Hacker News new | past | comments | ask | show | jobs | submit login

Wouldn't you have to start with the JVM? Or possibly with the Linux kernel?



Not necessarily. If you _purchase_ software that includes the guarantees that you desire. (e.g. of correctness, fitness for purpose, and support), then you don’t have to maintain the entire stack yourself.


Even if you purchase the software from a commercial vendor that doesn't mean that the vendor will indemnify you for damages caused by their failures, or that they have sufficient financial resources to pay for such damages (counterparty risk).


At that point, just buy insurance


What about the hardware? Who will take on liability for Row Hammer[1] vulnerabilities? What about Meltdown [2] or Spectre?

[1] https://en.wikipedia.org/wiki/Row_hammer

[2] https://en.wikipedia.org/wiki/Meltdown_(security_vulnerabili...


Rowhammer when it first came out, or rowhammer today? I'd say any memory made in the last five years that doesn't properly implement Target Row Refresh should put liability on the manufacturer.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: