Acer Falls Victim To $50 Million Ransomware Attack
https://uk.pcmag.com/ransomware-protect ... are-attack
Mar 20th, 2021 7:16 pm
Mar 20th, 2021 10:44 pm
Mar 20th, 2021 10:58 pm
Mar 21st, 2021 10:10 am
Mar 21st, 2021 11:27 am
If they were made liable, there wouldn't be any software companies. Or network companies.
Mar 21st, 2021 3:30 pm
Mar 21st, 2021 5:02 pm
Absolutely, I am waiting for the actual investigation to be complete to have evidence of an entry into their environment and the execution path. There is mention of the recent Microsoft Exchange Vulnerabilities ( https://krebsonsecurity.com/2021/03/at- ... -software/ ) , which indeed still poses a global risk to many organizations.
Mar 21st, 2021 6:08 pm
Mar 21st, 2021 6:33 pm
Mar 21st, 2021 7:06 pm
Every industry claims the same thing when faced with the prospects of not being able to offload their externalities onto the public. The tech sector, however, is the only industry that enjoys near complete immunity from liability from selling defective products. Every other industry copes with regulations and/or liability risks. The tech sector should be no different.
Mar 21st, 2021 9:41 pm
Mar 22nd, 2021 1:30 am
Mar 22nd, 2021 9:59 am
Mar 22nd, 2021 11:10 am
As @JAC said, there are software vulnerabilities disclosed all of the time across the industry. Just last week there a 10 year security vulnerability in the Linux kernel was disclosed. It's an industry wide problem, I'm not sure liability is the answer but certainly the incentive needs to be better practices.
Yeah, good points here too.Software is mature enough that most security flaws discovered now are not the result of completely unknown attack vectors but rather are the result of software vendors choosing not to follow sound software engineering practices. Vendors choose to cut corners because immunity from liability gives them an incentive to pursue profit over customer safety. Change the incentives and software would become far more secure overnight.
Mar 22nd, 2021 2:21 pm
That is simply untrue and should never be perceived as such - this is a major security risk.Some "flaws" are intentional to assist intelligence services.