Readers' virus responses

To close the loop on this for the time being, here’s a quick recap of reader response to our story last week on the question of liability for software flaws and computer viruses. I went back through the voice-mail and e-mail messages I received, as well as the comments posted on this weblog, and attempted to put them into categories based on the sentiments they expressed.

Aside from this being a completely unscientific sample of public opinion, putting the responses into categories is also an inexact undertaking, because of the nuances of the debate. Keep that in mind as you read these rough totals:

* Sixteen people, or 32 percent of the approximately 50 people who responded, generally favored increasing the exposure of Microsoft and other software makers to liability for flaws exploited by writers of viruses and worms. Here’s an excerpt of one message from this camp, left by a reader on my voice mail:

"I thought (the article) was a little easy on them. First of all they’ve known about this danger for many years. They know it far better than the hackers do. ... There is nothing that can be made absolutely safe, not even a tire, however Microsoft has completely over the years neglected safety considerations."

* Eighteen people, or 36 percent, said holding Microsoft liable would be inappropriate, given that a criminal is the one ultimately causing the problem. Many people on this side of the debate took serious issue with the Firestone tires analogy used by software security expert Bruce Schneier, as quoted in our story. They included reader Peter Duniho, who sent this e-mail message:

When Firestone can be held liable for tire failure after someone punctures it intentionally with a knife, then it will make sense to start holding software companies liable for failures that occur after someone intentionally breaches the security safeguards.

How secure is the lock on your door? If a burglar picks the lock and steals your TV, do you think it will be reasonable to sue the lock company for not protecting you against the burglar?

The only thing newsworthy about this issue is that so many people are willing to ignore common sense and take out their frustrations on an innocent party. That’s just human nature of course, but it doesn’t make it right.

* The remaining 16 people offered various comments without taking specific stands on the question of liability. One reader, for example, asked who would be held accountable for security problems in open-source software created by a larger community and not necessarily backed by a corporate entity. Another wrote that he wasn’t sure whether Microsoft should be held liable for the effects of viruses, but that computer users should actively seek out alternatives to Microsoft products to alert the company to the severity of consumer concerns over security.

Which e-mail service did this reader use to send this message? Microsoft Hotmail, of course.

Posted by Todd Bishop at September 16, 2003 01:49 PM