nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Nato warns of strike against cyber attackers

From: Owen DeLong <owen () delong com>
Date: Wed, 9 Jun 2010 05:43:52 -0700

On Jun 9, 2010, at 5:28 AM, Joe Greco wrote:


No, but we can and do require cars to have functional brakes and 
minimum tread depths, and to be tested periodically.

Obviously this is acceptable because the failure modes for cars 
are worse, but the proposed solution is less intrusive being after the fact.


Grandma does not go check her tread depth or check her own brake pads and
discs for wear.  She lets the shop do that.  I was hoping I didn't have to
get pedantic and that people could differentiate between "I pay the shop a
few bucks to do that for me" and "I take responsibility personally to drive
my car in an appropriate fashion" (which includes things like "I take my
car to the shop periodically for maintenance I don't have the skills to do
myself"), but there we have it.


Whether grandma measures the tread depth herself or takes it to the shop,
the point is that grandma is expected to have tires with sufficient tread
depth and working brakes when she operates the car. If not, she's liable.
If she drives like the little old lady from Pasadena, she's liable for the 
accidents she causes.


My point: We haven't designed computers for end users appropriately.  It
is not the fault of the end user that they're driving around the crapmobile
we've provided for them.  If you go to the store to get a new computer, you
get a choice of crapmobiles all with engines by the same company, unless 
you go to the fruit store, in which case you get a somewhat less obviously
vulnerable engine by a different company.  The users don't know how to take
apart the engines and repair them, and the engines aren't usefully protected
sufficiently to ensure that they don't get fouled, so you have a Problem.


The end user should be able to recover from the responsible manufacturer
for the design flaws in the hardware/software they are driving. Agreed. That
is how it works in cars, that's how it should work in computers.

What I don't want to see which you are advocating... I don't want to see
the end users who do take responsibility, drive well designed vehicles
with proper seat belts and safety equipment, stay in their lane, and
do not cause accidents held liable for the actions of others. Why should
we penalize those that have done no wrong simply because they happen
to be a minority?

Owen
Previous By Date Next
Previous By Thread Next

Current thread: