[LINK] What's a reasonable level of code-checking?

Craig Sanders cas at taz.net.au
Thu Aug 17 14:12:16 AEST 2006 

On Thu, Aug 17, 2006 at 01:59:16PM +1000, Howard Lowndes wrote:
> This is where computing differs from engineering.  In the engineering
> world you must have the demonstrable technical competence to perform
> such a task and it is subject to proscription and regulation.  In the
> IT arena, world+dog can do much as they like with no checks.

that would be because faulty engineering can kill people.

faulty software, except for a few specialised applications can't -
and in those few applications (e.g. medical devices, air-traffic
control, auto-pilot, etc) you'll find that the engineering standards and
bureacracy surrounding it are as stringent as for any other other form
of engineering.

it is not at all unreasonable to have higher standards (and more
vigorous enforcement of those standards) for things that can kill people
and a lower standard for those that can't.

> >free software is more like a kit than like a packaged product. and
> >frankly, if you couldn't be bothered acquiring even minimal skills
> >and clue, then DON'T USE IT.
>
> I fail to see where there is a great difference between M$ Windows as
> a packaged product and, say, Ubuntu or Knoppix or most other Linux
> distros.

one is commercial product that must be paid for, and which has millions
of dollars of marketing to promote the idea that it is of merchantable
quality, while one is not. that's a huge difference right from the
start.

> >>Software needs to adopt the disciplines of engineering, and frankly
> >>the exclusionist expert mentality could just as well be dropped down
> >>an abandoned mineshaft and nobody would notice...
> >
> >i really don't care what the mainstream public uses - i do,
> >however, care if the software that *I* like to use is no longer
> >available because the whining clueless public (or, more likely,
> >politicians grandstanding and claiming to do it on behalf on an
> >utterly indifferent public) demand that software developers take
> >responsibility for the users' own negligence and ignorance.
>
>
> ...but ultimately they will.  It's a lot easier to tell the developers
> they have to be liable than to tell the unwashed masses that they
> have to stop using 'puters.  The only restraint I can see will come
> from the evil empire who will recognise their own liability along
> that path, and that may cause them to temper the actions of the
> legislators.

it may be easier but that doesn't make it right. almost anything you
care to name is easier if you do the wrong thing rather than the right
thing.

computer security is a shared responsibility between the developers,
the distributors, AND the users. finding the correct balance of rights
vs responsibilities may be difficult but legislating so that the entire
responsibility is on the shoulders of the developers is just plain
broken.


craig

-- 
craig sanders <cas at taz.net.au>           (part time cyborg)

More information about the Link mailing list