product liability (was 'we should all be uncomfortable with the extent to which luck..')

• Previous message (by thread): product liability (was 'we should all be uncomfortable with theextent to which luck..')
• Next message (by thread): product liability (was 'we should all be uncomfortable with the extent to which luck..')
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The only way that administrators are going to be diligent about
patches/updates is for the bean counters to show the CTO/CIO what the bottom
line is for not installing updates when something like code red happens.
Then management will crack the whip and the administrators will have to
constantly search for updates.

Of course this is all subject to the Dilbert Principle and some companies
will get stupid about it:

CIO: "Why wasn't that patch installed as soon as it became available, that
problem brought us to our knees!!!!"

Administrator: "Well, the patch became available after the attack started
and since it brought us to our knees, I couldn't download the patch because
we had no connectivity and neither did our peers."

CIO: "From now on I want to see a report of all upcoming attacks 48 hours in
advance or you'll be looking for another job!"

Oh come on, you can't tell me that some of you don't work for people like
this.

Larry Diffey


----- Original Message -----
From: "William Allen Simpson" <wsimpson at greendragon.com>
To: <nanog at nanog.org>
Cc: <caida at caida.org>
Sent: Tuesday, July 24, 2001 11:42 PM
Subject: product liability (was 'we should all be uncomfortable with the
extent to which luck..')


>
> Perhaps a different approach is in order -- product liability.
>
> When Firestone made a large number of bad tires, they compensated the
> purchasers by PAYING for replacement, including those that had not yet
> been injured.  That included the upgrade, and the installation cost.
>
> Network operators have been injured by the distribution of buggy software
from M$.  We need to be compensated for our time and expenses.
>
> End users need to be compensated for their costs to upgrade.
>
> A check in the mail would be a better incentive to administrators than
> "automatic" updates.
>
>
> "Wayne E. Bouchard" wrote:
> >
> > On Tue, Jul 24, 2001 at 10:35:37PM -0700, k claffy wrote:
> > >      ==>  5.4 billion people haven't selected an OS yet
> > >
> > >
> > > [k: maybe we can get them on OS-antioxidants
> > > before it's too late]
> >
> >...
> > Doing this, right now, can be difficult for many users to grasp (lets
> > face it, some software doesn't update well, if at all) and may require
> > more effort than even reputable administrators are willing to extend.
> >
> > How to go about making the public more secure, of course, is an
> > on-going debate and perhaps even a losing battle but still worth the
> > effort.
> >
> --
> William Allen Simpson
>     Key fingerprint =  17 40 5E 67 15 6F 31 26  DD 0D B9 9B 6A 15 2C 32
>

• Previous message (by thread): product liability (was 'we should all be uncomfortable with theextent to which luck..')
• Next message (by thread): product liability (was 'we should all be uncomfortable with the extent to which luck..')
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]