No Security, No Excuse ?
Page 1 of 3 123 LastLast
Results 1 to 10 of 29

Thread: No Security, No Excuse ?

  1. #1
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,528

    Angry No Security, No Excuse ?

    http://www.vnunet.com/Comment/1153264

    The above link is cause for concern for anyone not yet secured to the best of their ability. In essence it is saying that if your computer is taken over and used in a DDoS attack, then you could be liable.
    55 - I'm fiftyfeckinfive and STILL no wiser,
    OLDER yes
    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

  2. #2
    Man that would suck, especially since even the most secure systems are never hacker-proof. Let's hope that doesn't pass!

  3. #3
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Posts
    604
    So you think any ******* who slaps his computer online which then costs someone else untold sums of damage should not be held accountable? If I buy a dog, set it loose in my neighborhood and it bites someone, I'm liable. If I buy a computer stick it on the net and its used to destroy millions of dollars worth of data, I say "oops,sorry?"


    -Maestr0
    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

  4. #4
    Senior Member DeadAddict's Avatar
    Join Date
    Jun 2003
    Posts
    2,583
    I think computer companies and O.S makers should include a cd rom or Dvd with every new computer and available on the web if they want a copy for their friends and family explaining to the user in laymans terms what they should do to secure their computer such as install a firewall, antivirus and software to get rid of scumware,data miners Etc. and if those things are in place and up todate then the user shouldn't be held responsible if someone hacks their box and uses it for malicious purposes.

  5. #5
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    Yeah.. right. How are they going to enforce this?

    These computer users that are being infected, don't even know they are infected.

    They DO have antivirus. It came with their computer... they just didn't know they had to update it. You can't blame a computer user for not wanting to download/apply a service pack that is 150mb in size, only to find out that their dial up connection dropped 9 hours into it and they have to start all over. Then after they apply that, they have to apply another half dozen updates and reboot after each one. It could take someone a whole weekend to do that. I know I wouldn't download a service pack if it took that long. I'd just say forget it... what do I care. I only use my PC for internet and email. Luckily, I'm on broadband... but not everyone has access to broadband, or doesn't have the need for it.

    I don't know if anyone here has ever tried to download a file off the internet using JUNO. But, they kill your connection after 15min of inactivity on the browser. Nevermind traffic activity. They want you browsing the whole time or they drop you. (Found out the hard way.. trying to download a 10mb driver package file that took over 3 hours to figure out why the connection kept beind dropped.)

    Are they going to start giving out free courses that a user must attend to obtain a new computer or operating system or internet connection? They have to find out how to secure it and present some sort of proof that they know what they're doing? A security "liscense/permit"? Driving a car is a privledge. You must have a license to legally operate a vehicle. If not, you'd be putting hundreds/thousands of other operators at risk daily. Can the same idea be applied to computing?

    IMO- It all comes down to education.

    Don't get me wrong. I'm all for educating users and making the internet a safer place... but how would they enforce it?
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  6. #6
    You have a good point, Maestr0, and I'm tempted to agree, but at the same time, every computer user isn't security-knowledgable and can't afford the hours upon hours it takes to become so. I say this tongue-in-cheek because I wish everyone was security-minded, but not everyone can be an IS expert or even fairly computer savvy. And like I was saying initially, even secure systems aren't hacker-proof. What about those whose defenses were past regardless? They would, theoretically, be held liable despite their best efforts. I dunno, I guess it's a bit of a moral dillemma there.

    But I also agree with phisphreek. I have a hard time seeing something like this actually succeed in passing and being enforced. Ya never know though.

  7. #7
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Posts
    604
    I'm not saying you have to hold the end user accountable for e-mail viruses, I'm speaking of corporate and institutional ressponsibilty to their users(and their data) as well as their responsibilty that company resources are not being used for criminal purposes. I think it is reasonable and fair to expect an entity to excerise due care when handling the sensitive data of others as well as making sure their property is not being used to damage the property of others. Just what exactly 'Due care' is still open for debate but I think some sort of system of accountabilty needs to be developed to allow the internet to mature enough for people to have the confidence that they can conduct business(or surf pr0n ) online in a timely and secure fashion.

    -Maestr0


    neg·li·gence
    1. The state or quality of being negligent.
    2. A negligent act or a failure to act.
    3. Law. Failure to exercise the degree of care considered reasonable under the circumstances, resulting in an unintended injury to another party.
    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

  8. #8
    Gotcha. Yeah, I totally agree with that. Any corporation not security-minded enough for that is just asking for trouble anyway.

  9. #9
    Member
    Join Date
    Nov 2003
    Posts
    89
    hmmmm, I'm not to convinced by all of this. I don't see how this will solve anything.
    It would simply make the DoS attackers life a lot easier. Because now there is going to be even less of a chance of being caught as there will always be some stupid user about not knowing what they are doing.

    I belive that some thing like Should licence be required to go online? would be a much better approach to all of this.
    -HDD

  10. #10
    Webius Designerous Indiginous
    Join Date
    Mar 2002
    Location
    South Florida
    Posts
    1,121
    Okay, so this Fletcher guy built a weak resevoir on his land that exploded. Thats fine. He built it, he should be responsible. But if you think that I'm going to sit here, and be held responsible for holes in a buggy OS that Microsoft put out, I beg to differ. There is no way that I am going to be held responsible for my computer being taken over because of a hole that MS forgot to patch. The vendor of the software that got exploited will be the one taken down. I would love to see them try and take me to court over some **** like this. or better yet my 89 year old grandma who has DSL at her house on her computer. My lawyers would have a field day with this.



    So basically I'm calling bullshit on this one. There is no way that any court is going to hold any end user responsible because the operating system on that computer had holes. The OS vendor will ultimately be responsible.

    case closed

    xmad

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides