North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Compromised machines liable for damage?

  • From: Owen DeLong
  • Date: Wed Dec 28 16:19:21 2005

--On December 28, 2005 9:38:11 AM -0500 Jason Frisvold
<[email protected]> wrote:

> On 12/27/05, Owen DeLong <[email protected]> wrote:
>> Look at it another way... If the software is open source, then, there
>> is no requirement for the author to maintain it as any end user has
>> all the tools necessary to develop and deploy a fix.  In the case of
>> closed software, liability may be the only tool society has to
>> protect itself from the negligence of the author(s).  What is the
>> liability situation for, say, a Model T car if it runs over someone?
>> Can Ford still be held liable if he accident turns out to be caused
>> by a known design flaw in the car? (I don't know the answer, but,
>> I suspect that it would be the same for "old" software).
> But can't something similar be said for closed source?  You know
> there's a vulnerability, stop using it...  (I'm aware that this is
> much harder in practice)
One other thing I forgot to say here... With closed software, you don't
have the option of fixing it yourself.  With open source, that claim
cannot be made.  As such, since there are some cases in which the
damage done by stopping use must be weighed against the damage
done by continued use, it's a harder question WRT closed software,
especially when it is an operating system.


If it wasn't crypto-signed, it probably didn't come from me.

Attachment: pgp00020.pgp
Description: PGP signature