Quote:
Originally Posted by HarryT
I work in a company which produces software solutions for its customers, LV. Most of these involve licensing numerous 3rd party components and tools. Rarely, if ever, do these have source code available. One has to trust that things that you buy in do what their producers say that they do.
I'm not arguing, but the way, that Sony were legally responsible. I was asking who you blamed - Sony, or the company which produced the faulty software. To my mind, the blame lies clearly with the latter.
|
And the company supplying the third party tools should specify exactly what it is those tools and components do. At a minimum, "This inputs A, performs operation(s) B, and outputs C." If functions D,E, and F are also performed and those muck up my hard drive, then the end producer has every right to blame their supplier for it doing things they never specified would occur. ETA: And the end producer has a responsibility to ask, "Will operation B or output C compromise my end user in any way?"
In Sony's case as I understand it, the rootkits did exactly what they were specified to do, though. Apparently nobody gave a thought that it could be exploited, or that the risk of exploit coupled with public opinion would be less than the security provided....
But, to the meat of your question, if it's a General Atomics television that burns down my house, I blame General Atomics. If it's a Brocolli Baby that gives my kid lead poisoning, I blame Brocolli, Ltd. If it's a Rube Music CD that ultimately allows a boot sector virus on my machine, I blame Rube Music.
Can Rube Music, General Atomics, or Brocolli Ltd. then go blame Bungle Brothers for supplying the unsinked component, lead paint, or exploited software? Sure, and that's fine, too. But I'll blame the producer. Doubly and triply so as they tried to make more profit by going with a third party or outsourcer.