Once again the apologists spout off about how liability worries would keep programmers from introducing new features. Well, GOOD. I'll take stability and security over pointless, unreliable "innovations" any day.

Windows is too important a piece of our instructure now to be at the whim of the latest "cool" tech fad. If we're going to make computers the centerpiece of our lives, as Bill Gates & Co. keep insisting, then we have to be able to depend on them.

There are plenty of reasons to hate Microsoft's products, and this is yet another one. All the more reason to switch to Linux. However, it would be an unspeakably gross miscarriage of justice to hold them liable for the malicious code written and deployed by someone else.

There's no question that Microsoft's products aren't as secure as they could be, but the fact of the matter is this: Every single piece of their software presents its license agreement during the installation process, and will not even proceed with the setup unless you explicitly agree to it. Anyone who wishes to benefit from using the software, while selectively rejecting parts of the license agreement, is basically trying to have their cake and eat it too.

People prattle on and on about corporate responsibility, but then so conveniently forget that we customers must also take responsibility for our choices. Nevermind the effects that liability worries might have on "innovation". That's completely beside the point. The point is that it's just plain wrong to hold accountable those who warned us from day one: THIS PRODUCT IS PROVIDED AS-IS. USE IT AT YOUR OWN RISK. If we choose to use their software, we must accept the risks that go with it.

As for the viruses and worms that have plagued the internet, it would be absolutely unconscionable to hold Microsoft accountable for somebody else's crimes.

More so every day it seems that engaging a Microsoft product leaves me with the feeling of having watered a dormant lawn. Things will never
Be as verdant as I remember.
Obviously, a 'different' code was written and the garden was raided. This is not new news to me.
Perhaps, I have errored in following the future of all the 'bandits' that have been apprehended,
But I believe these folk get job offers instead of jail time. Help me if I have overlooked anything.

For the sake of argument, let us suppose that I rent a car from Hertz with a known brake defect. I am desperately in need of the vehicle, and Hertz will only rent it to me after I sign a rental agreement that prevents me from suing them for any damages I cause with their faulty vehicle.

Shortly thereafter, I run a stop light and hit you in the side, causing great damage to both of us.

Could I sue Hertz?

Probably not - after all, I signed the agreement.

Could you sue me?
Could you sue Hertz?

I believe you could both, based on negligence. I'm sure Hertz would agree, and would refuse to rent a vehicle with known safety defects.

I also think the same law will eventually be applied to Microsoft.

For a great article specific to Microsoft, click on http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2813470,00.html

Jim Hudspeth

I cannot be make hertz accountable if I have signed a contract that states I will not persue a breech of contract,As far as I know.

No MJ, you probably cannot hold a vendor accountable if you have agreed by contract not to.

An innocent, injured third party is an entirely different matter. As you may or may not know, the courts recently ruled that injured parties can sue Boeing over the World Trade Center attack.

Sooner or later the same law will apply to Microsoft.

Jim Hudspeth

Forgive me for questioning your sources, but if one of them is so delusional as to think that Microsoft has the "best programmers on the planet", maybe you should reevaluate the source before you think to use the source in the future. As for me, if Microsoft's track record in security flaws is indicative of the quality of their staff, then I would place them well below the median level of the programming food chain. And yes I am a programmer by profession. No I do NOT use any Microsoft products on any computer by personal choice only by extreme levels of coersion. Consumers DO have a choice... open source software or Apple products.

I would think that reasonable care is mandated for the security of a product. However, no manufacturer can account for all possibilities of criminal attack.

It is the responsibility of each user to provide her/his own security. There are methods already available to ensure, for the most part, that your network is secure. No one can account for every eventuality.

Making Microsoft responsible for all avenues of attack is tantamount to making the designers of all skyscrapers responsible for making their buildings impervious to attack from inbound aircraft.

I believe that it is ludicrous to place blame on Microsoft. That is the equivalent of saying, if criminals only rob 7-11s because they do not like the 7-11 corporation, then the 7-11 corporation is responsible for customers injured during the robbery. Because Microsoft can prove they are making a concerted effort to make their software safer, and because they can also prove that other software vendors have produced software that have been susceptible to viruses, they alone cannot be held negligent. It is clear that Microsoft software is being singled out by virus writers. I do not believe this is solely because Microsoft software is inferior.

Furthermore, for the sake of argument, lets say Microsoft goes under and another company becomes the #1 software vendor. When hackers begin attacking that company, and they will, do we now hold that company responsible? Is this to say all companies should be held responsible?

I believe any 'law' that applies to Microsoft must apply to the entire industry. Moreover, I believe that since Microsoft software is part of America's infrastructure, these virus attacks are actually attacks on the infrastructure. A major reason such attacks are allowed to continue is because stiff penalties are not in place. Once the parents of the 15 year old virus writer starts paying a $10k to $20k penalty with the kid receiving a 5 year no-pc-access probation, or the adult virus writer pays the above and does 2 years in prison, I believe the problem will come close to correcting itself.

