Just pay more...
by Anton Chuvakin
This is a pretty insightful piece from Bruce Schneier. It can be summarized as: "We're not paying to improve the security [...] We're paying to deal with the problem rather than to fix it."
Basically, the idea is that security will be much improved if vendors are liable for their software insecurities (unlike now). However, some say that it will break the open-source movement. Thoughts?
Maybe not so bad...
I think it wouldn't be so bad if it's vendors, not developers, who are liable. There have been attempts to make people liable for things they give away, and that would be very damaging.