Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Who's to blame when hackers hack?

  1. #1
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,785

    Who's to blame when hackers hack?

    About two weeks ago, the National Academy of Sciences said that we should make software mfg’s responsible for damages caused by hackers and viruses and at the time I completely agreed with them.

    I mean why do I have to buy antivirus and firewall software. If all it does is protect me from vulnerabilities in m$ software.

    If an intruder or virus takes down my network for a couple of days, shouldn't the software company have some liability?

    Or is that like making the people who built your house responsible because someone broke into it?

    Should software companies be liable for problems caused when software breaks or when a cracker gets in and causes damage?
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  2. #2
    No they shouldn't. Once you decide to purchase the software or download it it's your responsiblity. You have to remeber that Hacking is all about finding a vulnerability. Most of the time it's the users fault for not getting updates and patches. Basically the same thing goes with virusess, worms, and trojans if you don't get the protection it's your fault.
    NOT THE COMPANY.

    Stupid Users = Hacked Computers
    if that doesn't make sense pm me with your ip and I'll show you how it works.

  3. #3
    Junior Member
    Join Date
    Jan 2002
    Posts
    16
    I do agree that to some extent the user takes responsibility. However, I do expect my roof to stay on when just the slightest wind blows. (To use your analogy)

    When the OS I'm forced to buy a license for, has as many hidden treasures including videos of the designers, as MS places in theirs. Then I expect a higher quality OS.


    >> Stupid Users = Hacked Computers
    >> if that doesn't make sense pm me with your ip and I'll show you how it works.

    32.96.111.131

    Sounds like just another brick in the wall...

  4. #4
    Senior Member
    Join Date
    Dec 2001
    Posts
    319
    I don't think companies should be responsible for the overall security of their product, but they should be held acountable for the stability of their software.

  5. #5
    Senior Member
    Join Date
    Sep 2001
    Posts
    831
    Who is to blame when hackers hack... hmmmm... Survey sez.. the hackers....

    Holding the companies liable for such a thing just wouldn't work... it would lead to.
    A> Higher OS Costs (Licensing n stuff)
    B> Lots of Legal Issues (You think the company wouldn't fight it.. I don't think so..)
    C> Decrease in Innovative Technology ( New Technology is often takes time to get on its feet.. if your gonna hold the companies liable, they won't innovate.. they won't keep making new and interesting software... you'll just have the same old software, patched to all hell an back.... )

    When networks get hacked, its often because of an error in the configuration... whether this be not having the latest patches installed, or having something accessible that shouldn't be... there are too many things that can lead to a security breach... The manufacturers would be fighting every claim... and when you've already lost $50,000 from the network being down for 3 days.. trying to get the companies to pay is gonna cost you a lot more than that....
    -Matty_Cross
    \"Isn\'t sanity just a one trick pony anyway? I mean, all you get is one trick. Rational Thinking.
    But when you\'re good and crazy, hehe, the skies the limit!!\"

  6. #6
    This depends, sometimes it´s the users fault. But if we look at the case Lockdown corp versus PcHelp then I would say it´s the software makers.
    When you sell a product and claim it will stop certain attacks( wich it does not) AND you go arround spreading fear and uncertainty under home users. That´s wrong, and the company should be handled by the authorities.

  7. #7
    Senior Member
    Join Date
    Sep 2001
    Posts
    831
    When you sell a product and claim it will stop certain attacks( wich it does not) AND you go arround spreading fear and uncertainty under home users. That´s wrong, and the company should be handled by the authorities.
    True.. Claiming a product does something that it doesn't do is false advertising, and is illegal (or at least it is here)...

    But what I see this discussion to be about is not a product not doing what it supposed to, but rather a product doing something it isn't supposed to, via input from a malicious party...

    Realistically, a company cannot be expected to cover every single possibility that could lead to something unintentional happening... as individual system requirements come involved, the possibility of 'the bad men' getting in increases... along with other factors, such as user competence (how many email virus's could be prevented if the users would learn 'If you don't recognise it, DON'T OPEN THE F#CKING ATTACHMENT'...)... it becomes incredibly hard to identify what features of the program could lead to security breaches, and ways of fixing them whilst still keeping the functionality....



    Disclaimer: I am not excusing Microsoft's disgusting security record with my statements.. they are either lazy or incompetent.. or both.....
    -Matty_Cross
    \"Isn\'t sanity just a one trick pony anyway? I mean, all you get is one trick. Rational Thinking.
    But when you\'re good and crazy, hehe, the skies the limit!!\"

  8. #8
    Senior Member
    Join Date
    Dec 2001
    Posts
    1,193
    probably the better response might be that it is a combination of responsibilities.

    The sw company to release only tested, secure as they know how stuff.

    The end user to do all they know how to lock it up.

    Those illegally breaking into anything - it's always their fault.

    Trappedagainbyperfectlogic.

  9. #9
    Senior Member
    Join Date
    Jan 2002
    Posts
    206
    If the manufacturers of software were made more accountable for what they did (making high quality products) then it would be better for all. If there was some sort of legal recourse available for users of a **** piece of software, then you can bet that pretty soon the overall quality of software will go up. Why? Because companies like M$ might start to loose money if they were taken to court all the time, thats not the idea of business.
    In my mind your average Joe on the street should be better protected by consumers rights.
    Though this will not happen, its too idealistic. M$ and the like have got it sussed with their 'End user license agreement'.
    I can understand the need for patches and the like, but for example when a flagship product - XP - is launched and then a matter of a week or so passes before a vunerability is found..... Well its an absolute joke.

  10. #10
    Senior Member
    Join Date
    Dec 2001
    Posts
    1,193
    Ok the_g_nee let's say you're right.

    Now, how do we make it so that the little software firm is not sued off the planet should their startup product not have time to improve while the giants like microsucks can afford to pay the legal fees?

    Balance is needed if you are proposing an legislative solution and one that will garner support from the govt proponets involved.


    Here then is what I propose if all the community at AO is serious - let us begin a petition forum or the like (with the blessing of jp) and use it to urge the politicians to pass smart, enforceable laws. This is a better idea than aruging endlessly about it in discussion groups.

    Don't flame me until you think about. <gets down and dons helmet>
    Trappedagainbyperfectlogic.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •