[187057] in North American Network Operators' Group
Re: de-peering for security sake
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Sat Jan 16 21:48:56 2016
X-Original-To: nanog@nanog.org
To: Owen DeLong <owen@delong.com>
From: Valdis.Kletnieks@vt.edu
In-Reply-To: <22A6FA1E-4468-4C6F-8945-0B66140FBD87@delong.com>
Date: Sat, 16 Jan 2016 21:48:38 -0500
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
--==_Exmh_1452998918_2243P
Content-Type: text/plain; charset=us-ascii
On Sat, 16 Jan 2016 11:09:27 -0800, Owen DeLong said:
> > Making the owner of the host responsible for an attack -personally-
> > responsible would require every grandma & 6 year old to have insurance before
> > buying a laptop or Xbox. And would bankrupt your favorite startup no matter how
> > smart & competent the first time a zero-day caught them by surprise.
> Agreed… I think, instead, that the commercial purveyors of vulnerable software
> should be held liable.
And this is another one that needs *really* careful definitions.
How much time does Redhat get to patch a bug in (say) OpenSSH or the kernel
or any other package from upstream, before you want to hold them liable?
--==_Exmh_1452998918_2243P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Exmh version 2.5 07/13/2001
iQIVAwUBVpsBBgdmEQWDXROgAQJ2Hw/+MDLP3n/Y3uZlu0KNDGqQLovm9F3byDb2
ia4ToGbxOpT45NJzmOYnVZe5bYjQ75U8JLgu7JZSjYhAYlVytu/FyMqw19oBuGjk
ACYwndIEicN80SVdYPxar/VueD7y1Q38FGnBXnOcSXmpccWU55sXghm6Aa00yrl+
WfOKR0RUPLwMXp6CGk2UHeag+VdnHRPuMVmTCgQUrhWKH4Sk8nE6efpeNmv+Cjr4
m55sGyiw/UWV/IFKjb7QVC1RoEQublAemsnCTo/nPuvSpjQ6hMfEOpQoBg+igFfL
DCDrJRQxUbi6CY9/4DRt3IuPvbX460ZpIQCmJuN6U777HrtwfWycfMGlczAF7t3Y
hoYvVXtQy8UdRWrLedC9bxTNBBmDFYUJOzgqPHjgJUi+lU6chUSg3oz5hkJSlvLC
35Y/F0XYp9deHgjbpqF0SY6BOOlZilq1x3ChmffCPK04T5vxV3IkNHqi+/JBfVij
NuxYrckSDqm2jfDZG64wCGCDqrYy2npS4/O4BSiD86gjrh82f3hQa2YhN4pgW8+X
9Krlgb+mr0+fxGGCoaOd0PsKnm+lFRjdy2KdNDe635LIoKDCT6vvoweYWcycC8hy
gB38mBqhUKn8itjhU2rSre7CU7d9W2atpvlIbo+NOmp6zMeQnq7niPcFgyU7zyEs
0xtVLcojhhQ=
=iQpC
-----END PGP SIGNATURE-----
--==_Exmh_1452998918_2243P--
