The analogy doesn't work at all for me.

I don't support stringient punishment for faulty software (that is not mission critical -- air traffic control, heart monitors, etc. excepted) because the severity of the crime is not that great.

I don't believe severe punishment of "virus" writers for the same reason. If a product does not work to a customers satisfaction, they have the option to not buy that product or other products from that source again. Or (and UCITA attempts to block this) to return it and demand a refund. The basis for legislation such as UCITA and the Digital Millenium Copyright Act is that software can be copied and then returned. While there needs to be a way to prevent such piracy, barriers to normal market conditions like the right to consumer satisfaction must not be infringed.

Stronger punishments are not the answer. In the example of the ILOVEYOU "virus" -- I agree it is a misused feature, but it is self-replicating, and so technically a virus -- the damage is merely annoyance, at worst an inconvenience. No one died because email servers were clogged, and if so, the ones who should be punished are the people who placed peoples lives in the hands of a single, fairly new, known to be faulty form of communication.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/32/1937#1937