Comment "Guns don't kill people, people kill people." (Score 2) 39
If a gun kills someone it's usually because that gun was pointed at that person and discharged by themselves or another individual. That's how guns work as far as I know. That person is culpable for that act.
If someone writes malicious code that rips people off via botnet or phishing... who really pulls the trigger?
In one of America's numerous famous school shootings, the media and the public overwhelmingly blamed the resource officer who's responsibility is to allegedly protect the staff and students. He was hung from his toes by the government and accused of criminal negligence leading to death, injury, public outrage, etc., but later acquitted by a jury.
Is the government going to start prosecuting IT staff who do not adequately respond to or prepare for computer security incidents? Will the person who pulls the purse strings be responsible for skimping on talent and manpower to prevent this? Will the software vendor be held responsible for not forcing the user to install updates and patches, or even for negligence for being unaware of the exploit(s) used in the attack? Does some government agency with word "cyber" or "security" in their name bear any responsibility for failure to prevent any of this? Are we all going to need a license to access the internet soon?
What about a hypothetical multinational healthcare/insurance firm who outsources their IT operations and could give two shits about protecting their data? Are the contractors or the firm culpable for any breaches? Was grandma ever really responsible for lil' Johnny Boy uploading Britney MP3s on limewire?
It's as if tools consisting of data and instructions being used as weapons are seemingly a new paradigm (scale notwithstanding) that hasn't been happening for decades. Such fascinating times.