Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

[P]
Suing propriety app providers

By n3m6 in Op-Ed
Thu Nov 16, 2000 at 06:41:05 PM EST
Tags: Software (all tags)
Software

While i was reading this slashdot article i came to this picture, and i'm still wondering. Have any of you been able to sue a closed source app provider when things really went wrong?


Do they ever take the blame when an NTFS dissappears? Or does their disclaimer/license agreement comes with a "we wont be responsible for stuff that fails". I've never heard of a company that has a asked for thousands in cash from such companies when things failed. They'd go whine on some message board, but i'm sure they never were able to recover anything or SUE them.

The argument that "you will be able to blame this company on whatever failure " has been one of the oldest arguments ever given, but yet we do expect partition crashes/getting trojaned by some script kiddie a part of our lives. Did we really sue them? Why not? They just said that we were able to sue them for stuff like this..

This is one area in which we need to lift off the FUD and mud. Please tell us about your experience in trying to get "such a company" to pay back for the damages...

Sponsors

Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure

Login

Poll
what do you do after NTFS crashes!
o call MS support line and wait an hour before being disconnected? 1%
o go whine on #NTlusers and ask for forgiveness? 0%
o call your lawyer and go to judge jackson ? 2%
o when will you guys learn to use linux/FreeBSD/*opensource*! 36%
o go to sleep with a smile on your face ? 25%
o how many died? 33%

Votes: 156
Results | Other Polls

Related Links
o Slashdot
o slashdot article
o this picture
o Also by n3m6


Display: Sort:
Suing propriety app providers | 49 comments (27 topical, 22 editorial, 0 hidden)
missing poll option (2.66 / 3) (#3)
by enterfornone on Wed Nov 15, 2000 at 07:57:17 PM EST

"reformat and restore from a backup" Like it or not, no filesystem is indestructable. No matter what system you are using you need to take precautions. Yeah it's a hassle, but if you have a decent disaster plan, as well as redundency for essential systems, you will save yourself a lot of grief.

--
efn 26/m/syd
Will sponsor new accounts for porn.
prevention (3.00 / 2) (#5)
by radar bunny on Wed Nov 15, 2000 at 08:02:43 PM EST

No matter what system you are using you need to take precautions.

That's the key thing. But most companies would rather hire lawyers than technicians so they can sue whenever there's a problem. I mean why spend money to prevent a problem when you can capitalize on it after it happens and JUST SUE EVERYBODY.

[ Parent ]
Suing isn't that common... (none / 0) (#17)
by jeffmonks on Thu Nov 16, 2000 at 03:03:01 AM EST

But most companies would rather hire lawyers than technicians so they can sue whenever there's a problem.

Yes, we live in a very litigious society (especially in America, but in all Western societies in general), but I don't think this statement is necessarily true. We hear about the possibility a lot, but I don't think many lawsuits are brought to bear by companies when software fails. The reason isn't that EULAs forbid it, either. The reason is because it would be very hard to litigate successfully, even without EULAs.

Say your Oracle DB explodes and you lose millions of dollars worth of data. You sue Oracle, and they start asking questions like, "Did you have a certified Oracle DBA setup and maintain the database? Did you perform all recommended maintenance procedures on the server? Do you have logbooks that document this?" If you survive that barrage, now you have to prove that their software (and not any of the other software [including the OS] on that machine is responsible). Given the lack of tech savvy in the courts, this would be a tough sell...

I don't think many companies use the "there's nobody to sue" excuse as a reason to not use open source software. They're more likely to use its brother, "There's nobody to provide cohesive, high-quality 24x7 technical support."

[ Parent ]

We will deal with this (3.33 / 3) (#7)
by Elendale on Wed Nov 15, 2000 at 08:36:04 PM EST

Eventually, society at large will have to face the music: closed software is (in general) unreliable and should not be used for critical applications. More and more computers are being used in everyday tasks, to counter that poster's question: Do you want your next car to GPF during a lane-change at 70 MPH (sorry metric guys...)? The faulty software makers will eventually be called to take responsibility. Unfortunately, i see it turning out much as the 'war on drugs' and cases against the tobacco industries (actually, compare the tobacco and M$ cases... its already happening).

-Elendale (oh, and: wrong section)
---

When free speech is outlawed, only criminals will complain.


no. (4.00 / 1) (#36)
by douper on Thu Nov 16, 2000 at 10:32:06 PM EST

I disagree.

if I am not mistaken airports use closed software to track planes, etc and it's not crashing all the time or is it? I wouldn't put up with that if I worked there, hell - people's lives are at stake.

A lot of closed source software isn't as unreliable as you would have us believe. ICQ for example rarely crashed back when I used it... I don't know about know though too much unneeded functionality

Open source software would be just crash prone for mission critical software, why? Open Source software works because people scratch an itch.... an itch can't be scratched by someone who doesn't have a backscratcher (programming skills), generally, not to stereo type or anything... most people using a radar system,or any other critical system.

I don't really see a problem with closed software for critical systems. If a closed software system requires stability, it can be done. but it is often not done in closed software that we all see, because that's not the critical stuff. the critical stuff is behind locked doors in rooms that the general public doesn't see.

--
and that's the bottem line cuz douper said so.

[ Parent ]

More FUD? (none / 0) (#49)
by phliar on Thu Dec 07, 2000 at 12:48:09 AM EST

if I am not mistaken airports use closed software to track planes, etc and it's not crashing all the time or is it?...

A lot of closed source software isn't as unreliable as you would have us believe....

Open source software would be just crash prone for mission critical software, why? Open Source software works because people scratch an itch.... an itch can't be scratched by someone who doesn't have a backscratcher (programming skills), generally, not to stereo type or anything... most people using a radar system,or any other critical system.

This is just a bogus argument. Or, non sequitur.

Let's say the FAA puts out a contract for an ATC radar system and I want it. I think - hey, I'm going to start with the Linux kernel, strip out everything I don't need and write my custom package using it. And hey, there's some cool display code in the Gimp that I can use... and ...

Why is this approach any more crash-prone than someone who started with Windows NT (god help us) and a few other closed-source modules that are glued together?

(Assuming I'm not a complete pinhead, of course, and when I use code from other modules, I do look at it carefully and include it as part of my regular testing and debugging.)


Faster, faster, until the thrill of...
[ Parent ]

What do you think the space shuttle is? (4.00 / 8) (#9)
by Speare on Wed Nov 15, 2000 at 09:15:24 PM EST

The picture linked is a typical FUD slide that reads,

    1: Open Source "Bad"

    * Ask yourself this question: Would you want to fly in an airplane whose complete flight system was developed using Open Source by the lowest bidder?

    * Whom do you sue when things go wrong? (assuming you're a survivor)

    SC2000 - J.L. Munoz / DOE-HQ Def. Pgms.

Skip for a moment the words 'open source'. Now think about the ENTIRE US GOVERNMENT. Everything possible is procured by things made by the lowest bidder. Marines, NASA, Army, Navy, Coast Guard, Air Force, HUD, Social Security Administration, everything. If they didn't get stuff from the lowest bidder, they'd waste even MORE money, or they'd have to hide their losses in the black operation canards of $600 toilet seats.

This is why for physical stuff, most agencies develop specific standards. The standards are well-known: all the bidders need to know what level of quality and engineering is required.

Now, if there were testable STANDARDS out there for bidders to see, when they wanted to sell software to the government, then it shouldn't matter if it's "Open" or "Proprietary." It meets the standards. And by extension, those standards could help non-government buyers, too.

This is my issue with RMS's philosophy that companies shouldn't be able to remain proprietary about their source code. They're proprietary about injection-molding techniques, they're proprietary about the integrated circuit layouts, they're proprietary about so many physical processes that go on behind closed doors. (1) If there were a specification and the product conforms, screw forcing it open. (2) If you aren't allowed to cut&paste existing processes, you'll have to innovate. To me, Open Source is irrelevant. Get the job done, and if your competitors want to do the same, let them. If you want to open your source as a service to mankind, go for it.


[ e d @ h a l l e y . c c ]
How? (4.00 / 1) (#43)
by dennis on Tue Nov 21, 2000 at 12:58:37 PM EST

How do you develop standards for software? How is the government supposed to know whether there are bugs? A toilet seat is one thing--measure it, weigh it, try to break it. But no set of standardized tests can be guaranteed to find all the hidden bugs.

If you need seriously bug-free software, do it the way the space shuttle people do it. Those are the people I want programming my airplanes.

[ Parent ]

Microsoft EULA (3.83 / 6) (#10)
by MeanGene on Wed Nov 15, 2000 at 09:27:18 PM EST


Last time I forced myself to read it, it explicitly stated that I "agree to defend and hold Microsoft harmless in any litigation."

Duh... Try sue *that*!


Paul Ferris's essay.. (3.66 / 6) (#14)
by Perpetual Newbie on Wed Nov 15, 2000 at 10:31:54 PM EST

Paul Ferris from LinuxToday wrote an essay about this: Who Are You Gonna Sue Today?

