Compromised machines liable for damage?

• Previous message (by thread): Destructive botnet originating from California (was Japan)
• Next message (by thread): Compromised machines liable for damage?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> This should be another thread completely, but I am wondering about
> the liability of the individual's who have owned machines that are
> attacking me/my clients.

As a practical matter, I'd expect it to be difficult to try. Convincing a
jury that running a PHP version that's three months out of date constitutes
gross negligence because you should have read about the vulnerability on the
Web might be... tricky. Especially when you have to explain to the jury what
PHP is. Dueling expert witnesses arguing about best practice, poor confused
webmaster/Amway distributor looking bewildered at all this technical talk
("I figgered I just buy Plesk and I was good to go. I dunno nothin' about
PHP. Isn't that a drug?") Not to mention working out what percentage of the
damages you suffered should come from each host.

But yeah, I'd like to see it tried. Lawyering up is one of our core
competencies here in the USA; maybe we could use it for good instead of
evil.
-- 
Dave Pooser
Manager of Information Services
Alford Media  http://www.alfordmedia.com

• Previous message (by thread): Destructive botnet originating from California (was Japan)
• Next message (by thread): Compromised machines liable for damage?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]