Editors want headlines to grab readers. But it’s just wrong when they do so by taking something out of context. This ZDNet headline takes the cake: "Expert: Hold developers liable for flaws".
That “expert” is Howard Schmidt, former cyber security advisor to the White House, speaking to SecureLondon earlier this month, and he tells me he never did use that word in his talk. What he said was that employers need to offer better training and incentives for developers to write more secure code, such as rewards systems and some accountability for follow up code review, he explains to me today over the phone.
So here’s what I think happened: The writer, filing the story under time pressure, picks up on the part about accountability, writes the entire story around that one word, and leaves out the other important parts about training and rewards. The editor needs a grabby headline and translates “accountability” to “liability” and viola! You get more readers. But what about ZDNet’s accountability? They make Schmidt look like an idiot because no one in their right mind would argue liability rests on the developer and not the companies that sell us our faulty software in the first place.