BEWARE OF LINUX! It will melt your CDs, cause your fan to spin backwards, and your mouse will get scurvy. Friends don't let friends use Linux, and neither will a responsible vendor. There's a very good reason why Microsoft products are bundled with new computers- they are hardware friendly, and rich in vitamin C!
Spot on. I don't even belong to any of the shipping fandom communities, and I don't care for erotic fanfic. I say good riddance to the pedophiles! But alienating the fandoms was a MAJOR screwup, because fans are, well... fanatical about their fandom interests. Fandom counts, indeed. It's a pity many LiveJournal users had to read about all this on Slashdot and C|Net before hearing anything official about it from LiveJournal news.
"Ignorance of the law doesn't give you the right to break it."
Well, I agree, but as I pointed out earlier, it's not against the law to be the unwitting victim of a malicious user, and it's not against the law if you aren't up-to-the-second patched and updated with the latest securityware. We've moved way beyond the original scope of the article, which was about criminalizing DoS attacks, into a tangential area about financial liability for those who are unwitting accomplices in DDoS attacks.
Short of requiring forced competency tests and/or forced insurance (or "hackers insurance") to use the internet, I see no real practical and fair way to compare computer user liability with car user liability. In the end, I think implementing such measures would be draconian and would cause more thorny legal issues than they would actually solve.
Having said that, I think the saner of the two options is forced "internet insurance" that everyone, including you, should pay--because no matter how competent a user you are, no one, and I mean no internet user, is 100% immune from the malicious. Perhaps if Aunt Alice and Uncle Bob can pay a pittance to prevent being screwed first by the script kiddies, then by the courts, it might not be such a bad thing.
So instead of going 'round and 'round beating this rapidly dying horse I'll just say that from what I've read elsewhere it will have to be proven that the people charged with DoS attacks had both the requisite knowledge and intent to carry them out. And I'm fine with that.
"You're supposed to choose someone people DON'T like to play the part of the bad guy."
Yeah, I know, I just thought it would be fun to have a couple of respected (but intimidating!) actors scare the bejesus out of everybody with arguments about the flaws in each other's operating system. You know, like Slashdotters. I'd watch it for the same reason I read Slashdot comments.:)
The commercial needs some intimidating stars, to reflect the intimidating arguments Mac and PC users perenially fling at each other. I say we get Alan Rickman to be the Mac, and Christopher Walken to be the PC. Then users can choose the lesser of two evils...
"I believe you should only be able to disclaim liability if you also disclaim all rights to control the product - ie. open source."
I agree wholeheartedly with that!
As for defending ignorance, I guess it does come across that way, but there's a subtle difference between defending a person's right to be ignorant and defending ignorance. Ignorance is no excuse for breaking the law, but it isn't, and it shouldn't, be against the law to be running a computer that has been invaded by a malicious user!
I hate to say it, but it's almost exactly like forcing a rape victim to pay a fine for wearing skimpy clothes while walking the streets at night. Is it a stupid thing to do? Sure. Is the person liable for being raped? No! And computer virgins regularly get raped, so to speak.
I certainly DO believe that users should take an active responsibility to learn how to use their computers well. I'm not defending the right to be eternally dumb, but I am saying that the average user shouldn't be penalized for not having above average technical skills, because obviously half the people are always going to be below average in that respect. I believe users should learn, and learning computers should be treated exactly like learning anything else: for example, if you're learning computer science in school, and you don't study, you get a failing grade, yes? But you don't get taken to court and fined for being a poor student. As for penalties, surely a fine counts a financial penalty, no?
I do agree with your point that vendors should assume liability to protect their users. And I do agree that people should be responsible for learning how to use their computers well, including about matters of security. But if we're going to make people pay for not knowing they should have installed Bogosoft's latest virus definitions, or installed Fakeware's latest anti-spyware-botware-nosyware product, I think that's going a bit too far.
I mean, where would this lead to? To use the tortured car analogy, should Uncle Bob and Aunt Alice be forced to complete a written and hands-on computer test before being allowed to use a computer to send an e-mail to Aunt Carol? Not that you are suggesting this, of course, but it doesn't sound that far-fetched when you use the car analogy for liability.
Should users pay internet insurance to their ISPs? I dunno. I think it's crazy, but I'm suddenly envisioning a society where that is the case. O Brave New World! You might be on to something after all.
"The problem is that one vendor selling one product will accept liability for that product - unless the users tinker with it! But pc's are general purpose products - made for tinkering."
