Cyber Terrorism
Results 1 to 10 of 10

Thread: Cyber Terrorism

  1. #1
    Member
    Join Date
    May 2002
    Posts
    31

    Cyber Terrorism

    First I would like to say that this is not intended to be a Microsoft bashing thread.

    The US government has been going through a lot of pains to crack down on cyber terrorism. Tougher laws and higher jail time. My question is, Should they go after companies like Microsoft. I mean, from my point of view, Microsoft should be held responsible for security flaws in their programs. I feel that their programs are buggy and have big security holes, but they decide to sit and what before they release the patch. Here's an example, the exploit that was posted by Euclid. They want to wait until Service Pack 1 before they release the patch?

    I don't think the government should shutdown Microsoft, I just would like to see some law that forces software companies to put security first and when a flaw does come out, the law should force them to act promptly. It made me sick to here Gates say when they were developing Xp that they were going to start putting security first. I believe that should have been #1 on their list to begin with. I mean, come on.. waiting to fix security holes and not having security high on their list is inviting terrorist to attack.

  2. #2
    Senior Member
    Join Date
    Feb 2002
    Posts
    177
    MS is a corporation. They make a product. You're saying that the government should regulate this product? If that happens then where does it end? I think it is very important for government to stay out of private or public corporations. As far as regulating their products go.
    This may "seem" like a good way to make MS focus more on security, but if the government starts sticking its nose into private and public corporations' affairs, and telling them how to run their businesses, then who is going to stop them?

    Just my thoughts.

  3. #3
    Member
    Join Date
    May 2002
    Posts
    31
    I see your point but isn't the government already looking at a bill that would require hardware venders to make sure that their products make it harder or stop software and music privacy? I understand that the government shouldn't be snooping around in how Microsoft runs their business but at the same time I think something needs to be done to ensure that security is the highest priority.

  4. #4
    Senior Member problemchild's Avatar
    Join Date
    Jul 2002
    Posts
    551
    I agree that the government should stay out of the software business. Heck, they can't even deliver the freaking mail on time.

    However, there is an interesting question of whether a company like Microsoft should be held liable for damages in a civil suit. There are well-established product liability laws in every state that allow you to sue for damages if you buy a defective product that causes you some injury. If you buy a water heater with a defective valve that explodes and burns your house down, you can sue the manufacturer for damages. Similarly, if you buy an operating system for your e-commerce site that contains security holes the vendor should have known about, should you be able to sue for damages when an attacker gets in and shuts down your network or steals credit card info? Of course, the main difference in my examples is that one is an accident and one is an act of malice, and the malicious act would be an superceding cause in legal terms.

    Obviously, I think that to make software vendors liable for every new exploit that comes down the pike would be pretty insane, but what about basic design flaws that are really pretty obvious? Like the window messaging exploit in the win32 API that was revealed a couple of weeks ago. We know from the antitrust trial that Microsoft has been aware of this problem for a long time, but chose not to fix it because it would mean a rewrite of the API and they thought that was too much trouble. Now that it's public knowledge, they still have no plans to fix it. Should somebody who gets rooted with this exploit now be able to sue for product liability?

    It will be interesting to see what happens the first time somebody tries to apply product liability law in this context.
    Do what you want with the girl, but leave me alone!

  5. #5
    Senior Member
    Join Date
    Feb 2002
    Posts
    177
    Originally posted here by g0t r00t
    I see your point but isn't the government already looking at a bill that would require hardware venders to make sure that their products make it harder or stop software and music privacy? I understand that the government shouldn't be snooping around in how Microsoft runs their business but at the same time I think something needs to be done to ensure that security is the highest priority.
    You're exaclty right, something must be done! The big kick in the ass about cyber terrorism is the battlefield. The hackers choose where they want to fight, and a lot of time they choose to fight corporations to attack a nation's ecomomy. Now how should the government go about fighting this battle? Well the thing is they can't. It is up to the corporation's IT/IS department to deal with these issues. The government cannot enforce regualtions on this platform. They can, in theory, try to force software/hardware vendors to make their products more secure, but its up the corporation to ensure that these products are implemented correctly.
    If you want to fight Cyber Terrorism, then you need to educate yourself and others about the need for security, and how to implemet it properly.
    There's not a whole lot the gov can do.....its up to us.

  6. #6
    Member
    Join Date
    May 2002
    Posts
    31
    So getting the government to regulate corporations software practices might not be the best idea. But I kinda like problemchild's idea about holding companies liable for creating flawed software. I mean, if my car had a safety flaw, the company would be liable, so why can't software companies be treated the same? Of course I don't mean every flaw, but the pretty big and obvious ones.

  7. #7
    Junior Member
    Join Date
    Aug 2002
    Posts
    3
    I have to say that we the consumer have encouraged Microsoft as much as anyone to be lax on security. It's akin to two consenting adults. Who's really to blame? Well they're both at fault. If the consumer's had demanded that Microsoft plug it's security holes and followed through with the demands by boycotting we wouldn't be in this situation. We'd either have a secure Microsoft product or everyone would be using a MAC or *nix. I guess I'd say I'm a little bit of a naturalist in that the stupid and the weak get "eaten" first. To have the government step in and regulate things is anit-evolutionist. All it takes is a little self-education and responsibility (which is asking far too much in today's social and political climate) to decide which operating system to use.

  8. #8
    Senior Member The Old Man's Avatar
    Join Date
    Aug 2001
    Posts
    364
    I have to agree with the general opinion of Sgt_B and others who believe that in a "free enterprise system" the cream of the products should float to the top. Now, since MS made probably the most user-friendly-on-the-surface OS, it floated to the top because the public wanted something they could point-'n-click install and point-'n-click operate. I'm as guilty as anyone else who was not able to make Unix/Linux or whatever work quickly enough to do the job that had to be done, and MS not only had the point-'n-click OS they had the Office-Suite and browser that integrated most of the tasks that needed done. Yeah, i know somebody out there is saying "Mac, Mac", but they didn't have the point-'n-click integrated package either back then when everyone was getting hooked on point-'n-click. Only recently have we been forced to consider the "flaws" and the security-holes so we check for program updates and patches regularly, use anti-virus programs, firewalls, spyware detectors, monitored servers and whatever to keep the desktops and systems reasonably secure. Most of the software i have purchased sez right up front they don't guarantee much of anything approaching suitability for the job you're wanting done, and if that's what you expected just don't open the package and go somewhere else for what you need. In fact, the user agreements are so canned that i don't even read them anymore. So.... where else do you go? ?

  9. #9
    Old Fart
    Join Date
    Jun 2002
    Posts
    1,658
    Originally posted here by The Old Man
    the cream of the products should float to the top.
    Cream is not the only thing that floats....
    Al
    It isn't paranoia when you KNOW they're out to get you...

  10. #10
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    ms did quite well in a computer illiterate world, lets see how it does with the up-coming generation which will not need digital crutches.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •