Why Can't Microsoft be Sued Under the Lemon Law? 210
briant97 asks: "Microsoft is sitting back making all this money by charging for desktop and server operating systems. If you go for a server, they also add additional charges through client access licenses. Well, now that they've charged you all this money they leave their software open to viruses and exploits beyond belief, which will cost your company even more money. When will it stop? When will Microsoft become liable for their actions? I mean they are making billions while costing other companies billions. Ford, Chevy, and all other car manufactures get held liable if they make a defective product, why not Microsoft?" One can argue that you sign away your right to seek damages from Microsoft, by agreeing to the EULA, however there is still this issue as to the strength of a EULA since they've never been tested in court. How do you feel about this subject? Should software owners be allowed to "sign" away their basic rights via click-thru licensing, or should software manufacturers be liable for the critical defects that show up in their software?
Lemon Law (Score:5, Insightful)
From http://www.mylemon.com/faq.htm:
What types of products are covered by the Lemon Law ?
All motor vehicles primary used for personal use are covered under the Pennsylvania and New Jersey Lemon Law.
slippery slope (Score:5, Insightful)
They should be liable (Score:4, Insightful)
This is ridiculous (Score:5, Insightful)
Microsoft is being no more negligent than their competitors would be. Businesses recognize the risk of using Microsoft, Apple, Sun, third-party or OSS software, and balance that against their need to actually use recent innovations. The end result, a fast life-cycle on development and rather unreliable products. Businesses suffer losses when software is compromised, but that's built into the cost of getting software years before it could be released otherwise.
If consumer advocacy laws applied to software development right now, you'd see innovation plummet. What few developers that would bother with top-notch reliability (which is comparitively boring) would still take years to create something after the idea was publically announced.
Meanwhile, some black market developers would create the same function in some illegal and wholly unsupported product, but businesses would buy it up like crazy.
The reason that these kinds of regulations are important with cars and pharmaceuticals is that these industries put people at risk to their lives. A flaw in a car will kill people. A flaw in software will cost a company some money, but is a threat that can be overcome through market practices. The company insures against damage, pays a premium, and gets reimbursed on loss. Nobody dies. Big fricking deal.
Businesses where reliability does matter (i.e. infrastructure and medical projects) go further and independently make sure they only use software that has gone through the ropes. This software tends to evolve more slowly, or else has a disproportionate amount of money thrown against it to speed things up.
Re:exploder (Score:3, Insightful)
Which brings up an interesting questions. Does it matter as much what caused the malfunction as how you were using it when it happened? Say I'm driving my car 130mph down the freeway when a faulty tie-rod end breaks causing me to carom around the freeway createing a 20 car pile up. Who's to blame? Me or the manufacturer of the faulty tie-rod end?
I would think the same thing applies to server software, if your using it irresponsibly when it's being used in a life or death situation and you don't take the necessary precautions just in case of a failure, who is really at fault?
Now if a serious fault in Microsoft software caused a train to kill a bus load of nuns, i'm sure a lawsuit could be filed against Microsoft. Weither or not it could be won I have no clue, i'm not a lawyer.
Re:slippery slope (Score:3, Insightful)
Re:Because it would be bad for everyone... (Score:3, Insightful)
But how much did this particular bug cost the industry? This would be the maximum liability. And obviously only the vendors would be liable; They're the ones selling it as a working OS suitable for certain purposes. There is only an implicit warrenty once you charge for it.
Re:slippery slope (Score:3, Insightful)
Re:All software makers should be held liable (Score:5, Insightful)
As an example of why software makers should be held liable, imagine a nuclear power plant being run by some OS. Now imagine that OS has a bug which causes it to crash if certain conditions are met. Now imagine those conditions are met one day, causing the cooling system in the reactor to stop working as it should. I think we all know what happens next...
Which is why Microsoft forbids the use of MS software for such mission critical apps.
If you need an OS to run a nuclear plant, you'll have it custom made, by someone who can be held liable and who'll probably provide the source.
Think of it like a car. (Score:5, Insightful)
My 1998 Honda had a problem with the ignition that, if a certain combination of environmental factors, driving habits, and the phases of the moon and planets all combined correctly, the contacts would corrode under the extreme voltage and cut power to the engine while in operation. Their response: Take the car to a dealer to have the ignition switch replaced free of charge.
I.e.: This otherwise safe and well designed car has a small flaw that under certain conditions may manifest itself in a potentially annoying to potentially dangerous way, depending on what you are doing.
Now, let's pretend it is a computer.
Your well-engineered and hardened security Windows 2003 Server system has a flaw in a protocol parser that allows, with the right combination of messsages, someone to cause code to be executed on your system.
In other words: This otherwise safe and well designed server operating system has a flaw which, depending on several factors, may manifest itself in an annoying or dangerous way.
