[prev in list] [next in list] [prev in thread] [next in thread]
List: nanog
Subject: Re: Compromised machines liable for damage?
From: Owen DeLong <owen () delong ! com>
Date: 2005-12-29 13:20:41
Message-ID: A9B33525D5B0DA41FF5A4870 () imac-en0 ! delong ! sj ! ca ! us
[Download RAW message or body]
--On December 29, 2005 5:51:04 AM -0500 Valdis.Kletnieks@vt.edu wrote:
> On Wed, 28 Dec 2005 13:20:51 PST, Owen DeLong said:
>
>> Denying patches doesn't tend to injure the trespassing user so much as
>> it injures the others that get attacked by his compromised machine.
>> I think that is why many manufacturers release security patches to
>> anyone openly, while restricting other upgrades to registered users.
>
> Color me cynical, but I thought the manufacturers did that because a
> security issue has the ability to convince non-customers that your
> product sucks, while other bugs and upgrades only convince the sheep that
> already bought the product that the product is getting Even
> Better!(tm).....
That could be a factor, but, I know first hand from the legal departments
of at least two software "manufacturers" that it was at least a factor
in the decision, and, they do have concerns about being liable for
damages caused by security flaws in their software.
Owen
--
If it wasn't crypto-signed, it probably didn't come from me.
[Attachment #3 (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic