How should we fix the IT industry?

[Samson]

I was reading this on El Reg, and while it is pretty out there a few of the points made sense to me:

Introduce liability into the software business:

There are only two industries that have no liability problems he said – religion and software – and this needs to change for the coding community.

His proposed solution was offering two different business models. Software firms could carry on selling code, but if the programs are faulty then the companies must pay out when things go wrong. Alternatively, they can publish the source code of software, allow the user to shut down functions they don’t want, and enjoy freedom from being sued.

"Software houses will yell bloody murder and pay any lobbyist they can to scream that this will end computing as we know it,” he said. “I would respond ‘Yes please, that was exactly the idea'."

This sounds reasonable to me. If you give me the means to assess the risk of failure from your product you can pass the responsibility to me. If you deny me that right, then you are responsible if you product is faulty. This would be a massive change in the structure of the industry, and some big name may not survive it.

Net neutrality:

He suggested a similar solution to the net neutrality debate. ISPs can’t expect to enjoy common carrier protections against being sued for harmful content on their networks and also expect to be able analyze network traffic so that they can apply differential pricing based on what users are watching.

Again reasonable. Either you are a common carrier and just pass everything requested by your customer to that customer blindly, or you are making value judgements on it and can be held responsible for it.

If you no longer support a product, then open source it:

If a company stops issuing security patches for code, as Microsoft has with Windows XP, then that code should automatically become open source, he said. If you abandon a car, property, or child, then you lose rights to it and this should be true for software, too.

As for embedded systems, manufacturers need to either include a remote management systems that allows the software to be updated, or they need to have a limited lifespan. Leaving old devices in operation was a recipe for disaster, Geer warned.

This I really like. People have bought your product. They use it. You cannot be bothered to continue supporting it, then give them the means to do it themselves. Either you are out of the business, or you have a much better product on sale. In either case, you should not mind the source being out there.

There are other points there, that I either do not understand or do not have strong feelings about. Any comments?

 

[SS-18 ICBM]

Software manufacturers have no liability? How did that happen?

 

[Kozmos]

Good luck proving liability on software mixed with many different hardware. And the way software is built and the way the market runs and the shareholders expect consistent returns...yeah, no.

 

[Samson]

Good luck proving liability on software mixed with many different hardware. And the way software is built and the way the market runs and the shareholders expect consistent returns...yeah, no.

In many cases 1 company supplies both the software and hardware, so it would not be too much of a problem. Also, once the possibility is out there it may have the desired effect of making software less flaky, whether or not a case if every brought.

 

[Kozmos]

In many cases 1 company supplies both the software and hardware, so it would not be too much of a problem. Also, once the possibility is out there it may have the desired effect of making software less flaky, whether or not a case if every brought.

You could make a case for Apple(OS X + iOS) and the various Android iterations of phone manufacturers. Software will never be less flaky. The crappy product you get today in most cases has been run through some form of QA and bughunts (less so today and more noticeable in games than other software) and once they crush all the major bugs the product is shipped. (usually, sometimes they can't be bothered with finding all the software-crippling issues) Eliminating every problem is near impossible to achieve unless the program is extremely simple and would take a crapload of man hours which ain't nobody gonna pay and the market will not wait for to be finished.

Consumers have proven to be consistently stupid and hungry enough for more software to buy despite incompleteness and faults. Devs have as a result become super lazy and the industry in general doesn't promote a quality standard of some kind, just deadlines. You have people nowadays paying for early access to alphas and betas, doing the devs work for them. And the state of some of these so called betas...oh boy...

 

[Zelig]

I don't think there's much wrong with the IT industry, other than chronic under-valuation and under-funding from non-IT management. I think opening up accounting, doctoring and lawyering to offshoring to the same degree as IT would level the playing field.

re: Software Liability - Pointless idea, let the free market take care of it. Any important customers can already get the source of pretty much any software they want anyway.

re: Net neutrality - Dumb workaround. ISPs should be dumb pipes.

re: Unsupported software - Ridiculously unworkable. Who polices what constitutes "support"? What do you do when China starts insisting that the level of support for Cisco routers qualifies as "unsupported" and Cisco must publish the source? What do you when any company that publishes software simply ceases to exist once they no longer want to provide support for a product? What do you do with companies that don't separate security and feature releases, do you force them to open source every prior version of their software every month? What do you do with cloud storage companies, when do you force Dropbox to supply their source?

 

[Tahuti]

Just end most IE laws so that open source can become mainstream.

 

[warpus]

Software firms could carry on selling code, but if the programs are faulty then the companies must pay out when things go wrong.

Most web development contracts I do on the side include maintenance provisions. This includes the fixing of bugs, updating content, general maintenance, and so on. That's pretty much the standard in the industry, although a lot of people do include bug fixes for the first release as something that is included in the initial fee. I do this from time to time too, depending on the job.

Unfortunately you just can't get around bugs.. they will pop up no matter what you do. It's just not economically viable to have a large enough test team to ensure that you product has 0 bugs. It's not possible.. The closest you'll get is in highly specialized systems that run on a very specific platform and hardware - that you can control.

I worked for a company that built and sold interactive kiosks.. We had 100% control over the software and hardware, so we could minimize bugs.. big time.. However, even though we had such control, they still popped up.. They just do. It wasn't as frequent, but it's just an accepted part of software engineering. Bugs happen and you have to deal with them.

If you're hiring someone to write software for you, you are just going to have to put up with that reality. But if you can convince a company to insert such a clause in the contract (bug = $$) you sign with them, then all the power to you. I'm not against such a thing at all, unless you sort of want to mandate it, which would be a horrible idea.

Alternatively, they can publish the source code of software, allow the user to shut down functions they don’t want, and enjoy freedom from being sued.

Another horrible idea..

The reason software engineers are hired in the first place is because the person hiring them doesn't have the knowhow, experience, and/or tools required to develop the software he needs. You hire someone to write the code for you so that you don't have to.

This sort of thing will work in some circumstances, such as in the case of open source software, which anyone is free to use as long as they adhere to the terms, by the way. But to insist of this sort of thing working for all software engineering contracts? It just wouldn't.

In the end most people who want software written understand the realities of the business.. bugs will just happen, and you have to put up with them. At the same time this does not mean that the software house that is servicing you should not be liable for problems that come up as a result of their product. They definitely should be, within reason.

This seriously sounds like something written by someone who has never coded anything in his life. (the article that is) .. I understand he's a security expert of some sort, but his views on bugs are just.. out there.

 

[Samson]

This sort of thing will work in some circumstances, such as in the case of open source software, which anyone is free to use as long as they adhere to the terms, by the way. But to insist of this sort of thing working for all software engineering contracts? It just wouldn't.

...

This seriously sounds like something written by someone who has never coded anything in his life. (the article that is) .. I understand he's a security expert of some sort, but his views on bugs are just.. out there.

You know, once I thought about this a bit, I think you are nearly there. I think this guy knows all about code, and also that this will really work for open source software. Perhaps what he is really saying is open source your software, or make it really work, and so cost loads in either development time or litigation. This would make the market MUCH more in favour of OSS than it is now.

 

[Timsup2nothin]

"Use at own risk" wasn't a stunning breakthrough discovery by the software industry, it's been around. In some industries it doesn't last, in others it does just fine. I see no reason to think the software industry is in desperate need of abandoning it. While buggy software is annoying, it has yet to have any earth shattering consequence.

 

[DaveShack]

There is a huge difference between software used by individuals and that used by large organizations. Banks, for instance, are not going to want their core systems to run on open source. I'm fairly certain the bank's customers would be uneasy about that as well.

Releasing the source of an old system like Windows XP would never work, because the later versions of Windows have a lot of code in common.

 

[Samson]

Releasing the source of an old system like Windows XP would never work, because the later versions of Windows have a lot of code in common.

But what is the problem with that? If the differences in code between XP and 7 are 10 years work of the biggest software company in the world, who is it harming releasing the XP code? It is not like it can be turned into 7 easily.

 

[Timsup2nothin]

But what is the problem with that? If the differences in code between XP and 7 are 10 years work of the biggest software company in the world, who is it harming releasing the XP code? It is not like it can be turned into 7 easily.

It saves someone who is trying to beat them to nine from having to start from scratch.

 

[Zelig]

There is a huge difference between software used by individuals and that used by large organizations. Banks, for instance, are not going to want their core systems to run on open source. I'm fairly certain the bank's customers would be uneasy about that as well.

There's nothing to suggest this to be a rational desire backed by any evidence.

https://www.schneier.com/blog/archives/2011/06/open-source_sof.html

But what is the problem with that? If the differences in code between XP and 7 are 10 years work of the biggest software company in the world, who is it harming releasing the XP code? It is not like it can be turned into 7 easily.

You haven't answered any of my questions. Does SP1 for Windows XP mean they have to release the source code of XP if they stop supporting XP without SP1?

 

[Samson]

It saves someone who is trying to beat them to nine from having to start from scratch.

Only someone who is making an open source version of 9. And then one might say that is fair, considering what windows has from open source (the TCPIP stack for 1 I believe).

You haven't answered any of my questions. Does SP1 for Windows XP mean they have to release the source code of XP if they stop supporting XP without SP1?

No. SP1 was a free "support upgrade" on XP vanilla. Your other question : "Who polices what constitutes "support"?" is a little harder, but I guess it is tied to the liability thing. If you are willing to stand by its performance, then any failure in support handed by the claim courts. If not, open source it.

 

[Timsup2nothin]

Only someone who is making an open source version of 9. And then one might say that is fair, considering what windows has from open source (the TCPIP stack for 1 I believe).

I would guess Microsoft would be more concerned with someone making a non-open source direct competitor. Considering all the things Microsoft is accused (probably rightly) of ripping off in the process of making Windows it is reasonable to expect them to not volunteer anything to the great unseen competitor that may well be out there somewhere.

 

[Zelig]

No. SP1 was a free "support upgrade" on XP vanilla.

So what if Windows gets a $5/m subscription option, and monthly updates that indefinitely allow you to update as long as you're subscribed?

Your other question : "Who polices what constitutes "support"?" is a little harder, but I guess it is tied to the liability thing. If you are willing to stand by its performance, then any failure in support handed by the claim courts. If not, open source it.

What does "stand by its performance" even mean? Microsoft doesn't misrepresent Windows. Sure, it has bugs, as does every software.

A Ford Fiesta isn't the safest car in the world, but every time someone gets injured in a Fiesta collision they can't sue Ford for making the Fiesta less safe than a Tesla Model S.

Should we force Ford to take on more liability unless they open source all design and engineering documentation for their cars?

I would guess Microsoft would be more concerned with someone making a non-open source direct competitor. Considering all the things Microsoft is accused (probably rightly) of ripping off in the process of making Windows it is reasonable to expect them to not volunteer anything to the great unseen competitor that may well be out there somewhere.

Microsoft is really more open than they've ever been, and doing a better job of it than the most other companies.

http://www.hanselman.com/blog/MicrosoftKilledMyPappy.aspx

 

[Denkt]

How should we fix the IT industry?

I think its fine at it is right now.

Forcing companies to make perfect software (and who is to judge what is perfect) or lose their ownership of the software completely, I just say no (it should be obvious why I say no)

Being forced to release the code of something that is no longer supported, its like telling a car manufactor to release all their technology about all phased out cars its just plain stupid.

That article is about destroying the industry, it says that itself in red.

 

[CommonKnowledge]

I'd settle for getting appreciated a bit more at work rather than putting in time out of hours, at the weekend and staying late most days just to be forgotten the moment something is fixed. It's amazing how, with the exception of one job I had, IT gets forgotten the moment they're no longer needed whilst everyone else fights over who gets the credit for something they didn't do.

It's not so much of an issue when you work in a team and can laugh it off with other people in the same situation but when it's some contract job or you're on a very small team it becomes unbearable after a while. I never see any other department expected to be available out of hours, at the weekend and at 2 in the morning when some genius decides to modify the firewall and yet the moment I bring it up all of a sudden I'm 'not a team player.' I've left companies in the past because of this sort of treatment and it's amazing it still happens; not so much with developers because they're (or should be) hidden away from users but it goes on all the time within operations.

Obligatory IT Crowd video:

Spoiler :

Link to video.

 

[Timsup2nothin]

I'd settle for getting appreciated a bit more at work rather than putting in time out of hours, at the weekend and staying late most days just to be forgotten the moment something is fixed. It's amazing how, with the exception of one job I had, IT gets forgotten the moment they're no longer needed whilst everyone else fights over who gets the credit for something they didn't do.

It's not so much of an issue when you work in a team and can laugh it off with other people in the same situation but when it's some contract job or you're on a very small team it becomes unbearable after a while. I never see any other department expected to be available out of hours, at the weekend and at 2 in the morning when some genius decides to modify the firewall and yet the moment I bring it up all of a sudden I'm 'not a team player.' I've left companies in the past because of this sort of treatment and it's amazing it still happens; not so much with developers because they're (or should be) hidden away from users but it goes on all the time within operations.

Breaking things that someone else has to fix and then showing no appreciation for them was an art form long before most companies even had computers. Ask anyone in any maintenance or support department of any kind.

No point complaining, 'cause it ain't changing.