Grant Bayley wrote:
> http://www.wired.com/news/politics/0,1283,45692,00.html
> Federal rules that will make it obligatory for
> specific sectors to download virus patches are already here
> [...]
> "It means financial institutions will have a legal obligation to take
> steps to preserve the security of their organization,"
I'd have thought making software companies legally liable for defects
leading to losses due to security failures would get a whole lot more
done a whole lot faster.
There just is no excuse for buffer overrun vulnerabilities any more. No
excuse for delivering operating systems with all network features turned
ON by default. No excuse for security features to be turned OFF by
default. No excuse for delivering software with undocumented network
protocols.
On the flip side, there is also no excuse for users to expect to be able
to use powerful and possibly dangerous tools with no effort and no
learning curve.
Regards, K.
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer@biplane.com.au) +41-1-8881812 (h) http://www.biplane.com.au/~kauer/ +41-1-6327531 (w)
This archive was generated by hypermail 2.1.1 : Fri Aug 31 2001 - 03:10:02 EST