CLM> Date: Sat, 2 Aug 2003 02:45:29 +0000 (GMT) CLM> From: Christopher L. Morrow CLM> EBD> Who should be held accountable for vulnerable boxen? CLM> CLM> I believe the vendor should, but my opinion matters not :) I agree. It stinks when cutting code, knowing that _some_ competitor is slinging out crap... they're cutting corners, and won't be held accountable -- at least in the short term. This hurts the entire industry. Sort of like deaggregating routes, helping track down and shut down spammers and abusers, et cetera... cut corners, cut costs, and hurt the entire industry. CLM> The lawyers and congress folks (or someone like that) needs CLM> to get a little more mad about their 'critical CLM> infrastructure' and how vulnerable it is due to negligence CLM> and incompetence, or atleast a criminial level of naivety... Exactly. CLM> > IANAL, but automobile vendors have recall notices... CLM> CLM> mandated by federal regulations inside the US (atleast)... CLM> perhaps you want this for vendors also? Something like that. Notification currently is decent, but lacks teeth. I think vendors and admins should be required to follow certain procedures to qualify for liability limitations. Eddy -- Brotsman & Dreger, Inc. - EverQuick Internet Division Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita _________________________________________________________________ DO NOT send mail to the following addresses : blacklist@brics.com -or- alfra@intc.net -or- curbjmp@intc.net Sending mail to spambait addresses is a great way to get blocked.