North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Compromised machines liable for damage?
- From: Jason Frisvold
- Date: Wed Dec 28 09:39:28 2005
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=b01FyORczahe9WISsXkjcW+qzwK3g2m/zE2ilEf9F3I2SiyghpkBrG0qX3XYjKKfDn9TlkcToeWcBkmhwAYF3+rm0lnQjW64PVpTzHDOPsUq6mKxMaCKxNgV6z9ULo6K4UEU6XpLlN8ywV3PVqJh2Al65mVthZ3bUDW8qRmEYCE=
On 12/27/05, Owen DeLong <firstname.lastname@example.org> wrote:
> Look at it another way... If the software is open source, then, there
> is no requirement for the author to maintain it as any end user has
> all the tools necessary to develop and deploy a fix. In the case of
> closed software, liability may be the only tool society has to
> protect itself from the negligence of the author(s). What is the
> liability situation for, say, a Model T car if it runs over someone?
> Can Ford still be held liable if he accident turns out to be caused
> by a known design flaw in the car? (I don't know the answer, but,
> I suspect that it would be the same for "old" software).
But can't something similar be said for closed source? You know
there's a vulnerability, stop using it... (I'm aware that this is
much harder in practice)
<snip dead horse />
> In general, if the gross act of stupidity was reasonably foreseeable,
> the manufacturer has a "duty to care" to make some attempt to mitigate
> or prevent the customer from taking such action. That's why toasters
> all come with warnings about unplugging them before you stick a
> fork in them. That's why every piece of electronic equipment says
> "No user serviceable parts inside" and "Warning risk of electric shock".
So what if Microsoft put a warning label on all copies of Windows that
said something to the tune of "Not intended for use without firewall
and anti-virus software installed" ? :) Isn't the consumer at least
partially responsible for reasonable precautions?
> They feel for the carpenter and the only option they have to help
> him is to take money from the corporation.
I'm all for compassion, but sometimes it's a bit much.. :)
I guess, in a nutshell, I'm trying to understand the liability
issue... It seems, based on the arguments, that it generally applies
to "stuff" that was received due to some monetary transaction. And
that the developer/manufacturer/etc is given a chance to repair the
problem, provided that problem does not exist due to gross negligence
on the part of the developer/manufacturer/etc ... Does that about sum
[From your other mail]
> SPAM does a lot of actual harm. There are relatively high costs associated
> with SPAM. Machine time, network bandwidth, and, labor.
*nod* I agree.. My point here was that SPAM, when compared to
something like a virus, is *generally* less harmful. Granted, SPAM is
more of a constant problem rather than a single virus that may attack
for a few days before mitigation is possible. I spend a great deal of
time tweaking my mail servers to prevent spam.. :)
Jason 'XenoPhage' Frisvold