http://www.nj.com/business/ledger/index.ssf?/base/columns-0/1064123645277820.xml

Sunday, September 21, 2003

Another week, another security flaw shows up in personal computers
running Windows.

Many PC owners were caught off guard by the most recent attacks, known
as "Blaster" and "Sobig." Many people opened e-mail attachments, only
to learn they were infecting their PCs with malicious code and
spreading a virus. Others found their computers shutting down
unexpectedly.

Frustrated, virus-plagued PC users might wonder why Microsoft isn't
being deluged with lawsuits stemming from vulnerabilities in its
Windows operating software. Despite Microsoft's much-hyped
"Trustworthy Computing" campaign, flaws in Windows have allowed
hackers to strike computers around the world.

If other companies are subject to lawsuits arising from product
defects, why not Microsoft?

According to legal experts, the agreements computer users click and
approve when they install software, known as "end-user license
agreements," essentially immunize the product's manufacturer from
liability for everything from crashes to viruses. Think about that the
next time you click "I agree" when installing a game or spreadsheet.

You aren't just proceeding to the next step in the installation -- you
are also approving an agreement with legal consequences.

Other products, such as toys or cars, don't come with a mechanism to
require consumers to okay written agreements before using them. In
such cases, consumers may be able sue for damages by claiming the
manufacturer was negligent. And fear of those suits and monetary
damages give the product makers a big incentive to fix problems.

But the wording of software license agreements, which have been
enforced by various courts, raises the bar considerably for any legal
action against software makers.

"If you take the time to read the thousands of words in a typical End
User License Agreement -- and many people don't -- you'll see that by
installing and using the software, you indemnify the vendor against
any claims, losses, or problems," Richard Forno, a computer book
author and security consultant, wrote in a commentary, "Forget
California, It's Time to Recall Microsoft."

Cem Kaner, an attorney and professor of computer science at the
Florida Institute of Technology, says end-user license agreements,
standard with consumer software, have become nearly foolproof in
immunizing companies from lawsuits.

Your only option? "When Microsoft says 'patch,' you salute and say
'how soon?'" says Forno, referring to the fixes offered by Microsoft
(www.microsoft.com/protect).

While these license agreements protect almost all software companies,
the case of Windows security problems is one of outsized magnitude,
given its marketplace dominance.

"The ongoing worldwide disruptions are the result of vulnerabilities
in a monopolist's product," says Kaner, suggesting further antitrust
action against Microsoft. "Competition drives innovation. If
Microsoft's market was actually at risk, they would have found a way
to deal with many of these problems long ago."

To be sure, there is no easy solution to software security
vulnerabilities. But the state of the market, requiring typical
computer users to become pros at installing "firewalls" and updating
"virus definitions," is completely unworkable, given the way PCs are
hawked as easy-to-use entertainment and gaming devices.

People who create and spread viruses must be prosecuted, no doubt
about that -- they bear the ultimate responsibility. But Microsoft
deserves a share of the blame, too. Microsoft's monopoly on PC
operating systems carries with it a certain responsibility, and the
company hasn't lived up to that responsibility. Not by a long shot.

get a clue.

"Paul Tattaglia" > wrote in message
om...
>
http://www.nj.com/business/ledger/index.ssf?/base/columns-0/1064123645277820.xml
>
> Sunday, September 21, 2003
>
> Another week, another security flaw shows up in personal computers
> running Windows.
>
> Many PC owners were caught off guard by the most recent attacks, known
> as "Blaster" and "Sobig." Many people opened e-mail attachments, only
> to learn they were infecting their PCs with malicious code and
> spreading a virus. Others found their computers shutting down
> unexpectedly.
>
> Frustrated, virus-plagued PC users might wonder why Microsoft isn't
> being deluged with lawsuits stemming from vulnerabilities in its
> Windows operating software. Despite Microsoft's much-hyped
> "Trustworthy Computing" campaign, flaws in Windows have allowed
> hackers to strike computers around the world.
>
> If other companies are subject to lawsuits arising from product
> defects, why not Microsoft?
>
> According to legal experts, the agreements computer users click and
> approve when they install software, known as "end-user license
> agreements," essentially immunize the product's manufacturer from
> liability for everything from crashes to viruses. Think about that the
> next time you click "I agree" when installing a game or spreadsheet.
>
> You aren't just proceeding to the next step in the installation -- you
> are also approving an agreement with legal consequences.
>
> Other products, such as toys or cars, don't come with a mechanism to
> require consumers to okay written agreements before using them. In
> such cases, consumers may be able sue for damages by claiming the
> manufacturer was negligent. And fear of those suits and monetary
> damages give the product makers a big incentive to fix problems.
>
> But the wording of software license agreements, which have been
> enforced by various courts, raises the bar considerably for any legal
> action against software makers.
>
> "If you take the time to read the thousands of words in a typical End
> User License Agreement -- and many people don't -- you'll see that by
> installing and using the software, you indemnify the vendor against
> any claims, losses, or problems," Richard Forno, a computer book
> author and security consultant, wrote in a commentary, "Forget
> California, It's Time to Recall Microsoft."
>
> Cem Kaner, an attorney and professor of computer science at the
> Florida Institute of Technology, says end-user license agreements,
> standard with consumer software, have become nearly foolproof in
> immunizing companies from lawsuits.
>
> Your only option? "When Microsoft says 'patch,' you salute and say
> 'how soon?'" says Forno, referring to the fixes offered by Microsoft
> (www.microsoft.com/protect).
>
> While these license agreements protect almost all software companies,
> the case of Windows security problems is one of outsized magnitude,
> given its marketplace dominance.
>
> "The ongoing worldwide disruptions are the result of vulnerabilities
> in a monopolist's product," says Kaner, suggesting further antitrust
> action against Microsoft. "Competition drives innovation. If
> Microsoft's market was actually at risk, they would have found a way
> to deal with many of these problems long ago."
>
> To be sure, there is no easy solution to software security
> vulnerabilities. But the state of the market, requiring typical
> computer users to become pros at installing "firewalls" and updating
> "virus definitions," is completely unworkable, given the way PCs are
> hawked as easy-to-use entertainment and gaming devices.
>
> People who create and spread viruses must be prosecuted, no doubt
> about that -- they bear the ultimate responsibility. But Microsoft
> deserves a share of the blame, too. Microsoft's monopoly on PC
> operating systems carries with it a certain responsibility, and the
> company hasn't lived up to that responsibility. Not by a long shot.

