[Infowarrior] - Proposal for a "US Cyber Health Agency" ?!?
Richard Forno
rforno at infowarrior.org
Fri Jun 15 12:48:38 UTC 2007
The slides for this chap's talk are located here:
http://www.securityfocus.com/brief/526?ref=rss
One point instantly jumped out at me:
> One could argue that if an operating system or application was properly
> designed and coded, it would not be broadly vulnerable to infection, and thus
> the ultimate responsibility for any infestation lies with the maker of the
> apparently defective operating system (or the maker of a defective
> application)Š
>
> But, vendors usually license their products ³as-is² with extensive
> disclaimers, thereby doing their legal best to completely eliminate any and
> all liability they might have had if they¹d sold a defective product.
....but instead of changing commercial law to remedy this "as-is" licensing
loophole that would help hold vendors accountable for product quality AND
reduce (to some degree or other) the potential for vulnerabilities, this
presentation instead proposes a massive federal bureaucracy to provide
*voluntariy*-requested prophylatic services?
He brings up some good points and shortcomings elsewhere in the
presentation, but I have zero confidence that such a "cyber health agency"
would be anything but a PR stunt to show the public that the government is
doing "something, anything" in the name of Internet security.
-rf
More information about the Infowarrior
mailing list