Did the Creator of the Picture Ever Read an EULA? (4.00 / 7) (#16)
by Carnage4Life on Thu Nov 16, 2000 at 12:41:00 AM EST

I just looked at the linked picture which reads:
    1: Open Source "Bad"

    * Ask yourself this question: Would you want to fly in an airplane whose complete flight system was developed using Open Source by the lowest bidder?

    * Whom do you sue when things go wrong? (assuming you're a survivor)

    SC2000 - J.L. Munoz / DOE-HQ Def. Pgms.

This is quite frankly, uninformed crap. The whole purpose of End User License Agreements in proprietary software is to specifically spell out exactly how much repsonsibility for software failure the software companies do not have.

Quite frankly every EULA, I have read from Windows 2000 and Office to Corel Wordperfect specifically state that the software company is not liable for damage caused by using the software besides refunding the cost of software (this isn't even in all of the ones I have seen). I would like J.L. Munoz to read the U.S. UNIFORM COMMERCIAL CODE ARTICLE 2B which specifically states all the rights that purchasers of software do not have when seeking redress for damages caused by software.

The "Who do you sue, if something goes wrong?" argument was invalid the first time it was made and is still invalid now, especially in this age of Uniform Computer Information Transactions Act (UCITA).



You *can* sue a normal software company ... (none / 0) (#45)
by StrontiumDog on Sat Nov 25, 2000 at 07:29:55 AM EST

Despite anything a software company may put in an EULA, in most countries local law takes precedence. You may buy a product where the licence explicitly says "This product has a 3-day warrantee; if you purchase this you agree to this period and bla bla bla"; if the law stipulates that producers of such products must offer 60-day warrantees then that licence is automatically void.

Similarly a company is not automatically scot free with regards to damages caused by its products, despite any disclaimers, as several manufacturers in the US and elsewhere have found out. The situation is fuzzier with software, as human life or welfare is not usually at stake, and apportioning blame is more difficult (error seldom lies in a blatant bug, but is often a mix of environment, OS stability, human error, incorrect data, and interaction with other programs). Nevertheless if a software bug were found to be responsible for a disaster like that in the Austrian train tunnel, you can bet your ass someone is going to get prosecuted, EULA or no EULA.

[ Parent ]

Ahem. (1.54 / 11) (#21)
by Signal 11 on Thu Nov 16, 2000 at 08:38:40 AM EST

I used the picture on the graphic provided to track down the presenter....
Munoz, Jose L.
Phone: 202-586-5132
Fax: 202-586-0405
Route Symbol: DP-143
Room: 4B-044
Building:
Mail Stop:
Location: WASHINGTON DC
Organization: SIMULATION AND COMPUTER SCIENCE DIV
Title: LEAD COMPUTER SCIENTIST
Internet Address: jose.munoz@hq.doe.gov
Last Change: 2000/05/16 10:53:08
Directory: DOE

A lead computer scientist who knows nothing about open source. Hey all you K5'ers, how about you e-mail him and.. ah, help him out. ;) Shouts out to vsync for helping locate him, and you can kick me for posting this as editorial instead of topical first... I'm sick today, give me a break.




--
Society needs therapy. It's having
trouble accepting itself.

Now, now... (none / 0) (#44)
by mattm on Sat Nov 25, 2000 at 12:45:43 AM EST

I don't want to play the Guardian of Morals here (I'll leave that to Orrin Hatch), but personally I think it's not nice to post people's personal information to a public archive, even if it is easy to track down (and, yes, it usually is).

Also, the photo is only one part of a general report on the Super-Computing 2000 conference by Stephen Adler of Brookhaven National Laboratory. Included are Mr Adler's observations and opinions on Mr Munoz's and others' presentations, and a PDF of Mr Munoz's slides.



[ Parent ]
It isn't really personal info... (none / 0) (#48)
by theR on Tue Dec 05, 2000 at 03:12:00 PM EST

That info is on a public webpage on the Department of Energy's website. See the search page and results page. If they put it out there for us, it doesn't seem very private to me. Besides, you can get more information from a phonebook as long as the person is listed.



