Compromised machines liable for damage?
Owen DeLong
owen at delong.com
Wed Dec 28 21:12:32 UTC 2005
--On December 28, 2005 9:38:11 AM -0500 Jason Frisvold
<xenophage0 at gmail.com> wrote:
>
> On 12/27/05, Owen DeLong <owen at delong.com> wrote:
>> Look at it another way... If the software is open source, then, there
>> is no requirement for the author to maintain it as any end user has
>> all the tools necessary to develop and deploy a fix. In the case of
>> closed software, liability may be the only tool society has to
>> protect itself from the negligence of the author(s). What is the
>> liability situation for, say, a Model T car if it runs over someone?
>> Can Ford still be held liable if he accident turns out to be caused
>> by a known design flaw in the car? (I don't know the answer, but,
>> I suspect that it would be the same for "old" software).
>
> But can't something similar be said for closed source? You know
> there's a vulnerability, stop using it... (I'm aware that this is
> much harder in practice)
>
One other thing I forgot to say here... With closed software, you don't
have the option of fixing it yourself. With open source, that claim
cannot be made. As such, since there are some cases in which the
damage done by stopping use must be weighed against the damage
done by continued use, it's a harder question WRT closed software,
especially when it is an operating system.
Owen
--
If it wasn't crypto-signed, it probably didn't come from me.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20051228/e412d54d/attachment.sig>
More information about the NANOG
mailing list