Le jeu 13/05/2004 à 18:17, Aaron Gee-Clough a écrit :
> Duquette, John wrote:
> > Why not punish all the admins/users who failed to patch their systems in
> > time as well.
> Because they didn't break the law. It's really that simple.
In France, there's a law that says you have to furnish available means
to appropriatly protect systems that personnal datas (names, addresses,
telephone numbers, CC numbers, etc.). However, it is not strict, so you
can justify a patch delay for validation means or anything else that
obviously prevent you to patch, in particular if you can produce a
workaround.
But doing nothing at all (no patch, no workaround) simply break the law.
-- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.htmlReceived on Thu May 13 22:38:49 2004
This archive was generated by hypermail 2.1.8 : Thu May 13 2004 - 23:06:56 EDT
