Stories
Slash Boxes
Comments

SoylentNews is people

posted by mrpg on Sunday March 25 2018, @03:37AM   Printer-friendly
from the conversation++ dept.

Bunnie Huang, hardware hacker, wrote a brief article about transparency versus liability in the context of open hardware. He covers some of the tradeoffs without going into depth.

[...] Should a buggy library you develop be used in a home automation appliance that later causes a house to catch fire, you get to walk away scot-free, thanks to the expansive limited-liability clauses that are baked into every open source software licence.

Unfortunately, hardware makers don't get to enjoy that same luxury. Beyond guaranteeing a product free from workmanship or material defects, consumer protection law often requires an implied or express 'fitness for purpose' guarantee – that a piece of hardware is capable of doing what it's advertised to do. The latest controversy over Spectre/Meltdown indicates that more people than not feel CPU makers like Intel should be liable for these bugs, under the 'fitness for purpose' theory.

Open hardware makers should be deeply concerned. [...]

At BlackHat 2014, Dan was more specific regarding software and raised, with Poul-Henning Kamp, the idea that normal liability laws should also apply to software. But with that liability in place, exemptions should be available if vendors supply complete and buildable source code along with a license that allows disabling any functionality or code that the licensee decides against. Poul-Henning has called for a long time for changes to liability laws for software.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Sunday March 25 2018, @01:53PM

    by Anonymous Coward on Sunday March 25 2018, @01:53PM (#657888)

    "Once someone builds it and sells it, it is right that they are the ones who should be responsible for the outcome."

    No, I don't think that is the right direction for a vanilla RasPi from FooManufacturing.

    Open source should make a difference.

    Foo's warranty is that the gadget is a RasPi, not that the RasPi design is free from bugs.
    Foo's job is to make a faithful copy of the open definition of a RasPi so I don't have to.
    Foo's job is not to make sure the design of the RasPi is valid or useful.

    Given the lack of details on the processor chip, that would be a near impossible task for Foo.
    The processor chip on the RasPi, might have a warranty from it's manufacturer that is works as advertised?
    Foo might take on additional responsibility if their advertising says their RasPi is good for some specific task?

    Now if somebody takes a RasPi and sells a closed system for some purpose, then they take on the responsibility to make sure the system is fit for the system's purpose.