Microsoft wanted a back door to everyone's computer to determine if software is pirated. Microsoft has an obligation to warn its customers that they have an intentional security hole and how it can be plugged.

The latest hole allows your Office software to be controlled by an external program over the internet through an open port. I don't want the option of having my Office software controlled through a port over the internet.

A federal court very recently ruled that the owner of the World Trade Center can be sued for negligence with regard to the terrorist attack. The two possible sources of liability mentioned in a 9/10/03 article in THE WALL STREET JOURNAL were inadequate safety design and inadequate evacuation plans.

Thanks to those who've shared their thoughts on this. Keep 'em coming. I've posted additional information on this subject here: http://blog.seattlepi.nwsource.com/microsoft/archives/000769.html

Microsoft bugs and security flaws in their products are costing corporations world wide billions of dollars.

Even before Microsoft released Internet Explorer and started taking the internet seriously, they had developed the software development life cycle methodology that has led to their current problems - they simply do not properly test their software before they release it.

MS seems to think that the public is their testers. They release software full of bugs and know the public will report them and they will fix it later.

I have been a professional corporate programmer for over 20 years and I can tell you that if I had put code into production with flaws of the nature that have been found in MS products, my butt would have been out of a job a long time ago.

It's great to hear that they are taking security more seriously, but so far it seems like nothing but lip service.

They have such a large market share that it has led to these issues. Any 2 bit hacker can write an automated Office VBA Script that can cripple the whole internet. Give me a break - they should have thought of this stuff. They have the ability to hire the best security consultants money can buy. Gates should just come and announce that MS products will be secure in 6 months and then GET IT DONE.

The shrink wrap licensing agreement is a joke and laws are going to have to change these. MS cannot continue to be held unaccountable for not testing their software properly before they release it to the public, make billions of dollars off of it, and then sit back and watch as hackers easily disrupt world wide businesses.

To be fair, I do believe Microsoft *is* making some significant progress with regards to security. Certainly, their software is still vulnerable to attack, and there are tons of bugs still left to be discovered. But let's look at what *has* been done.

1) Even as recently as a year ago, we would only learn about new security holes "the hard way", which is to say, after someone had already exploited them. Microsoft themselves almost never released security patches *before* the vulnerability had been found by someone else.

I believe that has changed significantly. We are now getting security bulletins from Microsoft almost once a week. On the one hand, sure, it shows just how many flaws they have to fix. But on the bright side, at least *they* are the ones letting us know about it now. They really are going through their code with a fine-tooth comb looking for bugs, and releasing patches as soon as they can.

2) Through Windows Update, the OS now has the ability to keep itself up-to-date automatically. They are making it easier and easier to deploy these critical bug fixes. Granted this doesn't solve everybody's problems, and not every computer is connected to the internet. But this still goes a long way toward helping sys admins get patches deployed.

3) The products that will really benefit from Microsoft's recent security initiatives aren't released yet. At the moment, most people are still using software that was written 3 years ago or more. Back then, Microsoft (obviously) did not make security as high a priority as they have now. And we're seeing the results. But you can bet that what's being developed now is going through rigorous security testing, much more intensive than in years past. I would expect future versions of Windows and Office to be much more stable than their current incarnations.

So, all-in-all, I believe progress is being made. And in time, we will see fewer and fewer of these security problems. Is this too little too late? Perhaps for some. But this is just the kick in the ass Microsoft needed to take this issue seriously.

If one cannot hold MS responsible, then why is the OS being forced on the consuming public?

I realize that there are hole-in-wall PC assemblers out there, I get my PCs from one. But when you try to buy a HP or Dell laptop from a major retailer, you end up with an OS, whose maker will not assume reponsibility for its functions, nor will they give you a refound.

As for miscarriage of justice, because others wrote the malicious code. Well if my bank gets ripped off, I don't care if the thief was very clever or the bank had great? security, or the vault maker is really liable, I'll go after the bank.

just want to know how can we depend on a firm when a simple worg mblaster can shutdown half country in too litle time???

should i thanks Microsoft?? Is Bin Laden behind Microsoft???

Give them up! Microsoft will never be a quality company. If they wanted to be, they would - or would anyone dare say they don't have enough capital?

Nope - quality is simply not one of their priorities. Not high enough. And personally I've had it with their style too.

I admit I've had a Big Mac now and again, but I wouldn't call it 'good eating'.

ok

Personally me.. I don't blame Microsoft. Its impossible to create completely secure code. There is no such thing as complete security.
We also develop some software products, and no matter how accurate we code, there is possibility that someone will crack, hack or harm our program is some way.
there are lots of people who chases after popular products and tries to hack it.

instead of blaming microsoft i recommend using anti-spyware software and if that doesn't help, try out this http://www.spywaredb.com manual spyware removal resource.
my 2c :)