RE: Re[2]: [Full-Disclosure] pissed off

• Previous message: Steve Wray: "RE: Re[2]: [Full-Disclosure] pissed off"
• In reply to: Steve Wray: "RE: Re[2]: [Full-Disclosure] pissed off"
• Next in thread: Steve Wray: "power, corruption and lies (was RE: Re[2]: [Full-Disclosure] pissed off)"
• Reply: Steve Wray: "power, corruption and lies (was RE: Re[2]: [Full-Disclosure] pissed off)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: Steve Wray <steve.wray@paradise.net.nz>
Date: Mon, 28 Apr 2003 00:22:40 +0200 (CEST)

On Mon, 28 Apr 2003, Steve Wray wrote:

SW>>> And the fact that software companies can get away with
SW>>> claiming to have no liability for the fitness of their products
SW>>> means that they can continue to produce and sell and make millions
SW>>> out of their defective products.

So this only applies to sold software? You mean, if a defective program,
burns my CPU's it didn't cost me anything?
Or with respect to Open Source (or even a paid source license):
the fact that the source is available to the end-user, implies the
end-user 'could have known' that this would happen?

SW>>> From the Unix Haters Handbook;
SW>>>
SW>>> <quote>
SW>>> Real standards ... are for physical objects like steel beams: they let
SW>>> designers order a part and incorporate it into their design with
SW>>> foreknowledge of how it will perform under real-world conditions.

Letting users(tm) use software takes away any chances of accurately
assessing real-world conditions.

SW>>> "If a beam fails in service, then the builder's lawyers call the beam
SW>>> maker's lawyers to discuss things like compensatory and punitive
SW>>> damages."
SW>>> Apparently, the threat of liability keeps most companies honest; those
SW>>> who aren't honest presumably get shut down soon enough.
SW>>> <end quote>
SW>>>
SW>>> Somehow an entire industry has arisen with no concept of liability
SW>>> and, therefore, with no concept of honesty.

To much of a longjmp(). The threat of liability, founded upon a belief
that mankind will do the right thing, will lead to honesty.
Threat of liability, founded upon the proven fact, that mankind is
capable of *not* doing the right thing, leads to cover-ups and enhanced
methods of cost/gain analysis (200 dead people * 1,5mln a pop = 300mln,
while redesigning a defective car and recollecting already produced, costs
400mln).

Anyway - to make this on topic again:
what is copyrightable about a vulnerability report and why should
violation of that copyright constitute legal action and possible
financial (or criminal?) repercusions?

-- 
With kind regards,
Melvyn Sopacua
<?php include("not_reflecting_employers_views.txt"); ?>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

• Previous message: Steve Wray: "RE: Re[2]: [Full-Disclosure] pissed off"
• In reply to: Steve Wray: "RE: Re[2]: [Full-Disclosure] pissed off"
• Next in thread: Steve Wray: "power, corruption and lies (was RE: Re[2]: [Full-Disclosure] pissed off)"
• Reply: Steve Wray: "power, corruption and lies (was RE: Re[2]: [Full-Disclosure] pissed off)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]