1999-07-26-22:28:00 Michael H. Warfield:
>[ embedded microcrontrollers w/ fragile IP stacks ]
> Now... Who ya gonna sue. Microware (the OS-9 vendor), the maker
> of the controller that selected OS-9, the vendor for the router that allowed
> an ICMP redirect through, the network administrator who didn't isolate these
> smart controllers from the rest of the network, the dude who was playing
> with a new toy that just happened to emit an ICMP redirect to a directed
> broadcast network, or the maker of said toy? All of the above? None of
> the above? Hmmm???
This is America; you sue nobody unless you have money to spend on lawyers;
then you sue everybody in the neighborhood with deep pockets, who can make it
worth your while.
But the suit for which I'd enjoy being expert witness would be the suit
against the security admin who set things up so that untrusted people --- or
people who don't know any better --- can fling ICMP redirects against the
microcontrollers.
> And, of course, remember all of those lovely disclaimers for
> "fitness of use" that exists in all of those shrinkwrap licenses.
Ayup. I avoid binary-only licensed software in security-critical settings,
myself; so when folks insist on using that sort of disreputable crud, I take
care to protect it well.
-Bennett
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
