Re: Punishment.
> If a user wants to own a general-purpose computing device, then there is a responsibility for the operation of that device that goes with such ownership.
OK. So you go found a computing company with that mission statement and let us know when your profits go through the roof.
Meanwhile, here in the real world, the firms making actual computers that actual people actually use have spent several decades specifically marketing them as things that you can use without understanding their inner workings. I'm fine with that. If you're not, you're going to need a time machine.
The point is, a duty of care isn't something that accidentally happened to the IT giants. It's something they chose and pursued. They didn't have to.
> If the use wants to abrogate that responsibility - that's fine, but don't expect to be permitted to do whatever you like with it.
Permitted? Gosh. By whom?
>> Someone below mentioned the internal combustion engine, apparently under the impression that people who drive cars know how it works. No they don't.
> That's actually a superb example - we don't expect car owners to be experts in the internal functioning of their vehicles ...
So not a superb example, then. What you're talking about is a different example.
> ... but we do expect them to operate those vehicles in a safe manner - with potentially huge penalties if they fail to do so. Don't want to take that responsibility? Take a taxi.
But we're not talking about people using computers recklessly and thereby endangering others. We're talking about users opening an email and being fucked. A few months ago, there was that text message doing the rounds that would brick iPhones if you received it. Now we're looking at IoT botnets, apparently. Yet still this attitude prevails in IT circles that it's always the victim's fault. Their fault for what? Putting a smart lightbulb in their living room?
> Sure - but if they've put a new roof on, then they come to look at the leak you've reported and found you've drilled a massive hole in the roof to get some stuff in ...
This is exactly the attitude I'm talking about. You just won't accept that a computer might actually have an inherent problem when it's sold.
And this is odd, because go to any comments thread on this site about the new version of any OS, and there'll be loads of knowledgeable comments about all its problems and bugs. But the moment we discuss security, some of the same knowledgeable people insist that everything is the users' fault -- with the implication that the computers they're using must be perfect.
Apple had that huge security hole a couple of years back that was caused by a dev screwing up their copying and pasting. The code was visible to the public, and the bug was obvious (I showed it to two non-devs, one with no interest in IT at all, and they both spotted it), yet none of Apple's processes picked it up. Every machine that shipped with that code and every machine that was updated with that code had a giant security flaw in it that was 100% Apple's fault and 0% their users' fault.
Heartbleed was similar.
> Just as you wouldn't expect a chainsaw manufacturer to take responsibility when someone's tutorial in "using a chainsaw to remove unsightly facial hair" goes wrong, you can't blame the manufacturer of computer software to accept responsibility for everything a user might do with their product ...
... such as checking their emails, opening a text message, or simply turning their computer on and connecting it to the Internet without first writing and installing a patch to a massive security hole that no-one except some criminals has discovered yet. Yeah, that's definitely equally as reckless as taking a chainsaw to your own face. Probably more.
> Revenge porn requires three steps:-
•Creation of the porn
•Distribution of that porn to someone who should (at the time) have it
•Distribution after the fact to someone who should not have it
The example I gave -- people having their webcam hacked and being filmed without knowing it -- is a real example, that has actually happened. That's caused by users recklessly and irresponsibly changing their clothes in the same room as their computer. The stupid morons.
> So whilst I'm all for some software being required to perform properly under pain of litigation, making such sweeping statements that it must all cushion users such that they do not need to be responsible for their own actions is both ludicrous and extremely unwanted.
And not remotely what I said.