Gary Flynn wrote:
> [EMAIL PROTECTED] wrote:
>
>> Unless the law requires all Internet connections to have
>> firewalls/virus detection/intrusion detection/strong authentication/ect. it
>> is perfectly legitimate for a small business to not have a secure network
>> that they do not need nor can they afford to pay for as long as they don't
>> have confidential material like personal information on customers on those
>> systems.
>
> By that argument wouldn't it be legitimate for an airline not to provide
> proper airplane maintenance because its complex and expensive?
Obviously not; You can die if an airplane fails. If someone gets your
credit card number, the worst thing that happens to you is you're out
$500. That is of course only with a debit card; Actual credit cards will
let you off with less loss.
> Or a radio station not to properly monitor their out of frequency emissions,
> power output, and distortion because its expensive and complicated?
This and other such examples which you cite are of course already
covered by government regulatory bodies. Arguably, perhaps the same
should be done to commerce sites.
> What about the "attractive nuisance" argument? If I habitually leave my
> keys in my car next to a playground and a kid climbs in, drives off,
> and hurts someone, am I responsible?
Again, this is nonsensical. No one is going to kill someone with your
credit card number. And we're not even talking about buisnesses which
HAVE credit card information ("...as long as they don't have
confidential material like personal information on customers on those
systems.") So you're comparing something that won't hurt anyone (though
it may create some work for some systems admins) to something that kills
someone. That doesn't make any sense at all. Why are you attempting to
draw a parallel between death and annoyance?
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
