Open Letter to D-Link about their NTP vandalism
Richard A Steenbergen
ras at e-gerbil.net
Thu Apr 13 00:45:01 UTC 2006
On Wed, Apr 12, 2006 at 01:32:26PM -0500, Stephen Sprunk wrote:
>
> On the plus side, after seeing D-Link's (lack of) reaction to this, I'll
> bet none of us will buy another of their products again.
If it was legal to sell whatever you people are smoking that makes you
think dlink gives a flying crap about you as customers, I'd be a very rich
man. What part of "mass consumer product" isn't clear here, 99.9% of their
target market doesn't know NTP is, and doesn't care.
I am absolutely appalled by the number of "slashdot warriors" here, ready
to launch a crusade of spreading misinformation to the media in hopes of
obtaining a large monetary payout or otherwise causing dlink, in the name
of "doing the right thing", and without any consideration or understanding
of the facts at hand. You know why dlink can't just come forward and say
"woops we're sorry, we didn't see that you wanted this used for DIX
members only, our bad"? Because they have to contend with people who will
take that apology and then use it in court as an admission of guilt, and
seek many tens of thousands of dollars or more in non-existent damages.
I think we all know that dlink was wrong. They should have double-checked
the list of NTP servers they included in their default shipping firmware
to make certain that the owners were ok with having their services used
publically, there is no question about this. However, just because they
made this mistake, it is not an excuse for everyone involved to start
cashing in like they hit the lottery. Imagine that you get rear ended in
traffic by an inattentive driver, and they dent your bumper. Yes it is
their fault, yes they made a mistake and they should be responsible for
it, but it is not okay for you to start screaming whiplash as soon as you
see that you got hit by a Mercedes. It also doesn't mean that you are
going to get a new car instead of them paying to have your bumper fixed.
If anyone else is going to carry this as a story, please act responsibly
and do a little fact checking. We're talking about 37 packets/sec, less
than a dialup worth of bandwidth, and any number of technical solutions
which could completely mitigate that traffic without ANY additional
expenses. Also, IANAL, but I think that refusing to take reasonable action
to mitigate the damages because you feel the other party is "at fault" and
should be 100% responsible is probably a good way to hurt any kind of case
you might actually have against them too.
--
Richard A Steenbergen <ras at e-gerbil.net> http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
More information about the NANOG
mailing list