Le jeu 13/05/2004 � 18:17, Aaron Gee-Clough a �crit : > Duquette, John wrote: > > Why not punish all the admins/users who failed to patch their systems in > > time as well. > Because they didn't break the law. It's really that simple.
In France, there's a law that says you have to furnish available means to appropriatly protect systems that personnal datas (names, addresses, telephone numbers, CC numbers, etc.). However, it is not strict, so you can justify a patch delay for validation means or anything else that obviously prevent you to patch, in particular if you can produce a workaround. But doing nothing at all (no patch, no workaround) simply break the law. -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
