Re: Debian Investigation Report after Server Compromises

From: Vineet Kumar (vineet_at_doorstop.net)
Date: 12/03/03

  • Next message: Paul Morgan: "Re: Debian Investigation Report after Server Compromises" 
    Date: Wed, 3 Dec 2003 13:58:11 -0800
To: debian-user@lists.debian.org

    * Paul Johnson (baloo@ursine.ca) [031202 23:01]:
    > On Tue, Dec 02, 2003 at 04:11:33PM -0500, Paul Morgan wrote:
    > > Ther is always a conflict between security and openness. MS's approach
    > > has always been not to say anything until a fix has been propagated; they
    > > are often criticized for that, but I'm sure they'd be deluged in lawsuits
    > > from compromised system owners if they advertised the exploit to bad guys
    > > before they had a fix.
    >
    > Microsoft could easily sidestep those by pointing to their EULA: You
    > agree not to sue them due to faults in their software.

    Sidestepping lawsuits from a million angry customers isn't really a
    "win". They are, after all, a business -- one with customers, no less.
    The way to keep your customers paying for upgrades isn't to piss them
    off and then hide behind your EULA; it's to keep their customers happy.
    If their customers can hear about a problem only when it's been fixed,
    it makes Microsoft look like the good guys: "Hey, by the way, we fixed
    this problem you didn't even know about." If there's an exploit in the
    wild before a fix is available, the PHBs hear it on the local news
    first, which is not good. It's not about lawsuits, it's just simple
    business sense -- you have to keep your customers happy.

    good times,
    Vineet 

    -- 
http://www.doorstop.net/
-- 
One nation, indivisible, with equality, liberty, and justice for all.



    -- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
  • Next message: Paul Morgan: "Re: Debian Investigation Report after Server Compromises"

    Relevant Pages

    • Re: The Great Tim Hortons Coffee Cup Trial
      ... the company's attempt to replace Roll Up the Rim with Dig Into A ... Hundreds of lawsuits were filed by customers who ...
      (alt.coffee)
    • Re: Have I lost my external hard drive data forever?
      ... Lots and lots and lots of lawsuits. ... M$ customers have years of experience at having their data ... Suits almost never get what they deserve for screwing up. ... many suits lost their jobs at the companies responsible for taking down ...
      (comp.sys.mac.system)
    • Re: BT & DD
      ... told these customers that it MUST be paid on one specific day, ... So why does BT offer this period in which to pay if it doesn't make ... After all, you're all for good business sense, ... They started taking credit cards, ...
      (uk.legal)
    • Re: EULA Issues
      ... non-lawyerly explanation of our EULA. ... should explain specific issues of interest and concern to customers. ... of work to make older source work under the newer ... Fifty bucks, a hundred bucks, ...
      (borland.public.delphi.non-technical)
    • Re: *** Buxton - BIG PROBLEM ***
      ... "Please don't raise your voice in front of my customers. ... Bloody great business sense, that madam!" ... she's just turned down a complete private bar plus at least 20-30 ...
      (uk.music.guitar)