On Mon, Apr 15, 2002 at 10:46:58AM +0200, Lutz Jaenicke wrote:
> On Mon, Apr 15, 2002 at 01:36:56AM -0700, David Bronaugh wrote:
> > Yeah, wasn't saying it was anything you did; just bugs me when people do that crap.
> 
> My comment wasn't targeted at you.
> As I do post to this list quite often and as a member of the openssl
> developers team I felt that I should give a statement about the situation.
> 
> > I am not really easy to affect either, since I use a crappy graphical mail client 
>under Linux; nonetheless, I understand quite a few people on this list may use OE or 
>similar.
> 
> I am afraid that this statement is quite correct :-(
>       Lutz

I also was unaffected and I did try to have a closer look at the attachment.  I did 
not go so far as to load it up under a virtual machine.


We get hit with viruses more than once per week and this one is just par for the 
course.  People have to start realizing that if they continue to use flawed systems 
then when something hits them it is THEIR OWN FAULT.  The list should not try to take 
on the responsibility of protecting them.  That is false security and in some respects 
it can create a misplaced liability.  What I mean by this is that if the list tries to 
take on the responsibility to protect people from their own actions and somehow the 
list fails for whatever reasons then the fact that the list attempted this and failed 
can be used against the list.

I'm sure that many on this list work as systems managers for large organisations and 
can see the logic in this.  The problem starts out that end users are being hit by 
viruses because they refuse to observe prudent practices and persist in using flawed 
software.  Next the systems people are consulted and they open their mouths and 
annonouce that "yes, we might be able to offer some protection".  Thereafter the 
problem shifts to their shoulders and they become responsible to protect the end 
users.  It is a thankless job.

I do not think it is a "head in the sand" position to say that the list bears no 
responsibility for what goes through it.  Viruii can come from any source, this list 
is just one small part of the picture.  If people want to use OE then that is their 
choice but it is also their responsibility to deal with the problems their choice 
creates for them.



> -- 
> Lutz Jaenicke                             [EMAIL PROTECTED]
> http://www.aet.TU-Cottbus.DE/personen/jaenicke/
> BTU Cottbus, Allgemeine Elektrotechnik
> Universitaetsplatz 3-4, D-03044 Cottbus
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> Development Mailing List                       [EMAIL PROTECTED]
> Automated List Manager                           [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to