[87614] in North American Network Operators' Group
Re: Compromised machines liable for damage?
daemon@ATHENA.MIT.EDU (Richard A Steenbergen)
Thu Dec 29 02:33:38 2005
Date: Thu, 29 Dec 2005 02:33:09 -0500
From: Richard A Steenbergen <ras@e-gerbil.net>
To: Barry Shein <bzs@world.std.com>
Cc: NANOG <nanog@merit.edu>
In-Reply-To: <17331.25415.940468.824609@world.std.com>
Errors-To: owner-nanog@merit.edu
On Wed, Dec 28, 2005 at 11:17:11PM -0500, Barry Shein wrote:
>
> To beat a dead horse just a little harder the problem I have is when a
> certain company kept distributing software with security flaws
> specifically because they're profiting from those flaws.
>
> For example, graphics libraries which accept binary code chunks to be
> executed in kernel mode without limits for support of quick screen
> updates in games considered of marketing importance. Blaming it on the
> games vendors seems inadequate, particularly over several years and
> releases of each.
>
> That's just pure economics and, hence, profiting on others' serious
> pain.
And yet, I'd bet $10 that:
* They know this.
* They are just implementing what their customers demand.
* They accept that allowing direct access in order to obtain performance
at the experience of security is a necessary model in a wide variety of
situations, particularly gaming.
* They don't give a flying crap what a bunch of perceived whining kooks on
NANOG think about that tradeoff. God knows, I wouldn't. :)
--
Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
