On 20/11/12 15:17, David F. Skoll wrote:
On Tue, 20 Nov 2012 15:10:57 +0000
Ned Slider<n...@unixmail.co.uk> wrote:
Personally I'd like to see some large corporates go after some
infected home users in the courts for wilful damage.
I think they'd lose. Most home users could make a compelling case
that they were unaware of the infection and lacked the technical
know-how to prevent it or clean it up.
Ignorance is no defence, at least in the UK. I lack the technical skills
to ensure my car is safe to drive on public highways but the law compels
me to make it so regardless. Why should the Information Superhighway be
treated any differently? The damage caused is just as costly to the
victims, if not life threatening.
You wouldn't be allowed to take a vehicle unfit for purpose on the
public highway and cause damage to others without facing some form
of recompense. So why do we allow PCs unfit for purpose on the
public Internet and let the owners get away with the damage they
cause? They need to be held responsible.
Would you approve of a Ralph Nader-like approach of suing Microsoft
for knowingly producing defective and insecure software? Detroit was
shamed, bullied and sued into improving the safety of its cars; do you
think that could work with Microsoft?
I don't know who Ralph Nader is.
I believe that case has already been fought and lost - I believe a judge
has already ruled that it's unreasonable to expect something as complex
as a modern OS (with many millions of lines of code) not to have flaws.
Not saying I necessarily agree, but...
And who would you go after to improve the safety of open-source systems
like Linux?
I would suspect the above ruling sets a precedent that would similarly
apply to Linux, but I'm not a lawyer.
I think ISPs imposing penalties for abusers is more realistic than any
options through the courts.
You are probably right. Major copyright holders have very publicly
pursued members of the public guilty of downloading copyrighted material
but yet that seems to have done little to change attitudes or stop the
offense so I doubt my proposal would fair any better.
Equally though, I am in absolutely no doubt that ISPs will never fine
their own users unless they are legally required to do so - it would
simply be bad business. ISPs simply do not care if their home users are
infected - it makes absolutely no difference to them. They have the
tools to detect and prevent wide scale abuse yet very few do because it
adds a cost implication with little or no perceivable benefit to the
customer.
Probably a better proposition would be to fine the ISP for every
infected PC on their network - that would get their attention. Then they
are free to pass on that cost to the infected user should they wish. Or
they could just choose to run a tighter ship in the first place to
minimize fines/costs.
