Re: Economics of software security?
Not that I consider Oracle exemplary, but a significant reason why software doesn't have warranties is because there is an enormous amount of user (lack of) skill that can be involved.
Should a software maker be liable when users reuse the same login as email ID and password on dozens of different sites?
What about patch management - at what point does the failure to install a patch (as opposed to not installing before testing) become the user's fault?