[dTal]

I don't see where they said "everyone". The fact that anyone does that is cause for concern.

It's great that you don't include malicious code in your proprietary software. But why should you defend the right of others to do so? It's not really "insulting" to note that this is a common occurrence.

As you note, it is illegal for food manufacturers to put anything secret in food, let alone secret and harmful. Why tolerate it in software?

[pdonis]

> As you note, it is illegal for food manufacturers to put anything secret in food, let alone secret and harmful. Why tolerate it in software?

We don't enforce laws against food manufacturers putting secret ingredients in food by opening up food production processes so that any member of the public can walk into the factory and watch them at work. A major reason for that is that the FDA is bound by law to respect trade secrets, so it can't just make public every detail of the food production processes it inspects; all it can say is whether or not they are safe in the FDA's judgment.

If we wanted to make laws against putting secret ingredients in software, the enforcement mechanism analogous to the one we use for food safety laws would be to create a huge government agency that inspected software source code. It wouldn't be to open up the source code to anyone who wants to see it.

[dTal]

We do require food manufacturers to 'open up' their production processes by printing every single ingredient on the packaging, plus a comprehensive review of the effects of the food on the body in the form of nutrition facts, caffeine content, alcohol content and allergen content among other things. Quite what the equivalent procedure for software would be is left as an exercise for the reader, but it's not as simple as 'government says so'.

The trouble is that the effects of harmful software are much less obvious than harmful food.

[pdonis]

Yes, both of these are fair points. The second one, in particular, seems like an important difference between the two.