[ Parent ]
bah... (2.00 / 1) (#24)
by lucid on Thu Nov 16, 2000 at 09:33:56 AM EST

i think the best way to "lift off the FUD and mud" would be to develop a complete, Open Source flight system.

anyhow, this is lame. assume i'm a survivor. who do i sue? the people who own and/or operate the airplane. i think talking about this picture, or how you "got those bastards back for making you buy whatever it was you decided to buy" is a waste of time. -1

I have actualy heard of a case where someone sued. (3.50 / 2) (#27)
by delmoi on Thu Nov 16, 2000 at 10:28:49 AM EST

Not beacuse a program crashed, but beacuse it produced bad data. Its a pretty funny story actualy, a construction (I think it was construction, anyway) Contractor was using some bidding software to write up a bid proposal. The problem wasn't that the app crashed, or anything like that, but that the bid that was created, and sent in, was less then what it was supposed to be. by millions of dolars.

The contracting company sued the software company, but lost : (
--
"'argumentation' is not a word, idiot." -- thelizman
Real case (none / 0) (#32)
by RocketJeff on Thu Nov 16, 2000 at 04:28:52 PM EST

It was a real case. A contractor in Florida (imagine that) had built a spreadsheet to do bid calculations. On one particular job they needed more lines then the original spreadsheet allowed for so they copy&pasted some - not aware that the total calculation was operating only on the original range...

I can't remember if it was Excel or 1-2-3, but the contractor sued Microsoft/Lotus because the spreadsheet didn't let him know about the mistake.

He lost.

[ Parent ]

Spreadsheet (none / 0) (#39)
by B'Trey on Sun Nov 19, 2000 at 03:29:05 PM EST

A spreadsheet is essentially a form of high level computer language. If you enter the formulas incorrectly, YOU made the mistake, not the spreadsheet. If you enter an incorrect range, the spreadsheet is under no obligation to warn you. If you enter an illegal formula and it doesn't warn you, you might have a case. If you enter the correct formula and the spreadsheet miscalculates the value, you definitely have a case.

[ Parent ]
Closed Source Solution. (3.00 / 2) (#29)
by drewcifer on Thu Nov 16, 2000 at 11:29:09 AM EST

In response to the picture: No, I'd rather ride in an airplane who's software was written on a contract given to the lowest bidder, with an EULA that disavows any responsibility.

Not responsible for failures.. (3.25 / 4) (#33)
by Andrew Dvorak on Thu Nov 16, 2000 at 05:57:15 PM EST

IMO, App Providers should not be responsible for failures. The users/clients/whatever should back up any data which, should it be destroyed, would significantly impact anybody who uses the data. Likewise, the app providers should *always* facilitate easily backing up the data used by the software.

Because nobody is perfect, and app providers are bound to make mistakes because such apps are programmed by people, it should be the responsibility of the app provider to release updates in a timely manner. I suppose, though, such a requirement might further validate the legitimacy of subscription-based applications. But hey, Microsoft releases patches for its software, though not necessarily in a timely manner, it would be great if they could fully document the problem, how it affected who, and how it was fixed. But then again, it might already be understood by them that too many bugs made known about obsolete versions of their software might instill much poor PR (why is everybody so arrogant as to want to satisfy the critics? Doing so only further complicates things!).

On the other hand, Microsoft also releases new, major, versions, which obsolete older versions no longer maintained. This is another update where, should the user want certain bugs fixed, they must purchase the software again. Wow, I think I've just written about how much better the world would be if even commercial software were to include source code so that the client may modify it to their specifications!



Kinda happened where I work (5.00 / 1) (#37)
by scthoo on Fri Nov 17, 2000 at 11:00:49 AM EST

Here's the story:

I work at a small commercial software company. We had completely re-written our main product. And of course we were about a year late and waaay over budget. The app was also rather buggy. We had lined up our first customer for the new product many months before. In fact the customer had already paid for the app and was waiting for delivery. Well, we when we finally delivered it to them they weren't very happy. They threatened to sue us and in fact did file a case. Eventually we worked out an agreement with them. They would keep the software and use it if they so wished and we would refund their money (over $100,000). Our stipulation: They cannot talk to any other company about their opinions of our software or this mishap. Everyone agreed to this and they dropped the case.

This isn't the only time something like this has happened where I work. I remember two other times we've had unhappy customers that threatened legal action. Both times we worked out similar agreements where we gave the customer some or all of their money back in exchange they wouldn't speak bad about us or our software.

Its all about selling the software. If one of your customers is sueing you, other prospective customers are going to be scared away. So whether or not they will win the suit is kinda irrelevant (from the software company's standpoint). They'll do the most damage to your ability to sell your product. This alone is enough reason to respond to, in one way or another, a customers suit or threat of a suit.

Safety of Life Matters are different (3.00 / 1) (#38)
by Ricdude on Fri Nov 17, 2000 at 11:26:16 AM EST

There's a big difference between the effects of, say, a spreadsheet miscalculating your net profit for last quarter, vs., a software controlled X-ray machine that miscalculates radiation dosages.