I agree, and I don't want to see that changed. I don't really know the answer to who is financially liable in the Sony rootkit example, but the malicious user is certainly responsible for exploiting it. The real problem, as I see it, is that the malicious users don't have deep enough pockets to reimburse the businesses and people they hurt financially. But the US is so litigation-happy that Somebody Has To Pay, even if the ones paying are not guilty of the criminal act itself.
No worries. I'm all for open source!
But I disagree that Alice and Bob should be held liable, especially if they have neither knowledge nor intent to carry out a DoS attack. Do we really want to open a can of worms such that tens upon tens of thousands of users with unwitting botnet hosts are penalized? Every user has to start with a minimum level of knowledge, and the new user just doesn't know all the ins and outs of security. And it doesn't help that M$ touts, without fail, that their latest operating system is Secure and Stable. Why should users worry about it with such glowing endorsements? Especially when Microsoft's team of lawyers craft EULAs that specifically disavow any responsibility should their product not be Secure and Stable? Madness.
Yes, I think the world would be a better place using operating systems with open source, so that such security issues can be easily plugged, but until that day, why, I ask, should the Aunt Carols and Uncle Bobs be penalized when the only thing they're guilty of is not understanding that they've been shafted by malicious computer users and a EULA? It's all very well and good to say that users should protect themselves with updates, but between the time it takes for an exploit to be discovered and a patch to be implemented, that's the gray zone where the only ones liable are the malicious users, the ones that actually use the exploits for things like DoS botnets and the like.
I try not to dignify such people with the label "hacker" as I think it is an insult to the hardcore computer tinkerer.
Yes, I read that. But even in the real world, Aunt Alice is not criminally charged when her car is carjacked, whereupon the carjacker goes on a rampage mowing down pedestrians or other cars.
So it looks like what we have here is a difference between criminal liability and civil liability. At any rate the whole thing is probably moot because I've read that in order to be charged under this law, it has to be proven that "Aunt Alice" or "Uncle Bob" had the requisite knowledge and intent to carry out a DDoS attack.
I was merely speaking to the kafkaesque nightmare of being on trial and having no idea why you're on trial.
This car analogy is sometimes used to ridiculous extremes on Slashdot, and I think this is a perfect case. If we were going to push the car analogy to its logical reductio ad absurdum, they'd be REMOTE CONTROLLED CARS that malicious users have overridden the controls to, cars that then had little bombs strapped to them and rammed into buildings like some bad Hollywood movie. Do you seriously want Aunt Alice and Uncle Bob to be thrown in prison for remote-controlled carjacking?
I'm all for punishing the malicious, so long as users who are unwitting hosts for botnets and the like don't get thrown into prison simply for being ignorant. I'd hate to see Uncle Bob or Aunt Alice penalized that harshly just because they're too inexperienced to know when their system has been invaded by malware that could be used in DDOS attacks. That would be truly kafkaesque.
This Slashdot headline caught my eye because it perfectly epitomizes why I've grown disgusted with Microsoft:
"Vista to Allow 'One Significant' Hardware Upgrade"
Now I'm not a Microsoft hater. I don't think Bill Gates is the Antichrist, and I don't think Linus Torvalds is the second coming of Ada Lovelace. But ever since Windows introduced their WPA in Windows XP, I have lost a lot of respect for the Redmond juggernaut.
Recently I switched to Linux as my primary operating system, and except for the occassional old game on a DOS partition I'll be doing everything I need to do in Linux from now on. Heck, DOSBox runs just dandy on my distro.
I've lost respect for Microsoft, but you know what I've gained with Linux? A powerful operating system, sure, but what I'm going for here is control. If I have two PCs, I don't have to feel the slightest twinge of guilt about slapping the same copy of Linux on both machines. I don't have to feel like a criminal by hunting down a WPA crack in the event that the Almighty M$ decides to stop supporting my operating system. I don't have to feel pressured into upgrading to a more expensive OS just because my operating system, which works perfectly fine, is now deemed "obsolete." And I don't have to worry whether that OS I downloaded via Bittorrent has been laced with viruses and trojans by malicious script kiddies. And I don't have to worry about any license except the GPL, nor any copyrights except the copylefts.
I'm not gloating, and I'm not giving MS the finger. I'm just happy I jumped ship. I'm also happy to be the one who has the final say about what I can do with my operating system and my software. I can alter it, copy it, give it away, and download it all to my heart's content, with a clear conscience and a fatter wallet.
How's that for a significant upgrade?
Slashdot Mirror
That's the funniest thing I've read all day. :)
Introducing the FUD Missile.
