Full Disclosure mailing list archives

Re: EULA

From: David Hayes <david.hayes () mci com>
Date: Tue, 9 Sep 2003 14:08:04 -0500

So, if a HIPAA site uses Windows and accepts the SP3 EULA, they're
screwed.  If a HIPAA site uses Windows and does not accept the SP3
EULA, they're screwed.

Logical conclusion, if a HIPAA site uses Windows, they're screwed.
Thus they should use a different OS?

-- 
David Hayes    Network Security Operations Center     MCI Network Svcs
email: david.hayes () MCI com      vnet: 777-7236     voice: 972-729-7236


On Mon, Sep 08, 2003 at 01:13:21PM -0400, Valdis.Kletnieks () vt edu wrote:

On Mon, 08 Sep 2003 08:43:14 PDT, D B <geggam692000 () yahoo com>  said:

does the EULA of microsoft violate lawyer client
privilege ..... as in  if my lawyer is using windows
is he violating my rights


I can't speak for the legal profession, but the SP3 EULA (the one where you agree to
allow Microsoft to install, without warning or notification, anything labelled a "security
patch", even if it breaks 3rd party software), is known to be very bad mojo for sites
covered by HIPPA, because it cedes software change control.

Of course, if you fail to agree to the EULA and you're a HIPPA site, you're still screwed
because then you can't install post-SP3 patches.



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

EULA D B (Sep 08)
- Re: EULA Jonathan Rickman (Sep 08)
- Re: EULA Valdis . Kletnieks (Sep 08)
  - Re: EULA David Hayes (Sep 09)
    - Re: EULA Gregory A. Gilliss (Sep 09)
    - Re: EULA Curt Purdy (Sep 09)
    - RE: EULA Frank Jaffe (Sep 09)
- <Possible follow-ups>
- RE: EULA Jerry Heidtke (Sep 09)