On Sat, 16 Jan 2016 11:09:27 -0800, Owen DeLong said: > > Making the owner of the host responsible for an attack -personally- > > responsible would require every grandma & 6 year old to have insurance > > before > > buying a laptop or Xbox. And would bankrupt your favorite startup no matter > > how > > smart & competent the first time a zero-day caught them by surprise.
> Agreed⦠I think, instead, that the commercial purveyors of vulnerable > software > should be held liable. And this is another one that needs *really* careful definitions. How much time does Redhat get to patch a bug in (say) OpenSSH or the kernel or any other package from upstream, before you want to hold them liable?
pgpg8YjlIAiXC.pgp
Description: PGP signature