Will "Knowingly allowing a computer under your control to remain in an exploitable state" become a crime?
(if it isn't already...)
It may already be. Certainly it exposes one to civil liability -- if an incident or event was foreseeable, there's certainly negligence, or the common law doctrine of maintaining an attractive nuisance. In the case of a computer owned by a business entity, you might expect (in the US) Sarbanes-Oxley and GLBA to be relevant -- failure to adhere to a standard of due care, etc. etc.
Failure to adhere to the consensus best practice may mean you are implicitly stating that you've agreed to accept the liability for the result.
--
"Well," Brahma said, "even after ten thousand explanations, a fool is no
wiser, but an intelligent man requires only two thousand five hundred."
- The Mahabharata_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
