[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Due Diligence

To: debate@lists.fitug.de
Subject: Due Diligence
From: Kristian Koehntopp <kris@koehntopp.de>
Date: Wed, 14 Nov 2001 17:12:01 +0100
Delivered-To: mailing list debate@lists.fitug.de
List-Help: <mailto:debate-help@lists.fitug.de>
List-Id: <debate.lists.fitug.de>
List-Post: <mailto:debate@lists.fitug.de>
List-Subscribe: <mailto:debate-subscribe@lists.fitug.de>
List-Unsubscribe: <mailto:debate-unsubscribe@lists.fitug.de>
Mailing-List: contact debate-help@lists.fitug.de; run by ezmlm
User-Agent: Mutt/1.2.5i


http://www.linuxplanet.com/linuxplanet/opinions/3903/1/
Due Diligence

Dennis E. Powell
 
There will probably be no .comment column the week after the
first negligence suit is filed against a firm whose negligent
action is the use of Microsoft software when they should have
known better, with the result being a client's confidential
documents having become public.

...

 It got some note last year, but it's worth revisiting the
study, Cyber Threats and Information Security, released last
December by the highly regarded Center for Strategic and
International Studies. The study's authors -- and there isn't a
lightweight among them -- noted that Microsoft's computers
containing source code, had been cracked, and said:

 "There are several recent examples of how formerly
industry-specific concerns have risen -- or have the potential
to rise -- to the level of national security concerns. Perhaps
the most recent example is the admission by Microsoft that
hackers had broken into their systems and accessed
next-generation Windows software that was not only unreleased,
but not yet even announced. A profound concern to both private
and public entities becomes whether or not any of these products
will be trustworthy once they are released. It is doubtful that
the millions (sometimes billions) of lines of code required to
power Microsoft's products could readily be sanitized. "

 Let's see. What would, a year ago, have been referred to as
"next-generation Windows software"? Why, it's XP! What CSIS is
saying, without coming right out and saying it, is that there
could be all sorts of back doors inserted into the XP code
without anyone beyond the cracker, least of all Microsoft,
knowing about it. What they're also saying, and this time they
do come right out and say it, is that Microsoft's software is
therefore a national security risk.

 Now, there is a concept in the law called "due diligence," and
what it means, basically, is the ability to prove that one knows
all that he or she (or it, in the case of a firm) can reasonably
be expected to know. It is required in many securities
transactions, corporate reports, and the like. It can be offered
as an affirmative defense in negligence suits.
...

-- 
http://www.amazon.de/exec/obidos/wishlist/18E5SVQ5HJZXG

-- 
To unsubscribe, e-mail: debate-unsubscribe@lists.fitug.de
For additional commands, e-mail: debate-help@lists.fitug.de

Prev by Date: Musicnet
Next by Date: Re: Musicnet
Prev by thread: Re: Musicnet
Next by thread: [FYI] (Fwd) FC: U.K. may order firms to record Net-traffic, ban anon remaiers?
Index(es):
- Date
- Thread