__/ [SteveR] on Sunday 30 October 2005 20:43 \__
> Peter Crosland <g6jns@xxxxxxxxxxx> writes:
>>>>You have no claim against Microsoft.
>>> I'm not so sure. It's easily arguable that Microsoft have been
>>> negligent for many years in selling software that is so easily
>>> compromised and that their negligence has caused many hundreds of
>>> millions of pounds/dollars in damage to hundreds of thousands of
>>> individuals and companies.
>>> I'd love to see someone try to sue them. Deep pockets would be
>>> needed, of course :-(
>>Whilst I am no apologist for Microsoft I think you are wrong. Exactly how
>>is anyone going to prove that the attack was not due to users being
>>negligent in applying patches and/or other appropriate security measures? A
>>very up hill struggle I suspect!
> The very fact that endless patches are necessary is an indication of
> negligence on the part of Microsoft itself. It has released a large
> amount of before-it-is-ready software, inadequately designed,
> erratically implemented, and insufficiently tested. It is, therefore,
> no surprise that weaknesses are found and exploited by random hackers.
Some say that these patches come in every Tuesday. Microsoft have admitted
that they had built software in a poor and negligent manner:
REDMOND, Wash. ? Jim Allchin, a senior Microsoft Corp. executive, walked
into Bill Gates?s office here one day in July last year to deliver a
bombshell about the next generation of Microsoft Windows.
'It?s not going to work,' Mr. Allchin says he told the Microsoft
chairman. The new version, code-named Longhorn, was so complex its writers
would never be able to make it run properly.
The news got even worse: Longhorn was irredeemable because Microsoft
engineers were building it just as they had always built software.
Throughout its history, Microsoft had let thousands of programmers each
produce their own piece of computer code, then stitched it together into one
sprawling program. Now, Mr. Allchin argued, the jig was up. Microsoft needed
to start over.
> If someone sells me crap, and demands that I hunt down the fixes, is it
> then my fault if a newly-discovered crapness exposes me to a successful
> attack? No, of course not. And that counts double if the fix isn't
> even available. It's the vendor's fault, because he sold me the crap in
> the first place. (And why did I buy the crap? What realistic
> alternative did I have? In 1995, none. In 1998, for most consumer
> desktop purposes, none. Now? Linux, maybe, depending on what you want
> it for, and how much brain power you feel like applying to managing the
I suppose my bitterness stems from the fact that I never use any of
Microsoft's products. There is no hypocrisy. Yet, I continue to suffer from
a terribly flawed product that they have spread around the world. If a fleet
of cars with faulty brakes was sold to the public and led to an endless
number of car accidents (involving other motorists), would you blame the car
owners for not mending the brakes? It doesn't matter if the manufacturer
/unknowingly/ let these faulty cars be out 'in the wild'.