RE: What could have been done differently?

["Eric Germann" <ekgermann () cctec com>]

Not to sound to pro-MS, but if they are going to sue, they should be able to
sue ALL software makers.  And what does that do to open source?  Apache,
MySQL, OpenSSH, etc have all had their problems.  Should we sue the nail gun
vendor because some moron shoots himself in the head with it?  No.  It was
never designed for flicking flies off his forehead.  And they said, don't
use for anything other than nailing stuff together.  Likewise, MS told
people six months ago to fix the hole.  "Lack of planning on your part does
not constitute an emergency on my part" was once told to me by a wise man.
At some point, people have to take SOME responsibility for their
organizations deployment of IT assets and systems.  Microsoft is the
convenient target right now because they HAVE assets to take.  Who's going
to pony up when Apache gets sued and loses.  Hwo do you sue Apache, or how
do you sue Perl, because, afterall, it has bugs.  Just because you give it
away shouldn't isolate you from liability.

Eric



> * Companies need to hold each other responsible for bad software.
>   Ford is being sued right now because Crown Vic gas tanks blow
>   up.  Why isn't Microsoft being sued over buffer overflows?  We've
>   known about the buffer overflow problem now for what, 5 years?
>   The fact that new, recent software is coming out with buffer
>   overflows is bad enough, the fact that people are still buying
>   it, and also making the companies own up to their mistakes is
>   amazing.  I have to think there's billions of dollars out there
>   for class action lawyers.  Right now software companies, and in
>   particular Microsoft, can make dangerously unsafe products and
>   people buy them like crazy, and then don't even complain that
>   much when they break.
>
> --
>        Leo Bicknell - bicknell () ufp org - CCIE 3440
>         PGP keys at http://www.ufp.org/~bicknell/
> Read TMBG List - tmbg-list-request () tmbg org, www.tmbg.org