Good article, it addresses what is probably going to become a very large issue in the near future. From the article...

Software crashes due to mere incompetence apparently don't raise any eyebrows, because no one wants to fault the incompetent programmer (and his incompetent boss). So we have to conjure up "bad guys" as "boogie men" in (hopefully) far-distant lands who "hack our systems", rather than noticing that in pointing one finger at the hacker, we still have three fingers pointed at ourselves.

He hit it dead on here, you can see examples of companies blaming their products faults on "hackers" everyday, and of course they are rarely called on it by the media.

There would obviously be strong opposition from many large software companies against any sort of legislation (it could put microsoft out of business pretty fast ;-) but something really does need to be done about this. The difficult part of this issue is deciding how far to go with legal penalties for negligent companies. I'm interested to hear what everyone here feels constitutes negligence.

There was another good article over at security focus a little while ago as well.