Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Strategies & Market Trends : Piffer OT - And Other Assorted Nuts -- Ignore unavailable to you. Want to Upgrade?

To: arno who wrote (43630)	7/5/2000 11:10:42 AM
From: Rainy_Day_Woman	Respond to of 63513

I am and it's lonely at the top<p> Naz looking like he's not going to come and visit me today<p> y'all might want to use me as a contrarian indicator<p> one of the penny momo traders here does<p> I think he's a millionaire now<p>

To: arno who wrote (43630)	7/5/2000 11:12:11 AM
From: Original Mad Dog	Read Replies (2) \| Respond to of 63513

#&&(#&^% Lawyers News Item of the Day: Tuesday July 04 04:15 PM EDT New legal storm on Net horizon By David Raikow, Special to ZDNet Could you be sued for allowing yourself to be hacked? dailynews.yahoo.com Amid the nearly constant stream of news coverage about Internet security problems over the past six months, most people probably didn't even register the recent attack on Nike Inc.'s (NYSE:NKE - news) Web site. After all, Web sites are attacked every day; Nike may be a high-profile company, but there was nothing particularly unusual about the incident itself. One of the victims is preparing an extremely unusual response, however, that could change the way we think of online security. Scottish ISP FirstNet Online is preparing to sue the shoe maker -- for "allowing" itself to be hacked. Caught in the middle Sometime on or before June 21, unknown intruders penetrated FirstNet's servers and used them as part of an attack that redirected Web and e-mail traffic bound for "nike.com" to an anti-Nike activist site in Australia. According to FirstNet owner Greg Lloyd Smith, Nike requested that the ISP redirect traffic back to its servers as an emergency measure while Nike attempted to regain control over the "nike.com" domain name. After the incident was resolved, FirstNet submitted an invoice to Nike for its services, and Nike refused to pay. FirstNet is now preparing to file suit against Nike in the Scottish courts. The primary focus of the complaint is fairly simple question of contract law: FirstNet says it provided a service and deserves to be paid. In addition to its normal fees, however, FirstNet's bill includes a claim for compensation for the disruption caused by the enormous amount of traffic generated by "nike.com." Smith claims Nike's lax security is responsible for the incident, and that the company should therefore be financially responsible for the resulting disruption. A new wave of litigation? The validity of FirstNet's suit under Scottish law aside, the precedent set by this type of claim could trigger a whole new type of litigation. As far as I have been able to determine, no court has ever squarely addressed the notion that a company could be liable for failing to secure its own servers adequately. The concept does have some support in U.S. law -- landlords have been sued by their tenants for providing insufficient building security, for example -- but the application of these precedents to the Internet raises a host of complex questions. What should be considered "adequate" security? Does this standard vary from business to business? What about individuals who maintain servers? What about questions of jurisdiction: Will dotcoms in Omaha face lawsuits from Sri Lanka and Cameroon? If the courts do address these issues, however, the compelling business logic behind "negligent Internet security" claims could make them the next big thing in litigation. Who's liable? Computer crime is a major problem and imposes significant costs on online companies. When faced with financial loss, most businesses look for someone to sue, and bringing computer criminals into civil court is not often an option. Most attacks involve multiple networks owned by many different companies, presenting a wide array of potential defendants, some of whom are bound to have deep pockets. The potential effect of "negligent security" lawsuits is difficult to overstate. Enormous ISP liability and litigation costs, for example, could dramatically raise Internet access fees. The threat of liability could create a significant barrier to entry, hampering small businesses and startups while offering an additional advantage to established companies with substantial legal resources. Moreover, the technical issues raised by these cases would make the MS-DOJ trial look simple in comparison and could impose a large burden on already-overtaxed courts. On the other hand, the threat of security lawsuits could also do a lot of good. PR claims aside, most businesses don't consider network security a major concern; potential lawsuits, however, have a way of making CEOs sit up and pay attention. The legal arguments could bleed over into questions of software development, forcing developers to take more responsibility for securing their products. Most important, the notion could force us all to realize that Internet security is the responsibility of the entire Internet community, and that we all have to play our part. San Francisco-based security consultant and columnist David Raikow holds a law degree from U.C. Berkeley's Boalt Hall School of Law.