-
March 11th, 2004, 04:41 PM
#1
No Security, No Excuse ?
http://www.vnunet.com/Comment/1153264
The above link is cause for concern for anyone not yet secured to the best of their ability. In essence it is saying that if your computer is taken over and used in a DDoS attack, then you could be liable.
so now I'm in my SIXTIES FFS
WTAF, how did that happen, so no more alterations to the sig, it will remain as is now
Beware of Geeks bearing GIF's
come and waste the day :P at The Taz Zone
-
March 11th, 2004, 04:59 PM
#2
Man that would suck, especially since even the most secure systems are never hacker-proof. Let's hope that doesn't pass!
-
March 11th, 2004, 05:16 PM
#3
So you think any ******* who slaps his computer online which then costs someone else untold sums of damage should not be held accountable? If I buy a dog, set it loose in my neighborhood and it bites someone, I'm liable. If I buy a computer stick it on the net and its used to destroy millions of dollars worth of data, I say "oops,sorry?"
-Maestr0
\"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier
-
March 11th, 2004, 05:30 PM
#4
I think computer companies and O.S makers should include a cd rom or Dvd with every new computer and available on the web if they want a copy for their friends and family explaining to the user in laymans terms what they should do to secure their computer such as install a firewall, antivirus and software to get rid of scumware,data miners Etc. and if those things are in place and up todate then the user shouldn't be held responsible if someone hacks their box and uses it for malicious purposes.
-
March 11th, 2004, 05:39 PM
#5
Yeah.. right. How are they going to enforce this?
These computer users that are being infected, don't even know they are infected.
They DO have antivirus. It came with their computer... they just didn't know they had to update it. You can't blame a computer user for not wanting to download/apply a service pack that is 150mb in size, only to find out that their dial up connection dropped 9 hours into it and they have to start all over. Then after they apply that, they have to apply another half dozen updates and reboot after each one. It could take someone a whole weekend to do that. I know I wouldn't download a service pack if it took that long. I'd just say forget it... what do I care. I only use my PC for internet and email. Luckily, I'm on broadband... but not everyone has access to broadband, or doesn't have the need for it.
I don't know if anyone here has ever tried to download a file off the internet using JUNO. But, they kill your connection after 15min of inactivity on the browser. Nevermind traffic activity. They want you browsing the whole time or they drop you. (Found out the hard way.. trying to download a 10mb driver package file that took over 3 hours to figure out why the connection kept beind dropped.)
Are they going to start giving out free courses that a user must attend to obtain a new computer or operating system or internet connection? They have to find out how to secure it and present some sort of proof that they know what they're doing? A security "liscense/permit"? Driving a car is a privledge. You must have a license to legally operate a vehicle. If not, you'd be putting hundreds/thousands of other operators at risk daily. Can the same idea be applied to computing?
IMO- It all comes down to education.
Don't get me wrong. I'm all for educating users and making the internet a safer place... but how would they enforce it?
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
March 11th, 2004, 05:48 PM
#6
You have a good point, Maestr0, and I'm tempted to agree, but at the same time, every computer user isn't security-knowledgable and can't afford the hours upon hours it takes to become so. I say this tongue-in-cheek because I wish everyone was security-minded, but not everyone can be an IS expert or even fairly computer savvy. And like I was saying initially, even secure systems aren't hacker-proof. What about those whose defenses were past regardless? They would, theoretically, be held liable despite their best efforts. I dunno, I guess it's a bit of a moral dillemma there.
But I also agree with phisphreek. I have a hard time seeing something like this actually succeed in passing and being enforced. Ya never know though.
-
March 11th, 2004, 06:16 PM
#7
I'm not saying you have to hold the end user accountable for e-mail viruses, I'm speaking of corporate and institutional ressponsibilty to their users(and their data) as well as their responsibilty that company resources are not being used for criminal purposes. I think it is reasonable and fair to expect an entity to excerise due care when handling the sensitive data of others as well as making sure their property is not being used to damage the property of others. Just what exactly 'Due care' is still open for debate but I think some sort of system of accountabilty needs to be developed to allow the internet to mature enough for people to have the confidence that they can conduct business(or surf pr0n ) online in a timely and secure fashion.
-Maestr0
neg·li·gence
1. The state or quality of being negligent.
2. A negligent act or a failure to act.
3. Law. Failure to exercise the degree of care considered reasonable under the circumstances, resulting in an unintended injury to another party.
\"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier
-
March 11th, 2004, 06:22 PM
#8
Gotcha. Yeah, I totally agree with that. Any corporation not security-minded enough for that is just asking for trouble anyway.
-
March 11th, 2004, 06:46 PM
#9
Member
hmmmm, I'm not to convinced by all of this. I don't see how this will solve anything.
It would simply make the DoS attackers life a lot easier. Because now there is going to be even less of a chance of being caught as there will always be some stupid user about not knowing what they are doing.
I belive that some thing like Should licence be required to go online? would be a much better approach to all of this.
-
March 11th, 2004, 07:08 PM
#10
Okay, so this Fletcher guy built a weak resevoir on his land that exploded. Thats fine. He built it, he should be responsible. But if you think that I'm going to sit here, and be held responsible for holes in a buggy OS that Microsoft put out, I beg to differ. There is no way that I am going to be held responsible for my computer being taken over because of a hole that MS forgot to patch. The vendor of the software that got exploited will be the one taken down. I would love to see them try and take me to court over some **** like this. or better yet my 89 year old grandma who has DSL at her house on her computer. My lawyers would have a field day with this.
So basically I'm calling bullshit on this one. There is no way that any court is going to hold any end user responsible because the operating system on that computer had holes. The OS vendor will ultimately be responsible.
case closed
xmad
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|