nanog mailing list archives
Re: ISP Responsibilities [WAS: Re: Nato warns of strike against cyber attackers]
From: Jorge Amodio <jmamodio () gmail com>
Date: Wed, 9 Jun 2010 12:40:57 -0500
You buy a car and as you're driving along a message comes into the dashboard: "Car Update needed, to fix A/C" you ignore it. Don't update it who cares, you're driving smoothly. Another alert comes into the car dashboard: "Critical alert, your breaks need this patch"... You ignore it and drive along. 5-10 years later the car manufacturer EOL's the car and support for it. You crash... Who is to blame, the car manufacturer or you for not applying the updates. Granted the manufacturer could have given you a better product, the fact remains, it is what it is.
Unfortunately in the software industry you get (when you do, not always) the alert and the patch after the fact, ie the exploit has been already out there and your machine may probably have been already compromised. I never seen any operating system coming with a sign saying "Use at your own risk", why when I buy a piece of software I have to assume it to be insecure, and why I have to spend extra money on a recurring basis to make it less insecure, when there is no guarantee whatsoever that after maintenance, upgrades, patches and extra money my system will not get compromised because a moron forgot to include a term inside an if before compiling. Insecurity and exploitable software is a huge business. I don't expect software to be 100% safe or correct, but some of the holes and issues are derived form bad quality stuff and as car manufacturers the software producers should have a recall/replacement program at their own cost. My .02 Jorge
Current thread:
- ISP Responsibilities [WAS: Re: Nato warns of strike against cyber attackers] Paul Ferguson (Jun 08)
- Re: ISP Responsibilities [WAS: Re: Nato warns of strike against cyber attackers] Rich Kulawiec (Jun 09)
- Re: ISP Responsibilities [WAS: Re: Nato warns of strike against cyber attackers] Owen DeLong (Jun 09)
- Re: ISP Responsibilities [WAS: Re: Nato warns of strike against cyber attackers] Larry Sheldon (Jun 09)
- Message not available
- Re: ISP Responsibilities [WAS: Re: Nato warns of strike against cyber attackers] Larry Sheldon (Jun 09)
- Re: ISP Responsibilities [WAS: Re: Nato warns of strike against cyber attackers] J. Oquendo (Jun 09)
- Re: ISP Responsibilities [WAS: Re: Nato warns of strike against cyber attackers] Larry Sheldon (Jun 09)
- Re: ISP Responsibilities [WAS: Re: Nato warns of strike against cyber attackers] Jorge Amodio (Jun 09)
- Re: ISP Responsibilities [WAS: Re: Nato warns of strike against cyber attackers] J. Oquendo (Jun 09)
- Re: ISP Responsibilities [WAS: Re: Nato warns of strike against cyber attackers] Owen DeLong (Jun 09)
- Re: ISP Responsibilities [WAS: Re: Nato warns of strike against cyber attackers] Larry Sheldon (Jun 09)
- Re: ISP Responsibilities [WAS: Re: Nato warns of strike against cyber attackers] Larry Sheldon (Jun 09)
- Re: ISP Responsibilities [WAS: Re: Nato warns of strike against cyber attackers] Larry Sheldon (Jun 09)
- Re: ISP Responsibilities [WAS: Re: Nato warns of strike against cyber attackers] Barry Shein (Jun 09)
- Re: ISP Responsibilities [WAS: Re: Nato warns of strike againstcyber attackers] Michael Painter (Jun 10)