Steven D'Aprano wrote:
> Now hang on a second, surely this can't be right? Admittedly I'm from
> Australia, where litigation is still a legal process and not the
> country's most popular participatory sport, but does Richard really mean
> that *failing to include the most basic security measures* in a product
> such as Metacard is legally safer than actually including security
> measures?
It's not inconceivable.
For instance, strong encryption could get MC in trouble with the US
National Security Agency, a group with which you should not toy. They
have less of a sense of humor than a Southern Baptist.
Also, adding security measures, it could be argued, is an implicit
guarantee of safety in data (unless disclaimers were published);
therefore any security breach could be pointed up as negligence and,
potentially, sued over.
> But the big difference is that with Java the user CHOOSES whether or not
> to give the web site access to your computer. ActiveX takes the choice
> away from the user or system administrator and gives it to the
> (potential) cracker.
Yes. One of six billion reasons to avoid AX if at all possible.
Of course the Java alerts have the effect of scaring off some folks...
Sigh.
--
becker("digitalMedia").programmer[#senior] = "Warren Ockrassa"
http://www.beckerinc.com/ mailto:[EMAIL PROTECTED]
-- n i g h t w a r e s --
director faq lingo tutorial free files links
http://www.nightwares.com/