BEWARE OF LINUX! It will melt your CDs, cause your fan to spin backwards, and your mouse will get scurvy. Friends don't let friends use Linux, and neither will a responsible vendor. There's a very good reason why Microsoft products are bundled with new computers- they are hardware friendly, and rich in vitamin C!
Spot on. I don't even belong to any of the shipping fandom communities, and I don't care for erotic fanfic. I say good riddance to the pedophiles! But alienating the fandoms was a MAJOR screwup, because fans are, well... fanatical about their fandom interests. Fandom counts, indeed. It's a pity many LiveJournal users had to read about all this on Slashdot and C|Net before hearing anything official about it from LiveJournal news.
Agent Lirpa Sloof is an evil, evil man.
Armagetron is truly awesome. It bodes well for open source gaming!
I'm probably tired, but my first thought was that in the ballpark stadium of the future, hot dogs will be made of Soylent Green.
"Ignorance of the law doesn't give you the right to break it."
Well, I agree, but as I pointed out earlier, it's not against the law to be the unwitting victim of a malicious user, and it's not against the law if you aren't up-to-the-second patched and updated with the latest securityware. We've moved way beyond the original scope of the article, which was about criminalizing DoS attacks, into a tangential area about financial liability for those who are unwitting accomplices in DDoS attacks.
Short of requiring forced competency tests and/or forced insurance (or "hackers insurance") to use the internet, I see no real practical and fair way to compare computer user liability with car user liability. In the end, I think implementing such measures would be draconian and would cause more thorny legal issues than they would actually solve.
Having said that, I think the saner of the two options is forced "internet insurance" that everyone, including you, should pay--because no matter how competent a user you are, no one, and I mean no internet user, is 100% immune from the malicious. Perhaps if Aunt Alice and Uncle Bob can pay a pittance to prevent being screwed first by the script kiddies, then by the courts, it might not be such a bad thing.
So instead of going 'round and 'round beating this rapidly dying horse I'll just say that from what I've read elsewhere it will have to be proven that the people charged with DoS attacks had both the requisite knowledge and intent to carry them out. And I'm fine with that.
"You're supposed to choose someone people DON'T like to play the part of the bad guy."
Yeah, I know, I just thought it would be fun to have a couple of respected (but intimidating!) actors scare the bejesus out of everybody with arguments about the flaws in each other's operating system. You know, like Slashdotters. I'd watch it for the same reason I read Slashdot comments. :)
Heh, there's no (+1 Groan) Just sayin'. :)
The commercial needs some intimidating stars, to reflect the intimidating arguments Mac and PC users perenially fling at each other. I say we get Alan Rickman to be the Mac, and Christopher Walken to be the PC. Then users can choose the lesser of two evils...
"I believe you should only be able to disclaim liability if you also disclaim all rights to control the product - ie. open source."
I agree wholeheartedly with that!
As for defending ignorance, I guess it does come across that way, but there's a subtle difference between defending a person's right to be ignorant and defending ignorance. Ignorance is no excuse for breaking the law, but it isn't, and it shouldn't, be against the law to be running a computer that has been invaded by a malicious user!
I hate to say it, but it's almost exactly like forcing a rape victim to pay a fine for wearing skimpy clothes while walking the streets at night. Is it a stupid thing to do? Sure. Is the person liable for being raped? No! And computer virgins regularly get raped, so to speak.
I certainly DO believe that users should take an active responsibility to learn how to use their computers well. I'm not defending the right to be eternally dumb, but I am saying that the average user shouldn't be penalized for not having above average technical skills, because obviously half the people are always going to be below average in that respect. I believe users should learn, and learning computers should be treated exactly like learning anything else: for example, if you're learning computer science in school, and you don't study, you get a failing grade, yes? But you don't get taken to court and fined for being a poor student. As for penalties, surely a fine counts a financial penalty, no?
I do agree with your point that vendors should assume liability to protect their users. And I do agree that people should be responsible for learning how to use their computers well, including about matters of security. But if we're going to make people pay for not knowing they should have installed Bogosoft's latest virus definitions, or installed Fakeware's latest anti-spyware-botware-nosyware product, I think that's going a bit too far.
I mean, where would this lead to? To use the tortured car analogy, should Uncle Bob and Aunt Alice be forced to complete a written and hands-on computer test before being allowed to use a computer to send an e-mail to Aunt Carol? Not that you are suggesting this, of course, but it doesn't sound that far-fetched when you use the car analogy for liability.
Should users pay internet insurance to their ISPs? I dunno. I think it's crazy, but I'm suddenly envisioning a society where that is the case. O Brave New World! You might be on to something after all.
