Laurence F. Sheldon, Jr. wrote:
Even if the water company is sending me 85% TriChlorEthane?
Right. Got it. The victim is always responsible.
There you have it folks.
Being resposible as network manager, if I think something is strange and I nor my staff
can fix it. I call for help. Either Vendor support, a good consultant, or community help.
In many cases the Victim always has some portion of responsibilty.
If I leave a Windows 2000 server SP 0 no security fixes on my network, get it hacked and have
a lawsuit cause XYZ company caught a hacker attack from it.... who is the Victim? who is responsible?
This may be exactly what that guy did....
I think Sean sent out the California law reference last year that said the VICTIM of a security
breach must report it to their customers...
I think we have alot of operational issues that we must look at here..
What do we do?
Many AUP's I have seen would have shut down that customer, if someone complained.....
Does this mean if we go to a for profit bandwidth charge system that we let people destroy others with the worms
they have for money we would get chargeing for the worm attack?