[87615] in North American Network Operators' Group
Re: Compromised machines liable for damage?
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Thu Dec 29 05:55:45 2005
To: Owen DeLong <owen@delong.com>
Cc: Douglas Otis <dotis@mail-abuse.org>,
"Steven M. Bellovin" <smb@cs.columbia.edu>, NANOG <nanog@merit.edu>
In-Reply-To: Your message of "Wed, 28 Dec 2005 13:20:51 PST."
<E65A591C1805683773004B22@imac-en0.delong.sj.ca.us>
From: Valdis.Kletnieks@vt.edu
Date: Thu, 29 Dec 2005 05:51:04 -0500
Errors-To: owner-nanog@merit.edu
--==_Exmh_1135853464_3108P
Content-Type: text/plain; charset=us-ascii
On Wed, 28 Dec 2005 13:20:51 PST, Owen DeLong said:
> Denying patches doesn't tend to injure the trespassing user so much as
> it injures the others that get attacked by his compromised machine.
> I think that is why many manufacturers release security patches to
> anyone openly, while restricting other upgrades to registered users.
Color me cynical, but I thought the manufacturers did that because a security
issue has the ability to convince non-customers that your product sucks, while
other bugs and upgrades only convince the sheep that already bought the product
that the product is getting Even Better!(tm).....
--==_Exmh_1135853464_3108P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFDs7+YcC3lWbTT17ARAm1rAJ9Elqled4fLjMbG5G5mezOzd40/FQCfdccP
SBN+jZl+I4QFKP3yo0TcGqQ=
=wuHU
-----END PGP SIGNATURE-----
--==_Exmh_1135853464_3108P--
