Full Disclosure mailing list archives
RE: Web sites compromised by IIS attack
From: "joe" <mvp () joeware net>
Date: Sat, 3 Jul 2004 10:22:39 -0400
Heck I wouldn't mind seeing that in just electrical, natural/propane gas, and water services. Delivery of those products is considered a service. Getting that in software is a pipe dream if you can't get it in core services aka utilities such as the ones listed which are considered "critical". I also happen to disagree with your conclusion. I think you would find that the software service providers would be more focused on setting up rules under which they will offer you an SLA in terms of what hardware, what software, who modifies the machine. I have been in the computer support industry in various ways for quite a while and almost always working with SLAs. Quality isn't the big thing you see in SLAs, it is holes to get out of having to perform to the SLA level. Dragging lawyers into the software arena is not going to help anything. You want to drag lawyers somewhere, consider some place wet and deep. The legal world is not, in my opinion, making this a better world to live in. Just more lawsuit prone. joe -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Gilbert Pilz Sent: Thursday, July 01, 2004 9:52 PM To: FULL-DISCLOSURE () lists netsys com Subject: RE: [Full-disclosure] Web sites compromised by IIS attack With a "software as a service model" *combined* *with* measurable and verifiable service level agreements (where breaching the agreement results in refunds or other financial penalties) I think you would find that the service providers would be much more focused on quality and security because they have a direct financial interest in making sure the service remains up and operating correctly. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Web sites compromised by IIS attack, (continued)
- Re: Web sites compromised by IIS attack Barry Fitzgerald (Jul 06)
- Re: Web sites compromised by IIS attack Ron DuFresne (Jul 02)
- Re: Web sites compromised by IIS attack Maarten (Jul 03)
- Re: Web sites compromised by IIS attack Valdis . Kletnieks (Jul 02)
- Re: Web sites compromised by IIS attack Nick FitzGerald (Jul 02)
- Re: Web sites compromised by IIS attack Frank Knobbe (Jun 30)
- Re: Web sites compromised by IIS attack Denis Dimick (Jul 01)
- Re: Web sites compromised by IIS attack Frank Knobbe (Jul 01)
- RE: Web sites compromised by IIS attack joe (Jul 01)
- Re: Web sites compromised by IIS attack Denis Dimick (Jul 01)
- RE: Web sites compromised by IIS attack joe (Jul 03)
- Re: Web sites compromised by IIS attack Ron DuFresne (Jul 03)
- Re: Web sites compromised by IIS attack Jason Coombs (Jul 04)
- Re: Web sites compromised by IIS attack Valdis . Kletnieks (Jul 08)