zlacker

>>ahuber+(OP)
This regulation is so shitty. I'm quite sure that it is supported by big actors in the end, because the end goal is to ensure to have a regulatory barrier that will avoid small actors to be able to strive in the software field.

Also, to avoid "dangerous" not yet professional amateurs having a chance against big editors.

>>greatg+2b
This was the first question on my mind as well. How will this affect the one-man webshop owner or software developer? Seems only big established firms will be able to conform to this?

>>Etienn+lf
This question was asked a lot when GDPR came around, and it's essentially an implication that the regulator will act in bad faith.

Courts and regulators, particularily European ones, understand when there's a "will" to follow the law. It's one of the differences between "rules-based" and "principles-based" regulations.

>>17100541

>>EMIREL+Sg
I don’t understand? So you should only in principle audit your Wordpress blog?

>>Etienn+wi
Questions:

- If you run a commercial kitchen on your own (or, let's say, with a staff of 2-3 people), can you ignore the food safety regulations? The fire regulations?

- If you run a one-man plumbing company, can you ignore safety regulations? Water regulations? Sewage regulations?

etc.

Why is it than when it comes to "commercial software" it is inevitably "oh my god these laws are so hard, why should I as one-man company be forced to comply with them". Because that is literally your job.

>>troupo+hk
Bad software won't give you food poisoning.

Regulations can make sense for software that could cause physical harm - like the software in an implanted medical device - but most software doesn't fall in that category. The CRA is about "security" not about "physical harm" - they are two different things. Regulations for the latter would likely receive less pushback.

>>hgs3+wI
Hacking risk leads to recall of 500,000 pacemakers due to patient death fears https://www.theguardian.com/technology/2017/aug/31/hacking-r...

Your distinction is without meaning

>>troupo+591
> Hacking risk leads to recall of 500,000 pacemakers due to patient death fears

A recall was issued therefore there is already regulatory oversight where it counts. The CRA is at best redundant and at worst a prime example of regulatory capture [1].

[1] https://en.wikipedia.org/wiki/Regulatory_capture

>>hgs3+Jk1
> A recall was issued therefore there is already regulatory oversight where it counts.

Just because a recall was issued doesn't imply that there's a regulatory oversight. And even that oversight exists in that particular case doesn't mean it is applicable to other areas.

What it does mean is that you're weak attempt to paint software being exempt because it "doesn't lead to food poisoning" is weak and uninformed at best.

> The CRA is at best redundant

It's not

> at worst a prime example of regulatory capture

Again, it's not.

Just because you engage in FUDing, doesn't make your words true.

>>troupo+Sq1
Attacking my words as "weak", "FUD", or "uninformed" is arguing in bad faith. I gave a good faith effort to counter your points rather than simply labeling them "weak" or "uninformed".

>>hgs3+7x1
There was no effort behind countering my words.

First you tried to pretend that software is somehow different because it "doesn't do any physical harm".

I addressed that directly with a very specific example of physical harm.

(Besides, there are many more concerns beyond just physical harm, and my example of food poisoning was just an example that you must follow safety regulations even if you're a "one-person" company)

So your next counter-claim was a non-sequitur that "since it was recalled it means that there are regulations" which doesn't make sense even logically, which I addressed as well.

And the rest is just unsubstantiated claims that the law is redundant at best and bad at worst which is pure FUD.

How's that for good faith argument?

With this, I remove myself from this discussion. Adieu.