Computer ethics

I thought I'd post a quick blurb about something that's bothered me for a while.

I'm a computer programmer. This also places me in the category of software developer, software engineer, and whatever other terms you want to come up with for "some guy who makes programs".

Whenever we, as programmers, create a software application, we expect the users of our programs to trust us. In fact, the people who use our programs put a lot of trust in us: any program that you download or buy could perform any of a number acts which could destroy data, violate your privacy, or steal your personal or financial information.

So it's vital that programmers act not just in good conscience, but that we be above reproach. Fortunes have been made and lost on simple rumor - even the false ones have been enough to ruin lives. When the product we make comes entirely from our brain, it's vital that the product not only work and be secure, but that people have confidence in that security and safety.

I've been thinking a lot lately on exactly what this means, and how to assure people that they're getting safe software. Microsoft gave me the idea with their "Made for Windows 95" program. Essentially, a company has to prove to Microsoft that a program works properly with Windows 95.

Why not create a similar system for the community at large? The idea would not be to certify technical aspects of a program but to certify the operational and ethical aspects: does the program generally do what it says? Does it hijack your keystrokes and send your credit card number to an e-mail address in China?

Is there some sort of "certified safe" program out there? If there is, I'd love to know about it.