[96183] in North American Network Operators' Group
Re: UK ISP threatens security researcher
daemon@ATHENA.MIT.EDU (Donald Stahl)
Fri Apr 20 15:49:09 2007
Date: Fri, 20 Apr 2007 15:46:28 -0400 (EDT)
From: Donald Stahl <don@calis.blacksun.org>
To: Kradorex Xeron <admin@digibase.ca>
Cc: nanog@merit.edu
In-Reply-To: <200704201456.07096.admin@digibase.ca>
Errors-To: owner-nanog@merit.edu
> In my personal opinion, ISPs, vendors, and such should legally be held
> responsible for their product's security and unconditionally be made to
> repair any security holes. -- if a vendor or ISP maintains good security
> practices, there will be nothing for them to fear from this.
What's really upsetting is that often it's faster to just fix the problem
than it is to complain about it. Unfortunately companies seem to feel
that legally threatening people is the wiser course of action.
I'd like to know when people stopped taking pride in their work. When I
screw up- I'm upset with myself, not with the guy who pointed out the
mistake. Now if he used my screwup to wreck everything I've worked- then
to hell with him- but if all he did is point out the mistake- then I
should learn from it and make sure it doesn't happen again.
-Don
