| ▲ | lifis 6 hours ago |
| It's the usual problem of having no consequences for the person who wrote catastrophic code like this and the company who released it. If the person who wrote this were to be imprisoned for the rest of their life, for instance, or if the company were to be fined $1 million per user put at risk (which would probably mean a $1-10 trillion fine for Google -enough to trigger bankruptcy), then things would be very different |
|
| ▲ | StilesCrisis 5 hours ago | parent | next [-] |
| If this rule were implemented, would you be walking free right now? Think it over. |
| |
| ▲ | mrgoldenbrown 4 hours ago | parent | next [-] | | Pretty sure the million dollars was not meant seriously. There are plenty of regulated fields in which people still participate, despite various risks of liability. Professional engineers, doctors, every Uber driver in the US, who could potentially be punished for negligent driving while on the job. The point, I think, is that the current level of responsibility for writing bad code is essentially zero, but should probably be higher for some applications. | | |
| ▲ | JumpCrisscross 2 hours ago | parent [-] | | > the current level of responsibility for writing bad code is essentially zero, but should probably be higher for some applications I agree that e.g. working on an OS should require guild-type credentials. But I don't know if most SWEs understand the professional-standards requirements such organisations are empowered to enforce on their members. |
| |
| ▲ | ux266478 5 hours ago | parent | prev [-] | | I most definitely don't agree with him, and I find the idea absolutely repugnant. Devils advocate though, I would be much more careful with the code that I write if regulators passed some dogshit law like that. | | |
| ▲ | pavel_lishin 5 hours ago | parent [-] | | I would stop writing code for money. | | |
| ▲ | ux266478 5 hours ago | parent | next [-] | | I understand that, though I wouldn't stop. I'd just go much slower and radically change my methodology. Failures in other engineering domains come with massive legal consequences, and they have for a very long time. In mesopotamia if a house collapsed and killed someone inside, the builder was put to death. People still built houses in the hundreds of thousands. It really just introduces a legal burden to prove competence and work in good-faith, and nets immense power to throw out ridiculous deadlines. Your managers are legally responsible too, and if they push beyond what's reasonable you have just cause to bring them to court in a way that you currently don't. To re-emphasize, I don't think this is a better world, but it's not unlivable. | | |
| ▲ | pavel_lishin 5 hours ago | parent [-] | | Sure, but home builders today very rarely get put to death, and it takes a particular kind of intentional fuck-up to have a plumber, or a drywaller, or electrician placed in prison. If I was personally liable for damages, and there was an insurance program or some sort - similar to how doctors & dentists practice - sure, I'd probably still write code, very carefully. But if there was a decent change of me spending the rest of my life in prison because something I wrote on a Friday at 4pm under some amount of stress? No thanks. I can re-train as a plumber, and stand knee-deep in shit all day. |
| |
| ▲ | tialaramex 5 hours ago | parent | prev [-] | | Well, one scenario would be that everybody who writes code would do so for money. Take my friend who is a property lawyer. The firm she works for buys her insurance, because it would be insane to operate without insurance, but the only available insurance is personal insurance, it insures a specific person to do property law. So, although her day job is helping that $100Bn farm equipment company buy a $10M new factory from a $100Bn construction firm, at the weekend she is covered by that same insurance when she represents her friend buying a $500k cottage. AIUI this is a completely normal arrangement. If that was the situation for programming, the company is going to buy your $100M exploit insurance because they need a programmer, but it's personal insurance so you could work on your Game jam game using the same insurance, and it'd be crazy to just "Go commando" if you don't have employment and thus insurance, in case somehow your "Galaga but also Blue Prince and somehow a visual novel" Game jam entry causes a $10M damages payment. | | |
| ▲ | bombcar 4 hours ago | parent [-] | | Or it becomes standardized to have exclusions - pilots for example often have extensive insurance that covers the company when they’re flying for hire, but covers nothing if puttering around in a Cessna on the weekend. Insurance companies are very, very good at figuring out how to identify and price risk, once motivated to do so. | | |
| ▲ | tialaramex 4 hours ago | parent [-] | | Sure as you'd expect lawyers are better at cutting a good deal for themselves than other professions, but I wanted to cite an example where it does work out. Also from what I've seen there are way too many GA accidents involving airline pilots for the insurers to eat that loss. They almost invariably have superior skills, but some of them more than compensate with risk taking. | | |
| ▲ | wahern an hour ago | parent | next [-] | | It's not about lawyers cutting a good deal for themselves. Liability issues get complicated along multiple dimensions when they involve licensed professionals, even when they're day-to-day working relationship is indistinguishable from any other employee. And lawyers, even more than doctors, are at the furthest extreme of this complication spectrum. Even were software engineering to become a mandatorily licensed profession like some other engineering disciplines, there's little reason to believe insurance products would mirror those in the legal profession. I seriously doubt we'd end up in a place where employers are common--let alone routinely--paying to cover liability for work outside the scope of employment. | |
| ▲ | bombcar an hour ago | parent | prev [-] | | It's because it's simpler to insure "everything real estate" or whatever than to try to cut out exclusions for (relatively) cheap properties. But if they noticed that they were paying out more than expected on these $500k deals, the insurance would change quite quickly. The same thing happened with GA insurance - there was an assumption that airline pilots would be safer but it didn't really turn out as expected, because a 747 has a heck of a lot more "keep you safe" doohickeys and doesn't fly low to the ground much. |
|
|
|
|
|
|
|
| ▲ | hombre_fatal 4 hours ago | parent | prev | next [-] |
| We should roll this out for everything. Someone T-bones you in parking lot, chef causes food poisoning, plumber's leak floods your bathroom, personal trainer pushes to injury, mislabeled allergen on food, movers break your armoire, roofer leaves a leak -- I bet we'd see a lot less of all that if a $1MM fine + life in jail loomed over everyone. Nobody would want to do business, but boy would we be in a golden age. |
| |
|
| ▲ | akersten 6 hours ago | parent | prev | next [-] |
| > If the person who wrote this were to be imprisoned for the rest of their life [...] then things would be very different Yes, they certainly would. You wouldn't have smartphones, for instance. I can't tell if this is satirical or not. But there are so many takes like this recently (hold the website liable for user content, hold the corporate developer liable for zero days in a project they happened to touch) that would all result in the same outcome (no more product at all) that I can't help but wonder if there's some luddite psy-op trying desperately to bring us back to a pre-Internet era in any way they can... |
|
| ▲ | XorNot 6 hours ago | parent | prev [-] |
| Yes...no one would write any code. |
| |
| ▲ | bombcar 4 hours ago | parent [-] | | Code would be written over TOR and passed around on unmarked USB sticks in back alleys. Pssst - hey, kid, want some GNU? |
|
