I love IP Tables....

Wed May 30 18:22:55 UTC 2007

Les wrote:
> On Wed, 2007-05-30 at 08:02 -0600, David G. Miller wrote:
>> Les <hlhowell at pacbell.net <mailto:hlhowell at pacbell.net>> wrote:
>>
>> > One thing missing in this discussion is the scale of costs.  No
>> > individual, outside of maybe Bill Gates could begin to repay for the
>> > damage caused by a rogue computer spreading a virus.  Nor can one
>> > individual be even considered of being capable of patching a flaw in a
>> > piece of readily available software of proprietary nature (remember that
>> > "reverse engineering" is banned by most user license agreements.)  So
>> > lets say you get a law passed that puts the onus on an individual.  You
>> > get hacked, and the hacker uses a bit of code inside your system to
>> > "spiff up" his latest virus/worm program.  Your name is in the code
>> > (courtesy of the memory map when your bit was built).  Now that code
>> > breaks out and infects 200,000 systems, bringing them to their knees.
>> > You had all the good AV stuff installed, the system had a firewall, but
>> > this particular hacker managed to slip by
>> As I have mentioned several times in my postings on this subject, the 
>> law usually considers whether you have taken "reasonable and customary" 
>> measures to protect against such things.  Especially, see my previous 
>> posting regarding a joyrider stealing a car.
>>
>> Self-propagating viruses act a lot like the real thing.  It doesn't take 
>> a 100 percent inoculation rate to stop a real virus from spreading; only 
>> getting enough of the population protected that the probability that the 
>> infection can spread is low. One of the problems is that way too many 
>> computer users don't understand their vulnerability and how harmful 
>> having a vulnerable system is.  This is what needs to change.
>>
>> We've already seen a number of attack vectors go out of favor as a 
>> certain large software vendor has patched the security holes in it's 
>> operating system and other products.  If a significantly larger 
>> percentage of users were to install effective AV software, the problem 
>> would drop significantly.  I'm not saying it would go away but we would 
>> probably see the people who write such software look to other 
>> approaches.  Some of these might initially be successful but having a 
>> larger percentage of systems running effective AV software would mean 
>> that such problems would rapidly be contained.
>>
>> It would be nice if that same software vendor were to tighten up their 
>> product rather than rely on after the fact patches like AV software.  
>> Being as how their behavior has barely changed in over 25 years, I'm not 
>> holding my breath.
>>
>> Cheers,
>> Dave
>>
>> -- 
>> Politics, n. Strife of interests masquerading as a contest of principles.
>> -- Ambrose Bierce
>>
>>     
> Agreed, but when schools are dropping laptop support because they say 
> it "impeded education", how on earth can we get people educated about 
> what the computer can and cannot do, and how to use it appropriately.
>
>     There are basic skills necessary for life in the modern world, 
> such as taxes, driving, and computing among others that are poorly 
> addressed by our schools.  Not just in the US, but world wide from 
> what I can tell.  How will that change by passing a law that 
> persecutes people for ignorance when the folks responsible for 
> removing ignroance don't have the basic knowledge required?
>
> Regards,
> Les H 
Ignorance - a crime against humanity,
 have to admit it has a bit of a nice feel with it.