David G. Miller wrote: > We don't hold a manufacturer of any other product liable for how their > product gets used. Guns are probably the best example. Although there > have been attempts, gun manufacturers aren't held liable for whatever > use their product is put to. Likewise, as long as a gun owner takes > customary and reasonable precautions against unauthorized use (e.g., a > gun safe, locking away key components, etc.), we don't hold a gun owner > liable if some steals his gun and then uses it in a crime. On the other > hand, if a gun owner doesn't take reasonable precautions and someone > gets hurt, they are not just liable but criminally culpable. > But we do hold them liable for providing defective products. We would hold a gun manufacturer liable if the gun blew up when you fired it. We hold a car manufacture liable if the gas tank blows up on you. Why not a software publisher that provides an insecure system by default? Do they have a responsibility to provide a quality product? Especially if they are a monopoly or near monopoly? When you make design decisions that put ease of use, and market lock in ahead of security, aren't you responsible for the results? (Ingratiating the web browser into the OS to lock out a competitor's software, or setting the mail program to execute attachments by default that can modify the system so that you can do remote administration of a machine, even though most machines are not going to use the "feature", and it puts machines at risk...) In almost any other industry, they would be liable for the damages they caused by these kinds of design flaws. Mikkel -- Do not meddle in the affairs of dragons, for thou art crunchy and taste good with Ketchup!
