On Friday, August 29, 2003 8:24 AM, Charles Ballowe wrote: > Interesting -- the net cost of the worm is actually a net > $0.00. For every penny that a company chalks up as a cost to > the worm, some other company must be chalking up the cost as > a profit from the worm.
Forgive the comment, but that statement is very untrue. As someone else hinted, companies are diverting manpower from other projects to tackle the worm. No other company is benefitting from that expenditure. Then there is the case of academic and medical establishments, of which I can speak from experience. There were some additional costs in hiring contractors. But the biggest cost was the diversion of (my estimate) hundreds of man-weeks to analyzing, patching, remediating, mitigating these worms from other projects. That wasn't money lost, that was time lost. And the faculty, staff, students, and everyone who depends on that work loss. I won't go into fuller details, but because of the heavy dependence of computing in biotechnology and medical fields, these worms and other security problems have a larger societial cost. Most university medical research comes from fixed grants. When you are always trying make those limited resources stretch, diverting money and time to nonsense like this is very, very frustrating. These problems do delay medical research and adds to the cost of medical research without giving human benefits. I wish these misceates would consider those implications before converting a lab server into a warez server when they get hit with a leading-edge or rare illness. cdv ------------------------ Chris DeVoney Clinical Research Center Informatics University of Washington [EMAIL PROTECTED] 206-598-6816 ------------------------ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html