"The problem is that one vendor selling one product will accept liability for that product - unless the users tinker with it! But pc's are general purpose products - made for tinkering." I agree, and I don't want to see that changed. I don't really know the answer to who is financially liable in the Sony rootkit example, but the malicious user is certainly responsible for exploiting it. The real problem, as I see it, is that the malicious users don't have deep enough pockets to reimburse the businesses and people they hurt financially. But the US is so litigation-happy that Somebody Has To Pay, even if the ones paying are not guilty of the criminal act itself.
No worries. I'm all for open source! But I disagree that Alice and Bob should be held liable, especially if they have neither knowledge nor intent to carry out a DoS attack. Do we really want to open a can of worms such that tens upon tens of thousands of users with unwitting botnet hosts are penalized? Every user has to start with a minimum level of knowledge, and the new user just doesn't know all the ins and outs of security. And it doesn't help that M$ touts, without fail, that their latest operating system is Secure and Stable. Why should users worry about it with such glowing endorsements? Especially when Microsoft's team of lawyers craft EULAs that specifically disavow any responsibility should their product not be Secure and Stable? Madness. Yes, I think the world would be a better place using operating systems with open source, so that such security issues can be easily plugged, but until that day, why, I ask, should the Aunt Carols and Uncle Bobs be penalized when the only thing they're guilty of is not understanding that they've been shafted by malicious computer users and a EULA? It's all very well and good to say that users should protect themselves with updates, but between the time it takes for an exploit to be discovered and a patch to be implemented, that's the gray zone where the only ones liable are the malicious users, the ones that actually use the exploits for things like DoS botnets and the like. I try not to dignify such people with the label "hacker" as I think it is an insult to the hardcore computer tinkerer.
Yes, I read that. But even in the real world, Aunt Alice is not criminally charged when her car is carjacked, whereupon the carjacker goes on a rampage mowing down pedestrians or other cars. So it looks like what we have here is a difference between criminal liability and civil liability. At any rate the whole thing is probably moot because I've read that in order to be charged under this law, it has to be proven that "Aunt Alice" or "Uncle Bob" had the requisite knowledge and intent to carry out a DDoS attack. I was merely speaking to the kafkaesque nightmare of being on trial and having no idea why you're on trial.
This car analogy is sometimes used to ridiculous extremes on Slashdot, and I think this is a perfect case. If we were going to push the car analogy to its logical reductio ad absurdum, they'd be REMOTE CONTROLLED CARS that malicious users have overridden the controls to, cars that then had little bombs strapped to them and rammed into buildings like some bad Hollywood movie. Do you seriously want Aunt Alice and Uncle Bob to be thrown in prison for remote-controlled carjacking?
I'm all for punishing the malicious, so long as users who are unwitting hosts for botnets and the like don't get thrown into prison simply for being ignorant. I'd hate to see Uncle Bob or Aunt Alice penalized that harshly just because they're too inexperienced to know when their system has been invaded by malware that could be used in DDOS attacks. That would be truly kafkaesque.
There's not a word about Elbonia.
That quote just made my day, ha!
This Slashdot headline caught my eye because it perfectly epitomizes why I've grown disgusted with Microsoft: "Vista to Allow 'One Significant' Hardware Upgrade" Now I'm not a Microsoft hater. I don't think Bill Gates is the Antichrist, and I don't think Linus Torvalds is the second coming of Ada Lovelace. But ever since Windows introduced their WPA in Windows XP, I have lost a lot of respect for the Redmond juggernaut. Recently I switched to Linux as my primary operating system, and except for the occassional old game on a DOS partition I'll be doing everything I need to do in Linux from now on. Heck, DOSBox runs just dandy on my distro. I've lost respect for Microsoft, but you know what I've gained with Linux? A powerful operating system, sure, but what I'm going for here is control. If I have two PCs, I don't have to feel the slightest twinge of guilt about slapping the same copy of Linux on both machines. I don't have to feel like a criminal by hunting down a WPA crack in the event that the Almighty M$ decides to stop supporting my operating system. I don't have to feel pressured into upgrading to a more expensive OS just because my operating system, which works perfectly fine, is now deemed "obsolete." And I don't have to worry whether that OS I downloaded via Bittorrent has been laced with viruses and trojans by malicious script kiddies. And I don't have to worry about any license except the GPL, nor any copyrights except the copylefts. I'm not gloating, and I'm not giving MS the finger. I'm just happy I jumped ship. I'm also happy to be the one who has the final say about what I can do with my operating system and my software. I can alter it, copy it, give it away, and download it all to my heart's content, with a clear conscience and a fatter wallet. How's that for a significant upgrade?