lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
From: yossarian at (yossarian)
Subject: Anti-MS drivel

> The Pinto is a perfect example. It was a concious design decision to save
> few bucks, the theory being that lawsuits for exploding pintos would cost
> less then fixing said Pinto. The difference being that suing a software
> company is almost impossible, so the cost of fixing vs. the cost of
> is wildly in favor of dealing with any lawsuits (of which so far there
> haven't really been any). Ohwell.

Why? Since software is not used out of the box, but applied to a hardware
device in order to function. The legalities are that you can only sue the
vendor of the preinstalled box, as long as you follow the instructions. you
do take your car to the garage, don't you. If someone in a shop advised you
to buy a specific 'puter, sue the shop. This is the reality of software,
unless the CD jumps out of the jewel case and slits your wife's throat,
there is no legal case. At best you can get your money back, never the
collatoral damage, especially when the said software does not claim to be
for mission critical systems. Run NSK if you need that. The only possible
vector for home PC users might be if the home PC gets rooted by an unfixed
yet disclosed flaw and attacks another party, which subsequently sues you.
Then you might have a case - for the defense.

Part II is of course that with the Pinto, people got killed. With computers
that is rarely the case. If it is, it is in hospitals and the like, and then
you sue the hospital for not patching or for using a piece of software for
what it wasn't designed to do. In windows, it is design decision not to make
it mission critical. Hence the licenses come a lot cheaper than NSK or the
like, and you can run it on nearly any crappy hardware.

Powered by blists - more mailing lists