I read on C/Net today that some believe that software makers should be liable for virus attacks. Software license agreements remove any and all liability from the software vendor: it's truly a case of buyer beware. The article on C/Net wanted some sort of legal liability for security holes in software, and compared this to an automobile manufacturer who didn't claim legal liability when an unsafe engineering decision decapitates the whole family.

Wait just a minute. While I'd agree that current license agreements could use some guarantee of quality, I'm not sure I agree that security holes should carry the same weight. After all, Toyota isn't liable because the Camry is the #1 stolen car in America. The Camry is a good safe and economical car, and because of this there are tens of thousands of them on the road. Therefore, the Camry is an easy target.

The same is true of computers. Microsoft is the Toyota Camry of the computer industry -- Windows is ubiquitous, and therefore an easy target. Yes, software can be made to be more secure, and you can bet that Microsoft is doing everything it can to make this happen (the bad press alone probably costs more than a few developer's salaries). But, Microsoft cannot make Windows hackproof no more than Toyota can make the Camry impossible to steal. Some cars are harder to steal than others, but in the end, if the will of the criminal is strong enough he will prevail.