> > In my view, the responsibility for NIMDA lies clearly in Microsoft's lap > > and the lap of the author, but there is plenty of blame to go around. I > > say forget about telling the ISPs what to do - start a class action suit > > against Microsoft for putting this crap into the market knowing full > > well how it might be exploited and knowing full well that it was > > choosing time to market over quality. The class is all users of > > Microsoft IIS servers and every person who has a system that has been > > affected by the virus. The dmages are the total cost of all actions > > taken to defend against or monitor this infection, in cluding all time > > taken by all parties involved. Put them out of business unless and > > until they can act responsibly. > > You should read the agreement you (and everyone else) just clicks "Agree" to > whenever you install a piece of software (not just MS). I am not a lawyer > but as far as I can tell it means "You accept that you are paying for this > product as is and we make no guarantee that it will be secure, reliable, > compatible, works as advertised or will even work at all" > > This is standard throughout the software industry, and no other industry in > the world is allowed to operate under these terms. Anyone know whether > clicking that Agree button removes all your rights to legal recourse? I > would've thought it would; that's why they put it in. > > S. :) What many people fail to understand is that there is something called an implied warranty of sale that cannot be voided, even under contracts such as these. It is typically defined in terms of 'suitability for purpose'. Thelegal issues surrounding the non-warranty for software has never been setteld - and it should - and this would be a great case to do it with. FC --This communication is confidential to the parties it is intended to serve-- Fred Cohen Fred Cohen & Associates.........tel/fax:925-454-0171 fcat_private The University of New Haven.....http://www.unhca.com/ http://all.net/ Sandia National Laboratories....tel:925-294-2087 ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Sep 27 2001 - 20:59:49 PDT