As it says, software licenses _are_ this way, and have been
for decades, from _all_ software makers.
Every little flaw in MS operating system are magnified
by the size and innocense of the installed base.

How many *Nix systems are patched for last weeks new
vulnerability in sendmail ?

How many consumers would have any hope of running any
of the other alternative operating systems with safety ?

All things are relative, but what you post looks only at one
side, and only partly develops the context for that "relative"

--
Roger

"Paul Tattaglia" > wrote in message
om...
>
http://www.nj.com/business/ledger/index.ssf?/base/columns-0/1064123645277820.xml
>
> Sunday, September 21, 2003
>
> Another week, another security flaw shows up in personal computers
> running Windows.
>
> Many PC owners were caught off guard by the most recent attacks, known
> as "Blaster" and "Sobig." Many people opened e-mail attachments, only
> to learn they were infecting their PCs with malicious code and
> spreading a virus. Others found their computers shutting down
> unexpectedly.
>
> Frustrated, virus-plagued PC users might wonder why Microsoft isn't
> being deluged with lawsuits stemming from vulnerabilities in its
> Windows operating software. Despite Microsoft's much-hyped
> "Trustworthy Computing" campaign, flaws in Windows have allowed
> hackers to strike computers around the world.
>
> If other companies are subject to lawsuits arising from product
> defects, why not Microsoft?
>
> According to legal experts, the agreements computer users click and
> approve when they install software, known as "end-user license
> agreements," essentially immunize the product's manufacturer from
> liability for everything from crashes to viruses. Think about that the
> next time you click "I agree" when installing a game or spreadsheet.
>
> You aren't just proceeding to the next step in the installation -- you
> are also approving an agreement with legal consequences.
>
> Other products, such as toys or cars, don't come with a mechanism to
> require consumers to okay written agreements before using them. In
> such cases, consumers may be able sue for damages by claiming the
> manufacturer was negligent. And fear of those suits and monetary
> damages give the product makers a big incentive to fix problems.
>
> But the wording of software license agreements, which have been
> enforced by various courts, raises the bar considerably for any legal
> action against software makers.
>
> "If you take the time to read the thousands of words in a typical End
> User License Agreement -- and many people don't -- you'll see that by
> installing and using the software, you indemnify the vendor against
> any claims, losses, or problems," Richard Forno, a computer book
> author and security consultant, wrote in a commentary, "Forget
> California, It's Time to Recall Microsoft."
>
> Cem Kaner, an attorney and professor of computer science at the
> Florida Institute of Technology, says end-user license agreements,
> standard with consumer software, have become nearly foolproof in
> immunizing companies from lawsuits.
>
> Your only option? "When Microsoft says 'patch,' you salute and say
> 'how soon?'" says Forno, referring to the fixes offered by Microsoft
> (www.microsoft.com/protect).
>
> While these license agreements protect almost all software companies,
> the case of Windows security problems is one of outsized magnitude,
> given its marketplace dominance.
>
> "The ongoing worldwide disruptions are the result of vulnerabilities
> in a monopolist's product," says Kaner, suggesting further antitrust
> action against Microsoft. "Competition drives innovation. If
> Microsoft's market was actually at risk, they would have found a way
> to deal with many of these problems long ago."
>
> To be sure, there is no easy solution to software security
> vulnerabilities. But the state of the market, requiring typical
> computer users to become pros at installing "firewalls" and updating
> "virus definitions," is completely unworkable, given the way PCs are
> hawked as easy-to-use entertainment and gaming devices.
>
> People who create and spread viruses must be prosecuted, no doubt
> about that -- they bear the ultimate responsibility. But Microsoft
> deserves a share of the blame, too. Microsoft's monopoly on PC
> operating systems carries with it a certain responsibility, and the
> company hasn't lived up to that responsibility. Not by a long shot.

