Forwarded by: William T. Barrett <wtbat_private> Interesting thoughts. I thought I would just comment on some of the more salient points. I tried to use humor to point out the absurities, but it probably just comes across as being a asshole. > How about making providing software, with security bugs, for > commercial use a felony or something that no disclaimer can waive > responsibility for ? Maybe it should be a felony to release any > software package with any known bugs or in doing so a software > manufacturer voids any claim to hiding behind a disclaimer. <sarcasm> Oh great idea. And we know what a great job those people in Washington do writing laws for the computer industry. I mean with the widespread succes of the DMCA and the so called Child Online Protection Act and of course the 1996 comunications decentcy act. </sarcasm> > What about going a step further and including deploying software > with security bugs a felony, that way making system admins take > more care in the software they install. Were you dropped on your head as a child? It's stressful enough to do this job without the threat of going to jail for fogeting to install a patch. Of course there wouldnt be a patch to put on because that would mean that a flaw exists in the firstplace and therefore you are admiting guilt to the first one. > I don't care if the cost of software increases ten fold or it > takes five times as long to get it out the door, our current > industry wide practices are simply not good enough. It is time > that was fixed. well bully for you. personally I have a hard enough time squeezeing pennies out for the stuff we use now. While you aperently have a unlimited budget to work with in the real world most companies cant afford that. > How much would it cost Microsoft to do extensive testing of > Windows XP, prior to launch, searching for buffer overflows (for > example) in every DLL routine, etc, vs how much it will cost the > world to clean up later as the bugs get reported ? Oh yes the "billons" of dollars these incedents cost. You know I would like to see somebody be able to explain exatly how they come up with these numbers. I'm pretty sure it includes the terms "pulling" and "ass". > Look at all the i's which need dotting and t's which need crossing > if you want to make a vehicle to drive on the roads, never mind > sell to others. I have yet to hear of anyone getting killed in a computer crash. (he was surfing under the infulence and formated a family of six!! right.) > Why do we accept a complete lack of such standards in the software > industry? Probably because it is virtualy impossable to check billons of lines of complex code and find every single possable error. But that's just my oppinion. > Unfortunately to get anything along these lines requires lobbying > politicians to get them to understand and write the correct bill. goto <sarcasm> -WTB - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Aug 09 2001 - 06:33:44 PDT