> If you think of this in another context, would you as a consumer accept a > free food product that causes cancer to occur? > > Would you accept software that causes a malicious cyber incident to occur? >
I think a better analogy would be: if you as an inspector/consumer find spoiled food in a supermarket/restaurant, would you go after the fruit/vegetable pickers/workers? How many years of prison would you lock them up? Open source developers are just like the farm workers who plant and harvest the fruits and vegetables. Do you think it's reasonable to hold them responsible for any malicious cyber incident, particularly if the software vendors who benefited from their (often free) work did not follow due diligence? -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#1725): https://lists.spdx.org/g/spdx/message/1725 Mute This Topic: https://lists.spdx.org/mt/100370207/21656 Group Owner: [email protected] Unsubscribe: https://lists.spdx.org/g/spdx/leave/2655439/21656/1698928721/xyzzy [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
