>>But if you run a website with open source software, you of course would still be liable for anything that happens to your customers' data. So you would probably want to buy that same open source software from someone (e.g. Red Hat), who would also be liable.
As others have said, this idea is really bad.
Red Hat will start charging obscene amounts to support the legal side of the license, especially if it is used in eCommerce platforms. What about the wife and husband who want to sell hand-knitted socks online, or small businesses who do less than $250k/year online? Will they be able to afford an alternative to the LAMP stack and fully shield themselves from legal liability and the horde of lawyers who will gladly step into any loophole?
Like many, my servers were affected by Heartbleed. So if I ran OpenSSL and someone found out before I patched it (took me 24h to do so), I could be sued in that window if I hadn't bought the license to Red Hat - oh, and how about all the licenses to all the open source software that depends on it underneath, OpenSSL being one of about a hundred of those projects? Do we license GNU toolchain? What if there are buffer overflow exploits found in various tools?
> What about the wife and husband who want to sell hand-knitted socks online, or small businesses who do less than $250k/year online? Will they be able to afford an alternative to the LAMP stack and fully shield themselves from legal liability and the horde of lawyers who will gladly step into any loophole?
If mom and pop want to sell hand-knitted socks on the internet I usually recommend them to use a hosted shop solution such as shopify and its ilk. They want to sell socks, not become an expert in hosting a LAMP stack. This is how liability works for brick and mortar stores as well: They're liable if a customer electrocutes himself because some dork attached the wrong wire to the wrong metal part. That's why mom and pop stores in the brick and mortar part of the world usually don't do the electrical installation or any parts that's covered under a builder code. They hire people supposed to be experts in that field to do that work and in in turn, they get to discharge the liability to them. It's about time we treat software the same. If you want to host something, either own up to it or hire someone to do it.
As others have said, this idea is really bad.
Red Hat will start charging obscene amounts to support the legal side of the license, especially if it is used in eCommerce platforms. What about the wife and husband who want to sell hand-knitted socks online, or small businesses who do less than $250k/year online? Will they be able to afford an alternative to the LAMP stack and fully shield themselves from legal liability and the horde of lawyers who will gladly step into any loophole?
Like many, my servers were affected by Heartbleed. So if I ran OpenSSL and someone found out before I patched it (took me 24h to do so), I could be sued in that window if I hadn't bought the license to Red Hat - oh, and how about all the licenses to all the open source software that depends on it underneath, OpenSSL being one of about a hundred of those projects? Do we license GNU toolchain? What if there are buffer overflow exploits found in various tools?