Full Disclosure mailing list archives
RE: Re[2]: pissed off
From: Melvyn Sopacua <msopacua () idg nl>
Date: Mon, 28 Apr 2003 00:22:40 +0200 (CEST)
On Mon, 28 Apr 2003, Steve Wray wrote:
SW>>> And the fact that software companies can get away with
SW>>> claiming to have no liability for the fitness of their products
SW>>> means that they can continue to produce and sell and make millions
SW>>> out of their defective products.
So this only applies to sold software? You mean, if a defective program,
burns my CPU's it didn't cost me anything?
Or with respect to Open Source (or even a paid source license):
the fact that the source is available to the end-user, implies the
end-user 'could have known' that this would happen?
SW>>> From the Unix Haters Handbook;
SW>>>
SW>>> <quote>
SW>>> Real standards ... are for physical objects like steel beams: they let
SW>>> designers order a part and incorporate it into their design with
SW>>> foreknowledge of how it will perform under real-world conditions.
Letting users(tm) use software takes away any chances of accurately
assessing real-world conditions.
SW>>> "If a beam fails in service, then the builder's lawyers call the beam
SW>>> maker's lawyers to discuss things like compensatory and punitive
SW>>> damages."
SW>>> Apparently, the threat of liability keeps most companies honest; those
SW>>> who aren't honest presumably get shut down soon enough.
SW>>> <end quote>
SW>>>
SW>>> Somehow an entire industry has arisen with no concept of liability
SW>>> and, therefore, with no concept of honesty.
To much of a longjmp(). The threat of liability, founded upon a belief
that mankind will do the right thing, will lead to honesty.
Threat of liability, founded upon the proven fact, that mankind is
capable of *not* doing the right thing, leads to cover-ups and enhanced
methods of cost/gain analysis (200 dead people * 1,5mln a pop = 300mln,
while redesigning a defective car and recollecting already produced, costs
400mln).
Anyway - to make this on topic again:
what is copyrightable about a vulnerability report and why should
violation of that copyright constitute legal action and possible
financial (or criminal?) repercusions?
--
With kind regards,
Melvyn Sopacua
<?php include("not_reflecting_employers_views.txt"); ?>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Re[2]: pissed off J G (Apr 27)
- RE: Re[2]: pissed off Steve Wray (Apr 27)
- RE: Re[2]: pissed off Melvyn Sopacua (Apr 27)
- power, corruption and lies (was RE: Re[2]: pissed off) Steve Wray (Apr 27)
- RE: power, corruption and lies Jason Coombs (Apr 27)
- RE: RE: power, corruption and lies Steve Wray (Apr 27)
- RE: RE: power, corruption and lies Steve Wray (Apr 27)
- Re: RE: power, corruption and lies morning_wood (Apr 27)
- RE: Re[2]: pissed off Melvyn Sopacua (Apr 27)
- Re: RE: power, corruption and lies yossarian (Apr 28)
- Re: RE: power, corruption and lies Ron DuFresne (Apr 28)
- RE: RE: power, corruption and lies Steve Wray (Apr 28)
- RE: Re[2]: pissed off Steve Wray (Apr 27)
- <Possible follow-ups>
- Re: Re[2]: pissed off fxr (Apr 27)
- Re[4]: pissed off Tamer Sahin (Apr 28)