Is Anyone Accountable for Net Security Snafus?

The United States is the most litigious country in the world. People sue McDonald’s if their coffee is too hot. Prisoners sue if their color TVs are taken away. Doctors, lawyers, big corporations, mom-and-pop corner stores — no one is immune to being slapped with a contentious lawsuit.

Except, apparently, Microsoft and all the other high-tech companies who peddle software with gaping security holes.

Sign Away Your Rights

Okay, Microsoft is at the top of the list because the software titan is the biggest culprit, but other developers deserve lawsuits too. Anyone who has ever tried to download a software program from the Internet has encountered at least one of those lengthy licensing agreements users must “sign.” The intent of those “contracts” is to make people believe they are signing away their rights to any potential compensation should the software prove faulty.

With the U.S. and world economies increasingly dependent upon computer technology, someone ought to be thinking seriously about protecting software from attacks. Instead, the developers seem more interested in protecting themselves from potential liability.

For example, the Uniform Computer Information Transactions Act, a law that has been passed in two U.S. states and is under serious consideration in seven others, is designed to make those licensing agreements ironclad.

Strengthening liability protection for the software makers endangers the future of the Internet by giving the companies less incentive for ensuring that the consumers who buy their products can safely use them. The developers will be able to churn out flawed software with impunity — even though the products are not a whit more resistant to bugs that can cause millions of dollars (US$) worth of damage.

Microsoft Had Ample Warning

To date, the “Love Bug” has been the Web’s most costly security breach, with experts putting its global price tag as high as $10 billion. The virus was spread the same way — through e-mail programs — as the less costly Melissa virus before it. So it isn’t as though Microsoft didn’t have warning. It did — about 15 months worth.

And yet the company didn’t come out with a patch until an incident of global proportions forced a response. Security experts warn there are still vulnerabilities. There ought to be a law.

There is, you say? Then there ought to be a great big lawsuit.

More Bells and Whistles

Consumers have to accept a measure of responsibility. We want more, faster and better software every day. We want fancy features and ease of use. In the superheated, super-competitive atmosphere of the New Economy, software companies are more concerned with meeting our demands than with fending off the security threats that could put us out of business.

Polls show that Internet users are worried about security, but rarely take steps to protect themselves. Why should we? That’s a job for the experts. But if people are willing to shell out money without complaining, then why should the experts give a hoot?

Electronic Armageddon

Here’s why: because one day the whole system could crash. The pandemic Internet disease. Electronic Armageddon.

The science of preventing and treating electronic viruses has simply been left behind by the technological advances that enable the Net universe to expand ever outward. The Web is becoming more and more intricate, and in some respects, more delicate and susceptible to attack.

Once, it took months for computer viruses to spread enough to do significant damage. Now it takes minutes, even seconds. Who’s stepping on the brakes? Certainly not the anti-virus companies. Their “fixes” are more detection than prevention, and besides, their cash registers ring like pinball machines every time there’s a virus scare.

And certainly not Microsoft and the software industry — at least, not until they’re persuaded that to do so will serve their interests. Unfortunately, it will probably will take an even costlier version of the “Love Bug” to push the Internet community to the point of virtually shouting: “We’re mad as hell and we’re not going to take it anymore.”

And there’s nothing like a major, successful lawsuit to get the message across.