funsec mailing list archives
Re: ruling: liability for providers who don't act on clients' illegal activities?
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Wed, 09 Sep 2009 00:06:30 +1200
Rob Thompson to me:
No -- to stick with your grievously weak analogy, it is much more like very heavily (punitively -- get it?) fining a bank and its manager for repeatedly cashing fraudulent checks _from one known fraudster_.Point taken. I still do not agree with it. I think that it is a piss poor job on behalf of law enforcement. Get the _one known fraudster_ that is committing the actual act. BEFORE it is permitted to be repeated.
You say that as if it is easy, if even always possible, to get the "right" (i.e. "wronging") person. Yes, that would be the _ideal_ result. The reality however, is that we don't live in anything approaching that ideal world. Doubly so "on the ineternet" as many of the mechanisms that are currently in place are devised to be "approximtely ideal" for an entirely different threat model (a closed, physical, military network) than the "open sewer" public internet model we actually have. Those differences mean that not only, in the face of "failure" _will_ collateral damage be greater, BUT it likely will be necessary _AND_ quite acceptable. Idealists might shit bricks because of this, but they should have struck out for a better internet than one based on the totally inadequate security model of assuming an enforceable militaristic _physical access_ control structure...
Now if the hosting site is hosting (as in advertising, come here to host your illegal warez for $$$) to cater to the criminal, that's another story. But that isn't how I am interpreting this. I am interpreting this as sheer laziness and quite frankly it's rather pathetic. Passing the buck isn't okay. We count on the schools to raise our kids and the ISP to police the interwebs. Bullshit!
"Laziness" is no better legal defense than "ignorance". At its base, "I didn't now I was doing wrong" is no better than "I couldn't be arsed to not do wrong". Of course, that doesn't mean that there aren't LOTS of int-duh-net "businesses" heavily based on that model, but neither they nor you should expect any sympathy _from folk who give a fuck_ if even _some_ of those businesses get their lazy, dumb arses hauled over the legal coals to the point where they go out of business. (My main regret here is that none of the truly grossly culpable such players will EVER face charges -- we should really start with ICANN and work our way down...) <<big snip>>
Guns don't kill people, people kill people??? Let's get Remington on the phone. If you didn't sell the gun to the gas station robber, he wouldn't have knocked off those seven petrol stands...
Well, in civilized communities, there is a fair sentiment in favour of holding the gun "pushers" responsible for their actions, yes... But you probably live somewhere where that such intellectual informedness is unable to evolve -- Pakistan, Afghanistan, Iraq, USA??? Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: ruling: liability for providers who don't act on clients' illegal activities?, (continued)
- Re: ruling: liability for providers who don't act on clients' illegal activities? Nick FitzGerald (Sep 08)
- Re: ruling: liability for providers who don't act on clients' illegal activities? der Mouse (Sep 08)
- Re: ruling: liability for providers who don't act on clients' illegal activities? John Bambenek (Sep 08)
- Re: ruling: liability for providers who don't act on clients' illegal activities? Valdis . Kletnieks (Sep 08)
- Re: ruling: liability for providers who don't act on clients' illegal activities? Nick FitzGerald (Sep 08)
- Re: ruling: liability for providers who don't act on clients' illegal activities? David M Chess (Sep 08)
- Re: ruling: liability for providers who don't act on clients' illegal activities? John Bambenek (Sep 08)
- Re: ruling: liability for providers who don't act on clients' illegal activities? Ned Fleming (Sep 08)
- Re: ruling: liability for providers who don't act on clients' illegal activities? der Mouse (Sep 08)
- Re: ruling: liability for providers who don't act on clients' illegal activities? Paul M Moriarty (Sep 08)
- Re: ruling: liability for providers who don't act on clients' illegal activities? Nick FitzGerald (Sep 08)
- Re: ruling: liability for providers who don't act on clients' illegal activities? der Mouse (Sep 08)
- Re: ruling: liability for providers who don't act on clients' illegal activities? John Bambenek (Sep 08)
- Re: ruling: liability for providers who don't act on clients' illegal activities? nick hatch (Sep 08)