What level of liability does a person who's computer was compromised have?

[CoolTech]

What level of liability does a person who's computer was compromised have?

 

[CoolTech]

bump

 

[amdskip]

wtf are you asking?

 

[lizardboy]

Courts are still deciding this, going to be interesting to see how this plays out.

 

[MrBond]

Originally posted by: amdskip
wtf are you asking?

He wants to know that if your computer gets hacked, then used as a fileserver or something for pirated movies, then the MPAA finds out and sues you, can you plead ignorance and get off because your box was unsecured in the first place. Or if you have an unsecured WAP and someone uses your internet connection to attack another computer, are you liable for not securing the WAP

 

[alkemyst]

Depends on the machine, your function it, and what was compromised.

A doctor with a computer system containing name, numbers, and addresses of say STD/AIDS patients getting compromised would more than likely open up several lawsuits and probably HIPPA type action against them.

A personal box online 24/7 getting owned as a warez server may fall under other laws...

It's really dependant on what the situation is.

Å

 

[axelfox]

You just have to prove a reasonable doubt someone hacked/cracked into your computer.

 

[JoeKing]

Hmm interesting. But couldn't one argue that it is the computer owners responsiblity to keep his machine secure?

 

[opticalmace]

Originally posted by: Joeyman
Hmm interesting. But couldn't one argue that it is the computer owners responsiblity to keep his machine secure?

What if a thief steals someone's car, plows down an old lady, and then sideswipes a pack of kindergarten children.

Is the car owner responsible?


(That's how I see it.)

 

[CoolTech]

ehh, this is somewhat of a gray area of the law, a computer generally cannot be used to kill people. what if a car was left unlocked with the keys in the ignition in a known crime ridden area? A computer, insecure, in this abyss we call the internet, same difference. I think consumers should have some level of liability. If you are going to use a powerful tool then you better take reasonable precautions to protect it from intruders. All these people without virus or firewall software should definitely be held liable to some degree if something bad happens because of their ignorance.

 

[JoeKing]

what if a dog attacks a a person, is the owner responsible? Dogs are considered property btw.

 

[DaveSimmons]

What if your dog steals someone's unlocked car and plows down an old lady?

 

[Turin39789]

what if your dog steals someone's old lady and plows down a car

 

[FoBoT]

(L)users are too dumb to secure their own PC's

holding them resposible probably isn't a good idea. and (L)users don't have deep pockets. going after the OS maker is a better strategy

 

[Soybomb]

Originally posted by: FoBoT
(L)users are too dumb to secure their own PC's

holding them resposible probably isn't a good idea. and (L)users don't have deep pockets. going after the OS maker is a better strategy

Why should MS or redhat be held responsible because some guy decides its a good idea to setup a machine with no firewall and not download patches?

 

[FoBoT]

Originally posted by: Soybomb

Originally posted by: FoBoT
(L)users are too dumb to secure their own PC's

holding them resposible probably isn't a good idea. and (L)users don't have deep pockets. going after the OS maker is a better strategy

Why should MS or redhat be held responsible because some guy decides its a good idea to setup a machine with no firewall and not download patches?

just because they have money

i am not saying it should happen that way, just that when litigation comes into play, it is about going after those with money

suing individual PC owners won't get anyone any $$$

the alternative is the PC maker (HP, Dell, Gateway) , although one big judgement would put some of those out of business

 

[Soybomb]

Originally posted by: FoBoT

Originally posted by: Soybomb

Originally posted by: FoBoT
(L)users are too dumb to secure their own PC's

holding them resposible probably isn't a good idea. and (L)users don't have deep pockets. going after the OS maker is a better strategy

Why should MS or redhat be held responsible because some guy decides its a good idea to setup a machine with no firewall and not download patches?

just because they have money

i am not saying it should happen that way, just that when litigation comes into play, it is about going after those with money

suing individual PC owners won't get anyone any $$$

the alternative is the PC maker (HP, Dell, Gateway) , although one big judgement would put some of those out of business

I don't think I like the idea of money over justice. How will fining software developers put an end to this? You can't force a patch onto a machine, people will block them still if they want. PC makers couldnt be held responsible either, they're selling you hardware, and not all PC's come from a manufacturer. To me neither company is any more liable for what you do with their products than the telephone company is for what you do on their lines. If you're going to try to hold someone responsible other than the one who committed the crime (the worm author) it has to be the owner of the unsecured machine. They may not have alot of money, but what they have is certainly a powerful lesson. But then how do you treat it when a machine is used in an attack with a newly discovered unpatched vulnerability? Legislation won't fix this situation any more than it will fix the spam problem.

 

[alkemyst]

Originally posted by: opticalmace

Originally posted by: Joeyman
Hmm interesting. But couldn't one argue that it is the computer owners responsiblity to keep his machine secure?

What if a thief steals someone's car, plows down an old lady, and then sideswipes a pack of kindergarten children.

Is the car owner responsible?


(That's how I see it.)

Sort of a good analogy...but take for instance someone getting their handgun stolen by a kid who goes and gets himself shot at the 7-11.

I have heard about a few criminal negligance cases being brought up over that.

Again though it depends what the premise of the PC is and what is done with it once compromised.

If Citibank were to get hacked (again) and say mass deposits were affected somehow...I am sure they would be held accountable.

Å