Full Disclosure mailing list archives
RE: Microsoft confirms source code leak
From: "Bernie, CTA" <cta () hcsin net>
Date: Fri, 13 Feb 2004 14:01:45 -0500
On 13 Feb 2004 at 7:32, Edward W. Ray wrote:
"Does it not appear that the leak could have been done to ensure that M$ has a legal argument to abate liability in case they are sued?" I think their EULA which you accept when installing covers their ass for just about anything.
<<< This may be true where WIN OS based box is deployed in a commercial environment. However, I think their EULA is trumped by the new US Federal Regulations (HIPAA, DHS, CFR, etc) if the Microsoft knew or should of known that their Win OS was going to be deployed in a solution that was designed to ensure the security (integrity, confidentiality, accessibility) of people, premises, critical infrastructure, systems, resources or data and knew or should have known that their Win OS had flaws/vulnerabilities which could be exploited to threaten such security and failed to disclose such flaws/vulnerabilities to the buyer. At minimum, the new regulations require that all known Privacy/Security Risks be disclosed and safeguards, policies and procedures be put in place to mitigate these risks. -- -- **************************************************** Bernie / cta () hcsin net Chief Technology Architect / Chief Security Officer Euclidean Systems, Inc. ******************************************************* // "There is no expedient to which a man will not go // to avoid the pure labor of honest thinking." // Honest thought, the real business capital. // Observe> Think> Plan> Think> Do> Think> ******************************************************* _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Microsoft confirms source code leak Thor Larholm (Feb 12)
- Re: Microsoft confirms source code leak Bernie, CTA (Feb 13)
- RE: Microsoft confirms source code leak Edward W. Ray (Feb 13)
- Re: Microsoft confirms source code leak Valdis . Kletnieks (Feb 13)
- RE: Microsoft confirms source code leak Bernie, CTA (Feb 13)
- Re: Microsoft confirms source code leak Cael Abal (Feb 13)
- RE: Microsoft confirms source code leak Ron DuFresne (Feb 13)
- RE: Microsoft confirms source code leak Roy M. Silvernail (Feb 13)
- Re: Microsoft confirms source code leak Jeremiah Cornelius (Feb 13)
- RE: Microsoft confirms source code leak Edward W. Ray (Feb 13)
- Re: Microsoft confirms source code leak Valdis . Kletnieks (Feb 13)
- Re: Microsoft confirms source code leak Bernie, CTA (Feb 13)
- <Possible follow-ups>
- RE: Microsoft confirms source code leak Andre Ludwig (Feb 12)
- RE: Microsoft confirms source code leak Byron Copeland (Feb 12)
- Re: Microsoft confirms source code leak Benjamin Meade (Feb 13)
- RE: Microsoft confirms source code leak Byron Copeland (Feb 12)