User: Password:
|
|
Subscribe / Log in / New account

The new Java 0Day examined (The H)

The new Java 0Day examined (The H)

Posted Aug 31, 2012 14:17 UTC (Fri) by drag (subscriber, #31333)
In reply to: The new Java 0Day examined (The H) by reddit
Parent article: The new Java 0Day examined (The H)

> Why isn't there criminal prosecution for the managers of companies that leave vulnerabilities unpatched?

Because that would be damn stupid thing to do.

> As far as I can tell, they are directly acting to help the activities of criminals and organized crime all around the world.

So does roads and airports, but nobody is trying to prosecute them.

> Oh, and maybe they should be forced to pay a reparation of $100k at least (or an equal share of their assets after they declare bankruptcy due to this) for every person they intentionally put in danger of getting all their personal data stolen and/or destroyed.

Or you could just take responsibility for your own life and not use shitty software.


(Log in to post comments)

The new Java 0Day examined (The H)

Posted Sep 2, 2012 1:30 UTC (Sun) by gmaxwell (guest, #30048) [Link]

Or you could just take responsibility for your own life and not use shitty software.
Meh. Everything else you said was great— but software, certainly closed source binary software, is something of a lemon market. The authors may know that the software was rushed, untested, and shoddy, but the users can only tell after the fact. It's not right to blame the victims, even if it also isn't right to hold the perpetrators accountable.

Perhaps it might be more realistic to establish disclosure requirements— thus delemoning the market and reducing the incentives to be dishonest about your poor software quality— than it would be to make people responsible for unreliable and poorly maintained code?


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds