarters in Cheyenne Mountain -- but by the time it was finished, there were already weapons capable of destroying it. I can warrant software to withstand every currently known threat. Physical buildings can't even withstand threats from decades ago -- and even withstanding threats from a century ago or more is generally prohibitive. Software is well ahead of buildings in this respect. As to not crashing for 2 years and/or limiting losses, it's a bit like asking an auto manufacturer to warrant against a crash for 2 years, and if there is one that nobody will be more than mildly injured. -- Later, Jerry. |