lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: anthony at safferconsulting.com (Anthony Saffer) Subject: Authorities eye MSBlaster suspect <snip> > What did I misconstrue? You stated that you believed that admins were > at fault for worm infections. I quote, "It seems to me that it is each > admins responsiblity, if they were affected ( infected ) not the coder." Sorry for just jumping in here but I couldn't resist. Certainly, you have to admit that there is a such thing as shared responsibility and contributory negligence. Even the law recognizes these things. Sure, it's the coders fault for creating and releasing the worm but the administrators do bear SOME responsibility for not being proactive and patching their systems. There have been cases of patches being available for 6 months to a year and a worm coming along and cleaning house. How can anyone say that the admin isn't partially responsible? Sure, in a perfect world, we wouldn't have to worry about patching our systems and all would be well. But we don't live in a perfect world and every computer admin should know how to patch his system. If he/she doesn't then they shouldn't have their job. There is, after all, a such thing as preventative action. Anthony Saffer SCS Consulting Services www.safferconsulting.com
Powered by blists - more mailing lists