So society is to blame I guess. This is the same brain-dead logic that concludes that we shouldn't arrest poor people who commit crimes.
Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.ziffdavis.com/seltzer [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Radule Soskic Sent: Friday, May 14, 2004 11:28 AM To: [EMAIL PROTECTED] Subject: [Full-Disclosure] New therad: sasser, costs, support etc alltogether I can't post this to all the threads that I would like to, so I'm opening a new one. Follow this: 1. MS is wrongdoing by releasing (and charging for use of) software that has bugs in it. Users of such software have losses in time/money by trying to keep up with applying pathches, or just by trying to keep the uptime high. 2. Admins are wrongdoing by not applying patches to the systems they maintain. There are losses tied to such misspractice, too. 3. Worm authors are wrongdoing by writing software that propagate through the networks by exploiting all of the above. Again, the losses occur in time/money spent to remove the worms from the systems affected. It is obvious that almost every legal system in the world treats #3 as crime, while #2 and #1 are broadly tolerated. Noone here is against the book of law, but it just seems to be in contrast to the natural and intuitive feeling of justice that majority of people might have regarding the issues like these. See - only one of the three wrongdoers is being punished. Is it right? Or - is it wrong? BTW, I have a funny feeling that damages/losses caused by #3 might very often be far less than the ones caused by #2 and #1. Am I alone? cikasole _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