Who are you going to sue if your spreadsheet miscalculates a number or two? Nobody. Even if the number is of critical importance, it should be checked and confirmed to be accurate by independent means (i.e. no path in common with the initial calculation). In safety of life matters, that independence in confirming the results of calculations is critical in results.

Who are you going to sue if the plane you're on crashes due to an open-source software failure? The airline company and the airplane manufacturer, most likely. In using any software on-board their system in a safety of life capacity, they are certifying that it will perform as expected, and they will be held liable for the results if it fails.

The whole purpose of the disclaimers in the EULA is specifically so that no one can hold M$ responsible should their software be used in a safety of life capacity. Now if someone uses M$ software in that capacity on their own, the vendor has to assume responsibility for making that decision. Just as they would have to take responsibility for using underspecified parts in their system.

"Not being able to sue" isn't really an issue. As an integrator or vendor, you have to take responsibility for your design decisions, or know who you can hold responsible should any component of your design fail.

plains, trains and automobiles (none / 0) (#40)
by Chakotay on Sun Nov 19, 2000 at 08:06:41 PM EST

How can you get open source into airplanes? Simple, by making it redundant. The best form of redundancy is to have a number of machines do the same thing, but with software developed by different people and in different ways. The different implimentations are bound to have bugs, but the chance that they all have the same bug is for all means nonexistent. Open Source would allow you to do that much more cost-effectively than any commercial solution.

Personally, I'd much rather board a plane run on such a redundant open source system than one run on any proprietary system.

--
Linux like wigwam. No windows, no gates, Apache inside.

[ Parent ]

dang... I was going to ask this same question (3.00 / 1) (#41)
by beertopia on Sun Nov 19, 2000 at 11:59:25 PM EST

I've been getting tired of that whole "but who do you sue" question, too. I'm guessing, from the total lack of responses about it here, that *nobody* has successfully sued msft over software failures.

'course, as hard as their stuff is to set up properly, it seems like the burden of proving it was the software's fault wd be pretty insurmountable. All they'd have to do is say, look, you changed registry entries by hand. Every tech document we publish, including the ones that tell you to change registry entries, tells you how dangerous that is, which is why we don't support it, which is why it's your own fault.

But, what I wonder is, since "we need a software vendor to sue" seems to be a constant refrain, maybe there's something I don't know. Maybe people threaten to sue, Msft settles (in the form of free software, I'd imagine, rather than cash) & as a condition, you have to take a vow of silence about the whole thing.

or, maybe it's all bullshit after all, & eula's mean what they say.

The Law of Software Quality (3.00 / 1) (#46)
by gbroiles on Sat Nov 25, 2000 at 05:55:38 PM EST

You might find the book Bad Software: What to do when software fails helpful; it was written by Cem Kaner, an attorney who has a strong software QA background. He has a webpage on the topic, as well - http://www.badsoftware.com/qindex.htm. Yes, you can sue, people have sued, but it's unlikely that you'll recover enough to compensate you for the time & effort involved in the lawsuit, without even thinking about attorneys' fees.

That's not the only misunderstanding... (none / 0) (#47)
by joto on Sun Dec 03, 2000 at 07:55:13 PM EST

The misunderstanding in this picture is not that suing proprietary software vendors doesn't usually work. Because it probably works in software of the type exemplified on the foil mentioned. If you pay a company to build aircraft/spacecraft control software, nuclear plant control systems, etc.. then you should be able to sue the vendor if something goes wrong.

Now, so what's the misunderstanding? It is that this right to sue does not go away just because you open source the software. There is nothing that says open source software must be developed by a horde of unrelated programmers cooperating loosely over the internet with few common goals and no plan. If that were the case, I wouldn't want to sit in that plane either. But, considering that the vendor making aircraft control systems for some aircraft vendor is likely to be doing contractual work, there is no reason in the world why one of the terms of the contract could not be that the software should be open source.

There is one minor complication however. By having access to the source code, it is possible to argue in the court that you had every possibility to do equivalent quality checks as the software vendor, and since you were doing such a high-risk project, it is expected of you to do just this. The mere fact that you had access to the source code, and did not find the error yourself before the catastrophical incident makes it harder to sue the contractor. This is of course nonsense, but I think at least the norwegian judicial system work in this way, at least it does when you are buying a house. So either, do a very thorough check yourself, or do no checking at all.

Suing propriety app providers | 49 comments (27 topical, 22 editorial, 0 hidden)
Display: Sort:

kuro5hin.org

[XML]
All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!