zlacker

[return to "Open source liability is coming"]
1. monoos+K7[view] [source] 2023-12-29 18:44:26
>>daniel+(OP)
There seems to be some confusion in the comments regarding what this means for people releasing open source software.

The article makes it clear that (as the author understands it, at least) someone who uses open source software in their commercial product is liable; the people who wrote the open source code [1] are not.

> If a user is harmed by software, the person they paid (targeted ads would count) must compensate them for the harm – unless the software provider can prove their software played no role in the ... harm. If open source resources are [used by] your code, you’re responsible for their performance too. *The open source resource licensed away their liability to you*.

(Emphasis mine)

[1] Assuming they used a license that limits liability, such as Apache.

◧◩
2. pylua+z9[view] [source] 2023-12-29 18:52:19
>>monoos+K7
The article says it is not clear who provides relief if the user directly uses open source with no middle man. That is the most concerning part for me.
◧◩◪
3. sgt101+5c[view] [source] 2023-12-29 19:04:31
>>pylua+z9
If you use open source you are accepting the license that says that there is no liability. This is similar to going walking in a national park, there is no liability for an injury that you incur. This is very different from walking in a shopping mall. If you fall in a hole on a mountain this is your problem. If you fall in a hole in a mall it's the mall's problem.

The article is attempting to create a scare about things that have always been true. If a telco's services crash the telco has to compensate customers even if it was a postgres failure that caused it by failing to authorise handsets for a connection in a cell. For example.

◧◩◪◨
4. rini17+ze[view] [source] 2023-12-29 19:19:49
>>sgt101+5c
The line is very unclear to me. What if that national park accepts donations/has entry fee expressly to maintain the trail, would that make them liable for accidents or not?

The telco has service agreement with customers and it's clear exactly what service it was supposed to do and failed. Where is such agreement for a random github repository? To put it a bit ad absurdum, say user supplies parameter to your math function so that it divides by zero and it results in some injury or loss. Who is liable for that? Shold judge try to parse some piece of code for whether it was reasonable for user to expect passing zero will work?

[go to top]