Skip to navigation Skip to content

Oxford University – Cyber Security Oxford


Creating a safe, secure and prosperous cyberspace through internationally leading research and educational programmes


Software manufacturers have little incentive to make products secure

by David Hobbs • , ,

Financial Times, 05/01/2015, p.8, Martyn Thomas

Letter from Martyn Thomas, Visiting Professor of Software Engineering at Oxford University, on cyber security: ‘…The current approach to cyber security is flawed. For example, much effort is spent trying to “educate” users not to click on links in emails or to open attachments, when this is exactly how those features were designed to be used. How can users take responsibility for what their computers are doing, when every software product they use demands the right to go online, upload usage data and download updates?… I believe that we need to set a timetable for incorporating software within a strict, Europe-wide liability regime…This would provide incentives for software manufacturers to improve their engineering, and could allow users reasonable redress when they suffer damage. It would create market demand for better programming languages, and for the tools that would allow software to be proved free of many of the classes of error that currently make it insecure…’