When I had the chance to ask Steve Ballmer a question, the thing that was on my mind was the recent product liability case against Microsoft that has received some publicity. So I asked Steve the following questions. "What's your vision of how software updates will be handled in three to five years? Will updates be compulsory as part of licensing agreements? Would that be good or bad?" His answer was that he wanted to do what was right for customers, and he doesn't see the liability issues as a motivating factor. Good answer, but I think he and I both skirted the real issue. The real issue is that reliable software needs to be provisioned as a service, not a product. Think about this. When something goes wrong with your telephone, does the telephone company ask your permission to fix it? Of course not. Until we get serious about treating software under a service model, we'll continue to "slowly die a death from a thousand papercuts", the papercuts coming in the form of a vicious cycle of exploits, patches, and the human error factor in keeping our systems secure (or insecure). I'm realistic. A services model for software delivery won't eliminate security problems completely, but at least this shift in thinking would centralize the accountability. With four critical updates coming out today, surely we can do a better job here.