>Now hang on a second, surely this can't be right? Admittedly I'm from
>Australia, where litigation is still a legal process and not the
>country's most popular participatory sport, but does Richard really mean
>that *failing to include the most basic security measures* in a product
>such as Metacard is legally safer than actually including security
>measures? Like, oh wow man, acid trip!
Stay away from English beef and that feeling will go away. :)
I don't profess to have more legal knowledge than anyone else, nor even
to understand how liability suits for some of the most ludicrous things
you could possibly imagine manage to extract billions of dollars every
year from productive sectors of society. But it happens just the same.
(Exercise for the reader: try to find a cup of coffee at any American
restaurant that is hotter than merely tepid.)
I merely suggested that making specific claims about security is likely
to raise expectations more than making no claims at all.
Anyone in a position to bankroll such an investment as substantiating
securiy claims for MetaCard has my encouragement and envy. But before
anyone runs to the bank for that cashier's check, they might want to
perform an ROI analysis first. If Scott thinks this is worth investing
in I'll go along for the ride, but I would sure like to see QT support
first. :)
>Me, I vote for user control.
Me too. As with FTP since long before the Web was invented, I choose
what to put on my machine.
Security is ultimately a matter of trust, since all systems are
breachable. Microsoft and Macromedia let the user know the potential
risks, and allow them to make their own choice to satisfy their own
needs. Such a scheme has not prevented Shockwave from becoming one of
the most downloaded files ever.
Best of all, the development, testing, and maintenance costs (not to
mention liability insurance premiums <g>) of a scheme requiring explicit
user confirmation is almost NIL compared with issuing patches everytime a
UNIX wizard hacks your code.
But of course, as with any feature request, this is a question of ROI.
If the data supports that MC can make more money with this investment,
I'm all over it.
- Richard Gaskin
Fourth World
Multimedia Design and Development for Mac, Windows, UNIX, and the Web
_____________________________________________________________________
[EMAIL PROTECTED] http://www.FourthWorld.com
US: 800-288-5825 Int'l: 323-225-3717 Fax: 323-225-0716
