http://papers.ssrn.com/sol3/Delivery.cfm/SSRN_ID622364_code402123.pdf? abstra ctid=622364&mirid=1 or http://papers.ssrn.com/abstract=622364
Abstract: Both law enforcement and markets for software standards have failed to solve the problem of software that is vulnerable to infection by network-transmitted worms. Consequently, regulatory attention should turn to the publishers of worm-vulnerable software. Although ordinary tort liability for software publishers may seem attractive, it would interact in unpredictable ways with the winner-take-all nature of competition among publishers of mass-market, internet-connected software. More tailored solutions are called for, including mandatory "bug bounties" for those who find potential vulnerabilities in software, minimum quality standards for software, and, once the underlying market failure is remedied, liability for end users who persist in using worm-vulnerable software. You are a subscribed member of the infowarrior list. Visit www.infowarrior.org for list information or to unsubscribe. This message may be redistributed freely in its entirety. Any and all copyrights appearing in list messages are maintained by their respective owners.
