That’s why the lock analogy is good, though — not everything protected by software is like a bank vault. Door locks cost a lot less than vault locks, and as the customer I get to choose the appropriate level of security and pay accordingly. Right now as a software customer you don’t pay based on how secure you want the software to be, and the vendor isn’t liable for not meeting your expectations. In the end the customers are going to have to finance all this improved security, it won’t come for free.
I think we're agreeing here. Sane regulation would create a system where liability could exist for certain products, and consumers would have some idea of what they're paying for.
We are agreeing! Just trying to bring out the price differential that will result from a liability regime. We had this explosion of cheap software partially because nobody was paying for security (either with money or with inconvenience). Now it seems like people expect to fix it for free just by passing a law insisting it be so.
The physical lock market is much more mature, and we don’t see “bank vault” security as the median lock, far from it.
