[KLUG Advocacy] Re: Battle Creek vs ORBZ
Mike Williams
advocacy@kalamazoolinux.org
Sun, 24 Mar 2002 05:47:53 -0500
On Sat, 23 Mar 2002 11:29:04 -0500, members-request@kalamazoolinux.org >
>Laura Atkins, newly installed president of the non-profit anti-spam
>outfit
>SpamCon Foundation, said the code changes needed to correct the bug
>was
>"trivial" but one Gulliver, for one reason or another, was unwilling
>to
>correct."
>
>http://www.internetnews.com/bus-news/article/0,,3_995251,00.html
>
>I would criticize Battle Creek for continuing to use a server with
>known
>vulnerabilities. But just because Gulliver wears a white hat
>doesn't mean
>that he can write buggy code, know about problems that cause a
>server to
>crash, and continue to use the code on servers owned by others. He
>should pay the City for the time it took to get the server back up,
>and for
>any losses incurred.
So, the city of Battle Creek is suggesting that it's the responsibility of
THE WHOLE INTERNET to play nice with their server and not send it anything
it doesn't like? When you put a server on the Internet, you are making if
available to the whole world. The responsibility of keeping a server from
crashing, spamming, polluting the Internet with bad packets, or whatever
lies solely on the entity that set it up. Server's are supposed to
interact with the Internet using established protocols. If a server is
unable to respond properly to a combination of established requests (heck,
any requests) without crashing, that is the server's fault, not the person
who managed to bring it down. Even in the case of malicious hacking, the
manager of the server bears responsibility for being caught napping.
The above is, of course, my own personal opinion. I make no guarantees
that it's worth anything more than what you paid for it.