Any complex system is going to have problems with it. Millions of lines of code, or hundreds of thousands of moving or conductive parts, each can have something fail if there's a tiny problem with it.
Microsoft releases their fixes free of charge, just like a dealer service recall on an automobile.
What's the problem here? You can eliminate 95% of these vaunerabilities by simply *not running without a firewall* and *not running unneeded services* which is (GASP) something you'd do on Linux as well. Linux is just as vaunerable if it's sitting open and unprotected on a network with 500 services running as root. Would you do that? No. So why do you do it with a Windows box?
If it's because Windows is more of a "turn-key" solution, and the user doesn't think to secure their box, it's not Microsoft's fault, the blame rests surely in USER ERROR.
Re:slippery slope (Score:4, Insightful)
It wouldn't work (Score:5, Insightful)
Lets first talk about supported hardware configurations.
Before I would allow certain liabilities like this, I would require a given supported configuration. Lets say something like a Pentium 4 processor running at 3Ghz - without HyperThreading, A Chipset, a single graphics card (make it old too), a single hard disk from one manufacturer - the list goes on (well in reality - the list doesn't go on). Your hardware isn't in the supported configuration (You did buy directly from Dell didn't you ?) forget the support, it isn't a tested and qualified system.
Software configuration
You weren't going to install ANY other software on your system, other than mine... How do I know that THAT software didn't cause the problem - so nix any software purchases - or that will void the warantee as well.
So basically you end up with a supported system, that is completely useless. Not much fun at all. And you WANT to have this happen by getting lawyers involved ?
Re:slippery slope (Score:3, Insightful)
Of course there's a big difference between the GPL and a EULA. A EULA imposes additional terms upon the buyer after a sale! This is, of course, redonkulous and utterly unenforceable. The consumer software buying process goes like this - you go to store, you pay your money, you walk out with a box of software.
Only when you get home and open the box do you get to read the EULA (and by the way, no retailer will accept returns of opened software!).
Now, if the terms of the sale were clearly specified on outside of the package, and you had to signify your assent to the terms before taking the software from the store, then the EULA might be enforceable. (Even then it would probably contain unenforceable terms, but that's a separate discussion.)
Of course, no software vendor or retailer is actually willing to do this because it would totally kill impulse purchases that are the backbone of retail software sales.
The GPL is a different sort of license, covering redistribution; if you buy a cd of GPL'ed software, the GPL allows you to redistribute it subject to certain conditions. If you don't assent to its terms by redistributing it, I can't think of a reason why the seller would not be liable for the software. Of course, if you just download GPL'ed software for free, the site you downloaded the code from may not be liable because, hey, you got it for free!
-Isaac
This would totally kill the software industry (Score:3, Insightful)
Maybe that's a bit extreme. Seriously, software is way more complex than a car. Who among you would bet your entire net worth that you haven't shipped code with potentially serious bugs in it? There are always bugs.
Maybe a mandatory "your money back if you aren't satisfied" law would fly. But 99% of the people who take advantage of that offer are going to keep a backup copy of the software, "just in case"
This idea could never get past the unanimous opposition of every company in the software industry. Just live with it - software has bugs. If you don't like it switch to another package or just go back to pencil and paper.
Oil change (Score:5, Insightful)
You don't expect a car dealership to be liable if your engine siezes because you never changed the oil.
The patches and exploits are handled as they arise and if you keep up with the maintenance than you wont suffer catastrophic failure.
Sure this is a bit of a stretch but you have to take some damn responsibility. You can't blame MS for all your woes.
They make a good product that keeps the majority on the road. Every generation has new features and new flaws. The fact is the flaws are publicized and you have an opportunity to patch them.
The time and money spent is part of the upkeep. It is like oil in an engine... if you never maintain it it will fail. It will leave you stranded and up a creek with a very expensive repair.
However, when maintained you get acceptable operation.
Quit your mindless bitching! Blame the Virus Writers for writing the viruses. Patch your system be it MS, *nix or whatever. Take some damn responsibility and stop blaming everyone else.
djb's take on EULAs (Score:3, Insightful)
Re:slippery slope (Score:3, Insightful)
For the record, I'd never ever contribute anything to the Open Source Community if I would be held responsible for the criminal act of another party.
Here's the problem: Viruses don't write themselves. It'd be like suing Ford because somebody put sugar in your gas tank.
Re:They should be liable (Score:3, Insightful)
Duh. They get away with it because they cannot guarantee the environment in which the software is run. Do you think your car would have a stellar warranty if there were no roads?
FTC Heard Arguments on This (Score:5, Insightful)
97 comments were filed publicly. Everyone from RMS [ftc.gov] to IEEE [ftc.gov] to, well, me [ftc.gov].
