Glyn Moody considers a proposal described by Alan Cox on how to deal with the problem in open source code exemplified by the Heartbleed bug. A step to solving the problem, he writes, would be « that those providing software should accept liability for the problems it causes. » Moreover, « only attach liability where money is involved », i.e. those charging money for software used, including those integrating open source code into their products, should be liable though the « people who write the code – even if they are paid for doing so – don’t need to worry about being held personally responsible. »
He quotes Simon Phipps: « Unlike pretty much any other kind of commercial venture, the deployers of software are able to disclaim all liability for harm caused by their code. Fix that, and the magic of market forces will fix everything else. »
http://blogs.computerworlduk.com/open-enterprise/2014/04/the-cost-of-open-source-the-solution/index.htm