Let me first point out that I do not know what exact service or product Mr. Simpson offers to his clients and whether or not he's posing an academic or real argument here, but I'd like the reader to assume that I'm treating this as a mostly academic argument.... [ On Tuesday, May 9, 2000 at 12:24:23 (-0400), William Allen Simpson wrote: ]
Subject: Re: product liability (was: Virus Update)
I don't accept this argument. You are saying that we need to sue our customers for using a faulty product, rather than the vendor of the faulty product. My understanding of product liability doesn't jibe with that illogic.
Wait a minute here -- you're saying that you've suffered as much or more than your customers have? Why is that? Did you somehow accept responsibility for their actions by virtue of selling them your own product? Or did your offering somehow imply or otherwise indicate that your customers were required to run M$ software and if so did you not then assume the responsibility to educate your customers as to the potential pitfalls of running M$ software? Personally speaking I don't have a whole lot of sympathy for anyone who's business it is to sell e-mail services or anything related if their systems are somehow damaged in some measurable way due to an event like this. I am very sorry if anyone's systems might have suffered such damages in an event like this, but in the end it is their responsibility to accept the risks that the load on their systems might skyrocket for any number of reasons, such as the distribution of an e-mail based virus, and it is their responsibility to deal with those risks appropriately. In this case neither M$, nor their customers, are at fault for any damages suffered by the service operator so far as I can see.
Very few customers follow security digests, and fewer have the resources to enforce installation of patches and non-default setup. The product is functioning as delivered.
True enough, unfortunately. However the folks in this forum though should be at least peripherally aware of the security-related forums and perhaps in many circumstances they should be made responsible for making sure their customers are in fact practising safe computing and networking. Let us not forget that this is a true Internet still and that network operators are indeed responsible in part for the activities of their customers, at least so far as those activities can impose upon the ability of other network operators and their customers to use this Internet.
The only recourse for our customers would have been to use a non-M$ product. M$ has been using a monopoly position to leverage Internet services.
Yes, absolutely. Obviously.
While we encourage our customers to use better products, time and time again, we find that they install M$ anyway. Their accounting runs on 98+NT, their patient record system run on 98+NT, heck, their constituent mail tracking package runs on 98+NT.... They use NT for "firewall", NAT, etc.
OK, so you're saying you didn't ship any M$ software to your customers as part of your own product offering? If to then that's wise and good. On the other hand ISPs, in particular, who ship M$ software as a bundled part of their product offering are indeed very strongly encouraging their customers to use M$ software and are indeed aiding and abetting M$ at furthering their goal of maintaining a monopoly control over desktop software, regardless of whether they're aware they are doing so or indeed whether or not they were coerced into doing so.
one would hope that incidents like this would help educate the decision makers, but, alas, they are just sheep being gobbled up by the microsoft wolf.
Your BSD signature reveals your bias.
I don't think that it's necessary for you to apologise indirectly in the way that you seem to be doing for M$'s faults by pointing out which side of the fence anyone's sitting on at this point. At least that's how your comment appears to me, regardless of which side of the fence you're actually on.
While I may agree with the sentiment, suing our customers for ignorance would likely be counter-productive for regaining lost revenues....
Indeed. Seems that some people aren't beyond doing that kind of thing though! ;-) -- Greg A. Woods +1 416 218-0098 VE3TCP <gwoods@acm.org> <robohack!woods> Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>