lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: core at bokeoa.com (Charles Stevenson)
Subject: Re: HP Full Disclosure Story

hellNbak, all,

On Sat, Aug 24, 2002 at 05:16:05PM -0400, hellNbak wrote:
> If I purchase a car and find that it has multiple problems, I am by law
> allowed to turn it back into the dealer and get either my money back or a
> new car.  If the dealer refuses, I call my lawyer and sue them.
> 
> SO WHY CAN'T WE SUE SOFTWARE VENDORS?!?!?!?

Let's look at this from another angle. Software is rather
intangible. So instead of relating it to a product. I'd relate it to a
service. For example in the U.S. we have codes for things such as
construction (building codes), food preparation (health codes),
etc.. Each of these standards was developed to ensure the consumer was
getting a house they could live in or to be confident that the food
they will eat was stored at the right temperature before it was
cooked, cooked at the right temperature, whether the cook has
hepatitis, etc.. In order to ensure the safety and reliability of most
software related services we need some form of public office that goes
around and checks these ISPs and make sure that my parents cc# is
secure. I mean 99% of ISPs could be compromised with a little
effort. But I'm getting off track. Anyways I think we should have like
a security inspector or something. As far as suing vendors
well.. that's what a EULA is for. To screw you. Anyways I dunno what I
meant to say I'm at work and keep getting distracted to help people
print. 
 
peace,
core

-- 
  Charles Stevenson (core) <core@...eoa.com>
  Lab Assistant, College of Eastern Utah San Juan Campus 
  http://www.bokeoa.com/~core/core.asc

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20020826/8060abc3/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