Finally, someone is holding vendors responsible for vulnerabi lities

Francois, Jean (J.L.) plug-discuss@lists.plug.phoenix.az.us
Wed, 12 Feb 2003 11:52:28 -0500 

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

------_=_NextPart_000_01C2D2B6.5B2AF83E
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable


IMHO the way to properly apply a lawsuit would be to sue those
that are NEGLIGENT at patching and fixing 0wn3d systems.

So, if you notice a server listed at Dshield or on=20
your IDS that is actively performing portscans/attacks
and report it to the owner and upstream it must be fixed
within [INSERT TIME FRAME HERE].

If it doesn't get fixed, gather up the documentation needed
and sue them for negligence and damages for not responding
to and correcting the problem.


My .02

--
Jean L. Francois - Linux Architect
Ciber, Inc.
FSIC - Ford Systems Integration Center
Office - 313-317-4378 ( Temporary )
Home   - 586-293-9081 ( Until April )
Cell   - 602-770-5531


-----Original Message-----
From: Dr. G [mailto:drghastly@cox.net]
Sent: Wednesday, February 12, 2003 11:43 AM
To: plug-discuss@lists.plug.phoenix.az.us
Subject: Re: Finally, someone is holding vendors responsible for
vulnerabilities


There are many MANY vunerabilities in Linux. Numerous web sites list =
them.

Can YOU code a program so that it has 100% security, no flaws, etc? If =
you
can why don't you go work for these companies?

Suing for flaws is not a good answer. Lawsuits arw RARELY a good =
answer. If
the flaw was deliberate and can be proved so, then ok.

Suing a software vendor over flaws is a very bad idea. Making them =
patch it
is a good idea, imo.

________________________________________________________________________=
____
______________
America stands for freedom - but if you think you're free - try walking =
into
a deli - and urinating on the cheese.

----- Original Message -----
From: "George Toft" <george@georgetoft.com>
To: "PLUG Discuss" <plug-discuss@lists.PLUG.phoenix.az.us>
Sent: Wednesday, February 12, 2003 5:31 AM
Subject: Finally, someone is holding vendors responsible for =
vulnerabilities


--  Korean Group Mulls Class Action Suit Over Slammer
(3/4 February 2003)
The People's Solidarity for Participatory Democracy (PSPD), a Korean
civic group, is weighing the possibility of filing a class action
lawsuit against Microsoft Corp. for damages caused by the Slammer worm.
A recently passed product liability law holds companies liable for
damage caused by flaws in their products.
http://times.hankooki.com/lpage/nation/200302/kt2003020318021611960.htm
http://www.theregister.co.uk/content/56/29174.html

George
--
Discover . . .         | Free Computer Security Information
        <=B7=B7=B7> Secure   | http://www.georgetoft.com/security
         Networking    |
@http://georgetoft.com | Lock your box - keep your affairs private!
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change  you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change  you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss


------_=_NextPart_000_01C2D2B6.5B2AF83E
Content-Type: application/octet-stream;
	name="Francois, Jean (J.L.).vcf"
Content-Disposition: attachment;
	filename="Francois, Jean (J.L.).vcf"

BEGIN:VCARD
VERSION:2.1
N:Francois;Jean
FN:Francois, Jean (J.L.)
ORG:IT - Information Technology;J1514 - IT-Development
TITLE:Linux Architect 
NOTE: 
TEL;WORK;VOICE:1111111 
TEL;WORK;VOICE:1-602-7705531 
TEL;HOME;VOICE: 
TEL;CELL;VOICE: 
TEL;PAGER;VOICE:1-602-7705531 
TEL;HOME: 
ADR;WORK:;FSIC - FORD SYSTEMS INTEGRATION CTR;Video Conference ;ALLEN PARK ;MI ;48101-3614 ;USA
LABEL;WORK;ENCODING=QUOTED-PRINTABLE:FSIC - FORD SYSTEMS INTEGRATION CTR=0D=0AVideo Conference =0D=0AALLEN PARK ,=
 MI  48101-3614 =0D=0AUSA
EMAIL;PREF;INTERNET:jfranc46@ford.com
REV:20030211T183843Z
END:VCARD

------_=_NextPart_000_01C2D2B6.5B2AF83E--