Even you can be hacked

David Schwartz davids at webmaster.com
Sat Jun 12 04:00:58 UTC 2004



> Why does Webmaster put the entire risk on the customer, including warning
> that the security mechanism has inherent limitations?  Shouldn't Webmaster
> be responsible if their customer suffer a loss whatsover the cause, even
> if it wasn't due to any negligence on the part of Webmaster?

	I never argued that the ISP should be responsible for losses that weren't
created by their own negligence.

> Seems like Webmaster is requiring customers to be experts in Webmaster's
> products.  Shouldn't it be Webmaster's responsibility to analyze and
> warn customers about every possible problem they could ever experience,
> secure the customer against all possible harm, and compenstate the
> customer for all losses?

	I never said an ISP should compensate a customer.

	How about sticking to the arguments I actually *used* rather than straw
men?

	I'm talking about a case where the provider had continuing control over the
use of the item involved. I'm talking about a case where the provider knew
or should have known that there was abuse that was injuring third parties.
I'm talking about a case where the provider is billing the customer for the
specific act of harming the third parties.

	When you sell software, you have no idea what someone is going to use it
for. You have no ability to continue to control the product over time. You
have no way to know how the customer is actually using the product. You have
no ability to shut off their usage at any particular time. You have no way
to know or suspect that their usage is harming third parties.

	Again, every analogy fails. You have to look at this particular case and
the particular facts.

	DS





More information about the NANOG mailing list