Your analogy is flawed. The question is, should Firestone be responsible for someone going around slashing the tires? No they shouldn't. Then why should Microsoft or any other software manufacturer be responsible for the damage done by third parties? You could make the argument that Microsoft should have designed more security into their products to prevent security breaches of this nature, but you could also argue that Firestone should make their tires out of kevlar to prevent people from slashing them. We shouldn't hold the software manufacturers responsible, unless they willingly and knowingly left the security flaw in place. We should hold the programmers that release malicious code responsible. William Allen Simpson To: nanog@nanog.org <wsimpson@greend cc: caida@caida.org ragon.com> Subject: product liability (was 'we should all be uncomfortable with the extent to which Sent by: luck..') owner-nanog@meri t.edu 07/25/01 02:42 AM Perhaps a different approach is in order -- product liability. When Firestone made a large number of bad tires, they compensated the purchasers by PAYING for replacement, including those that had not yet been injured. That included the upgrade, and the installation cost. Network operators have been injured by the distribution of buggy software from M$. We need to be compensated for our time and expenses. End users need to be compensated for their costs to upgrade. A check in the mail would be a better incentive to administrators than "automatic" updates. "Wayne E. Bouchard" wrote:
On Tue, Jul 24, 2001 at 10:35:37PM -0700, k claffy wrote:
==> 5.4 billion people haven't selected an OS yet
[k: maybe we can get them on OS-antioxidants before it's too late]
... Doing this, right now, can be difficult for many users to grasp (lets face it, some software doesn't update well, if at all) and may require more effort than even reputable administrators are willing to extend.
How to go about making the public more secure, of course, is an on-going debate and perhaps even a losing battle but still worth the effort.
-- William Allen Simpson Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32