[krautsourced]

Other engineering sectors do have this kind of liability. What do these sectors have as well? Standards. If a house needs to be built, there are _loads_ of safety regulations to follow. Standards to adhere to. Inspections to be had. Only then is someone allowed to move in.

Software? Decisions are often made without either knowledge or a plan. Agile is a thing. Deadlines are shorter than ever. Also: ideally it needs to be for free. Just pick up that package from Github, it should be good enough (maybe it even has Tests, but who cares, really).

The software projects that are heavily regulated? Take forever to plan and complete. Massive budgets. And still usually are not able to manage to be bug free.

Also: software is really, really complex. And: it is easy to attack. Let's be real: other engineering projects are really easy to break as well - some well placed C4 usually does the trick. But it is hard to get C4. Hard to get access. Also, hopefully, there's an ethical barrier to doing it. Software on the other hand? From home. And once there is an angle of attack, it can attack millions of targets at once. And there are no visible victims, at least not right away, so the ethical barrier is lower as well.

Ok I'm rambling. Anyway. This, as is software, is a complex issue. And liability could totally be a thing, but that means an end to ad-financed applications or 2$/user/month services. You get what you pay for (well, sometimes not even then, but you definitely do not get anything for cheap any more). Perfect example: super-cheap IoT devices from China. Well engineered ones doing basically the same thing? 10x, sometimes 100x the price.

[ClumsyPilot]

"Let's be real: other engineering projects are really easy to break as well - some well placed C4 usually does the trick. But it is hard to get C4. Hard to get access"

Who breaks into anything with C4? You can buy a battery powered drill and angle grinder for $300, and break into anything thats not a military bunker. Or you can learn to use lockpicks, and break into most houses for $20.

However, what we have in software, is customer finding out that the door was a mirage and you could wall right through it, or keys being sold on the black market

[drewcoo]

Yes, and those engineers have their standards because of liability. The article meanders somewhere in the vicinity of that point. I lost track because I was paying too much attention to not stepping on his lawn.

[krautsourced]

Yes that's kind of what I meant. And we could have those standards for software too (we do, kind of, in the banking and health sector). But with all that which follows those standards - higher cost, lower speed, fewer innovations.

[pdimitar]

Oh, I so wish us to have standards! There won't be any of them anytime soon, sadly. Even when you have unquestionable benefits going from a dynamic language to a statically strongly typed one (as was shared by a team moving from JS to Rust in the last few weeks here on HN) people still bikeshed and pick apart any word and sentence to hell and back just so their pet idea and favourite language magically happens to be the end-all be-all of programming.

(Let this not be read as if I am a zealot for static strong languages -- when you have to prototype stuff, the dynamic languages are a god send!)

Truth is, a lot of us the software devs are divas -- and I've been guilty of that in the far past as well, and I am very ashamed remembering every minute of it.

But you can't just pass wisdom and tell the younger devs: "STFU and listen to experience and follow established good practices". We all walk our own road to wisdom and sadly that takes a while and in the meantime we can ruin some businesses. :( And/or the job of the next person after us.