Basically, software warranties would make Free Software illegal. The model wouldn't work if we were held to quality expectations. Read the comments to educate yourself.
Re:As is.... (Score:3, Insightful)
Bullshit. If there was no sale, then the store is liable for fraud - because they sold it to me. And if you wanna go bark up that tree, you'll find that MS sells the software to them, so MS would also be liable for fraud.
Just because you've fallen for the EULA propaganda, doesn't mean it's true.
lemons (Score:1, Insightful)
Today : If life hands you lemons, sue the bitch.
Why is this so misunderstood? (Score:3, Insightful)
Here's the thing. Well, here are the things--there are two of them.
So this entire "software needs to be without liability, because otherwise we could be sued!" is nonsense. We can already be sued. What can't happen, at least assuming EULAs are valid and we're all using a EULA that disclaims liability, is we can't be sued successfully. And even if EULAs are held invalid and software liability becomes the rule, we're still not likely to be sued. Read on.
If software finally becomes subject to the same requirements of any other manufactured good, we're going to see commercial software companies (like Microsoft, Oracle, Red Hat, Novell, etc.) spending a lot of money doing bughunting, bugfixing, and documenting failures; and we're going to see both common and statute law exempting no- or low-cost free software from software liability.
Re:slippery slope (Score:4, Insightful)
"Lemon Laws" basically let you get your money back on a defective product.
So, keeping to that idea - Sure, I'll gladly refund the purchase price of $0 when a program I write fails to work for someone.
Similarly (as a freelance contractor), if someone pays me to write a program, and it doesn't work... Well, I don't suppose I'd get paid, would I? So why should Microsoft (and any other commercial software house) not have to live up to the basic standard of "works as advertised"?
Re:exploder (Score:3, Insightful)
Even Chernobyl wouldn't have gone Chernobyl if the stupid bastards running the plant hadn't disabled all the safeties and forced it into that state. [elon.edu]
Link above is from a Google search so here's the cache link [66.102.7.104] as well.
Re:slippery slope (Score:4, Insightful)
Maybe he's arguing about it because you don't even understand the terms you are using, so you are obviously clueless.
Are you honestly going to sit there and insist that a normal, home PC is somehow worthy of lemon laws which are designed to protect the lives of citizens like you and me?
You believe that Lemon Laws are designed to protect lives and use this as your argument that software doesn't need similar laws. Go learn what Lemon laws actually are and then you'll realize how silly you look.
And why are you being so abusive to people in an argument over something you don't even understand? Is it because Microsoft was used as a perfect example of the type of company we need protection from? Why do you pledge allegiance to Microsoft? Do you work for it? Do you own stock in it? Tell us please.
Re:slippery slope (Score:2, Insightful)
Re:slippery slope (Score:2, Insightful)
Until it's you being held liable. Sadly, all it takes is one little mistake.
I do think there needs to be some type of software liability laws, but they are going to have to be like nothing else out there, basically a totally new concept.
Re:slippery slope (Score:4, Insightful)
And what do auto manufacturers do? They recall the cars and modify them. Put simply, they upgrade them. What does MS do when there's a new Windows vulnerability? Exactly the same thing.
Grab.
Re:I'm also feeling addicted to Windows (Score:0, Insightful)
Re:As is.... (Score:4, Insightful)
Bullshit again. Where's their signature? Where's mine? What is the term of the license and how do I renew it or cancel it? Which company appointed agent negotiated the terms of the license with me?
When you buy a copy of Windows, that exactly what you do under the law as it stands. Software vendors have not quite managed to change that yet so they just pretend they have in the worthless EULA's that they produce.
no doubt some aren't, but they've not been tested in court any more than the GPL ever has been
The GPL's been tested millions of times in courts: it's called copyright. That's the crucial difference between, for example, MS's EULA and the GPL - the GPL gives you MORE rights while MS is trying to get you to sign AWAY rights (without signing). That's a huge difference when it comes to court. You don't have to sign something to agree to having more rights!
If you don't understand the license and click "I agree" anyway, that's your problem.
No it's not. If I have to yodel to get MY software to install then that's what I'll do. If I have to press a button marked "I Agree" then I'll do that too. Makes no odds: I still own the program just as much as I own my toaster. If the seller thinks that their pseudo-legal claptrap binds me any tighter than copyright law, then that's their problem.
TWW
If Users Can Sue MS, They Can Sue You, Too (Score:4, Insightful)
Any legislation mandating performance and security standards for software, or allowing its users to bring suit against the people that developed and distribute it, will likely be aimed at open source, as well as other non-MS commercial products. (If not intially, certainly rather soon. A lemon law targetting only MS is no more likely than a lemon law targetting only General Motors.)
Bottom line, then: If users can sue Microsoft, they can sue open source developers, too.