In my personal opinion, ISPs, vendors, and such should legally be held responsible for their product's security and unconditionally be made to repair any security holes. -- if a vendor or ISP maintains good security practices, there will be nothing for them to fear from this. What's really upsetting is that often it's faster to just fix the problem
than it is to complain about it. Unfortunately companies seem to feel that legally threatening people is the wiser course of action. I'd like to know when people stopped taking pride in their work. When I screw up- I'm upset with myself, not with the guy who pointed out the mistake. Now if he used my screwup to wreck everything I've worked- then to hell with him- but if all he did is point out the mistake- then I should learn from it and make sure it doesn't happen again. -Don