We collapsing threads

1) misrepresentation/deception and accountability

This is what Ron's reply to my email mentioned. I think we all agree.
This is plain bad acting and it really would be refreshing to see
someone apply laws commonly enforced in the brick-and-mortar world to
the virtual world. Add it to the list of things I want to see before
I die.

2) Hiding complexity versus hiding the truth about a product

I spoke of hiding complexity in my email - putting grep/awk/sed
behind a GUI is very different from not documenting that "left set to
factory default settings, our device accepts incoming ftp connections
from guest accounts with no password enforcement."

On 13 Jun 2005 at 15:13, Marcus J. Ranum wrote:

> R. DuFresne wrote:
> >Failing to do so moves liability out of the end users realm, even
> >Marcus would have to agree there.

> I couldn't agree more - if a vendor misrepresents their product they
> should be held accountable. There are agencies of the government that
> are already responsible for enforcing truth-in-advertising rules, and
> there are precendent-setting decisions that hold the vendors liable in
> such circumstances.
> In the field of software, we have 2 problems - one: the truth
> in advertising rules are not being enforced effectively, and
> two: "shrink wrap" licensing has been upheld as a way of
> releasing vendors for all responsibility - even the consequences
> of their outright lies.
> Outright lies? Isn't that a bit severe? Well, I give you one
> case in point: I recently re-installed Windows XP on my
> desktop machine (my annual "clean scrape") and as it was
> installing (and on the product box) Microsoft touted XP as
> a way to "quickly and securely access the Internet" Oh. Really?
> mjr.

firewall-wizards mailing list