Paul;
This is generally garbage.
There is one part that caught my attention
"The ongoing worldwide disruptions are the result of vulnerabilities
in a monopolist's product," says Kaner, suggesting further antitrust
action against Microsoft. "Competition drives innovation. If
Microsoft's market was actually at risk, they would have found a way
to deal with many of these problems long ago."

These disruptions are caused by improperly maintained computers.
Windows Update patches are generally simple to install.
Antivirus applications vary from simple to complex, free on up in
price. The AV is a choice of the user as well as keeping it updated.
The provided firewall in Windows XP is simple and effective against
the recent worms.
Properly used Windows Update, firewall and antivirus is most of what
is needed to protect the computer.
The other is a little common sense of knowing what to and what not to
click as well as knowledge of the machine you invested in.

Paul, if you are unable to do these yourself, you have a few options
1. Learn how to do it...it is easy and simple.
2. Pay someone to do it for you.
3. Don't do it and let your computer become the hackers property.
4. Quit using computers.

--
Jupiter Jones [MVP]
An easier way to read newsgroup messages:
http://www.microsoft.com/windowsxp/pro/using/newsgroups/setup.asp
http://dts-l.org/index.html


"Paul Tattaglia" > wrote in message
om...
>
http://www.nj.com/business/ledger/index.ssf?/base/columns-0/1064123645277820.xml
>
> Sunday, September 21, 2003
>
> Another week, another security flaw shows up in personal computers
> running Windows.
>
> Many PC owners were caught off guard by the most recent attacks,
known
> as "Blaster" and "Sobig." Many people opened e-mail attachments,
only
> to learn they were infecting their PCs with malicious code and
> spreading a virus. Others found their computers shutting down
> unexpectedly.
>
> Frustrated, virus-plagued PC users might wonder why Microsoft isn't
> being deluged with lawsuits stemming from vulnerabilities in its
> Windows operating software. Despite Microsoft's much-hyped
> "Trustworthy Computing" campaign, flaws in Windows have allowed
> hackers to strike computers around the world.
>
> If other companies are subject to lawsuits arising from product
> defects, why not Microsoft?
>
> According to legal experts, the agreements computer users click and
> approve when they install software, known as "end-user license
> agreements," essentially immunize the product's manufacturer from
> liability for everything from crashes to viruses. Think about that
the
> next time you click "I agree" when installing a game or spreadsheet.
>
> You aren't just proceeding to the next step in the installation --
you
> are also approving an agreement with legal consequences.
>
> Other products, such as toys or cars, don't come with a mechanism to
> require consumers to okay written agreements before using them. In
> such cases, consumers may be able sue for damages by claiming the
> manufacturer was negligent. And fear of those suits and monetary
> damages give the product makers a big incentive to fix problems.
>
> But the wording of software license agreements, which have been
> enforced by various courts, raises the bar considerably for any
legal
> action against software makers.
>
> "If you take the time to read the thousands of words in a typical
End
> User License Agreement -- and many people don't -- you'll see that
by
> installing and using the software, you indemnify the vendor against
> any claims, losses, or problems," Richard Forno, a computer book
> author and security consultant, wrote in a commentary, "Forget
> California, It's Time to Recall Microsoft."
>
> Cem Kaner, an attorney and professor of computer science at the
> Florida Institute of Technology, says end-user license agreements,
> standard with consumer software, have become nearly foolproof in
> immunizing companies from lawsuits.
>
> Your only option? "When Microsoft says 'patch,' you salute and say
> 'how soon?'" says Forno, referring to the fixes offered by Microsoft
> (www.microsoft.com/protect).
>
> While these license agreements protect almost all software
companies,
> the case of Windows security problems is one of outsized magnitude,
> given its marketplace dominance.
>
> "The ongoing worldwide disruptions are the result of vulnerabilities
> in a monopolist's product," says Kaner, suggesting further antitrust
> action against Microsoft. "Competition drives innovation. If
> Microsoft's market was actually at risk, they would have found a way
> to deal with many of these problems long ago."
>
> To be sure, there is no easy solution to software security
> vulnerabilities. But the state of the market, requiring typical
> computer users to become pros at installing "firewalls" and updating
> "virus definitions," is completely unworkable, given the way PCs are
> hawked as easy-to-use entertainment and gaming devices.
>
> People who create and spread viruses must be prosecuted, no doubt
> about that -- they bear the ultimate responsibility. But Microsoft
> deserves a share of the blame, too. Microsoft's monopoly on PC
> operating systems carries with it a certain responsibility, and the
> company hasn't lived up to that responsibility. Not by a long shot.