Software security law call

Windows XP has had security problems since launch

An influential body of researchers is calling on the US Government to draft laws that would punish software firms that do not do enough to make their products secure.

The US National Academy of Sciences (NAS) has released drafts of a report commissioned after 11 September to look at the state of America's computer systems.

Possible options include steps that would increase the exposure of software and systems vendors and system operators to liability for system breaches

US National Academy of Sciences

If the report is acted on the subsequent laws could hurt monopolies like Microsoft, which many say does not do enough to ensure its software is secure.

Almost all of the serious virus outbreaks of the last two years can be traced to vulnerabilities in Microsoft products.

The report by the computer and telecommunications board of the NAS said that currently software makers do not have enough incentive to ensure their products are secure.

It recommended that the US Government consider amending laws so that software makers can be held liable if their products put the public and businesses at risk.

"Possible options include steps that would increase the exposure of software and systems vendors and system operators to liability for system breaches," wrote the authors of the report.

Flaws patched

The report will probably be passed to the US Congress for debate.

Any resulting laws could take a long time to draft and enact, but if they do emerge then Microsoft, which has a monopoly hold on the software used on desktop computers, could be among the biggest losers.

Although Microsoft has touted the latest version of Windows, called XP, as "its most secure operating system ever", in recent weeks it has been forced to issue a series of patches for the software to make it harder for malicious hackers to compromise it.

One vulnerability was so severe that the FBI even put out a warning about it.

But Windows XP is not the only Microsoft product with security failings.

Anti-hacking cover

Many of the viruses that have plagued consumers and businesses over the last two years have spread fast and far because of weaknesses in Microsoft's popular e-mail program Outlook.

Vulnerabilities in web server software have helped net worms like Code Red run rampant on some parts of the internet.

Even the animated paperclip that acts as a helper in some Microsoft software can be compromised and turned against the computer it is being used on.

Already some insurance companies that offer anti-hacking cover are charging higher premiums to clients who use a lot of Microsoft software because vulnerabilities are so regularly found in it.