Nato warns of strike against cyber attackers

Joe Greco jgreco at ns.sol.net
Wed Jun 9 09:02:53 CDT 2010


> > Grandma does not go check her tread depth or check her own brake pads and
> > discs for wear.  She lets the shop do that.  I was hoping I didn't have to
> > get pedantic and that people could differentiate between "I pay the shop a
> > few bucks to do that for me" and "I take responsibility personally to drive
> > my car in an appropriate fashion" (which includes things like "I take my
> > car to the shop periodically for maintenance I don't have the skills to do
> > myself"), but there we have it.
> 
> Whether grandma measures the tread depth herself or takes it to the shop,
> the point is that grandma is expected to have tires with sufficient tread
> depth and working brakes when she operates the car. If not, she's liable.
> If she drives like the little old lady from Pasadena, she's liable for the 
> accidents she causes.

There is no "shop" that the average computer owner should take their
computer to, and unlike a car, anything that might seem to require some
periodic maintenance is typically automated (OS updates, virus updates,
etc).  There are places like NerdForce that you can take your computer to,
but you're likely to be sold a load of crap, and you can even take the
same computer to five different services and get wildly differing results
(and wildly differing bills).  There's no standardization, and part of
*that* is due to the way we've allowed end user operating systems to be
designed.

> > My point: We haven't designed computers for end users appropriately.  It
> > is not the fault of the end user that they're driving around the crapmobile
> > we've provided for them.  If you go to the store to get a new computer, you
> > get a choice of crapmobiles all with engines by the same company, unless 
> > you go to the fruit store, in which case you get a somewhat less obviously
> > vulnerable engine by a different company.  The users don't know how to take
> > apart the engines and repair them, and the engines aren't usefully protected
> > sufficiently to ensure that they don't get fouled, so you have a Problem.
> 
> The end user should be able to recover from the responsible manufacturer
> for the design flaws in the hardware/software they are driving. Agreed. That
> is how it works in cars, that's how it should work in computers.

It doesn't; look at that wonderful EULA.  Want to fix that?  Be my guest,
seriously.

> What I don't want to see which you are advocating... I don't want to see
> the end users who do take responsibility, drive well designed vehicles
> with proper seat belts and safety equipment, stay in their lane, and
> do not cause accidents held liable for the actions of others. Why should
> we penalize those that have done no wrong simply because they happen
> to be a minority?

I agree, on the other hand, what about those people who genuinely didn't
do anything wrong, and their computer still got Pwned?

>From this perspective:  Our technology sucks.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.




More information about the NANOG mailing list