On Sat, 16 Jan 2016 11:09:27 -0800, Owen DeLong said:

> > Making the owner of the host responsible for an attack -personally-
> > responsible would require every grandma & 6 year old to have insurance 
> > before
> > buying a laptop or Xbox. And would bankrupt your favorite startup no matter 
> > how
> > smart & competent the first time a zero-day caught them by surprise.

> Agreed… I think, instead, that the commercial purveyors of vulnerable 
> software
> should be held liable.

And this is another one that needs *really* careful definitions.

How much time does Redhat get to patch a bug in (say) OpenSSH or the kernel
or any other package from upstream, before you want to hold them liable?

Attachment: pgpg8YjlIAiXC.pgp
Description: PGP signature

Reply via email to