[linux-elitists] class-action fun
Fri Sep 21 11:55:04 PDT 2001
I've been bouncing this idea off people in my local LUG-land and it's
generated some interest. Basically it's an idea about a class for a
class-action suit and the basis for a negligence claim:
Form a class of people who:
A - use Microsoft products and lost data or incurred downtime due to
infections from CR*/Nimda
B - do not use Microsoft products but incurred downtime or lost data
due to CR*/Nimda
Sue Microsoft for negligence.
"But they issued patches for these exploits," you say.
Yes, but they kept selling freshly pressed OS CD's that were still
defective. I.e., they refused to recall and re-press product that
they acknowledged (presumably this is where the lawyer would argue
about "reasonable consumers" or some such) through patches and
advisories was defective.
This is akin to Ford recalling Explorers, providing replacement tires
to anyone who wants them, but putting Firestones on anything that
leaves the showroom.
Sounds like negligence to me (...hence the <IANAL> bracketing of the
whole message since I'm pretty much a moron).
Issues that immediately come to mind:
- The shrink-wrap license on Windows is a get-out-of-jail free card.
-> a class A suit would be testing the validity of shrink-wrap licenses
-> a class B suit would completely dodge the shrink-wrap issue since
they never agreed to the license terms
-> this split would mean that a sickeningly vicious and dirty set of
class-action attorneys would have to argue the case (forgive me for
- Such a suit would affect any software manufacturer selling shrink-wrap
-> Yes, but only the negligent ones (sorry, and I write software for
a living so I should know better)
-> or: Yes, but should manufacturers of software be exempted from pulling
boxes off the shelves when auto makers, meat packers, and toy
manufacturers have to issue costly recalls?
-> Network-installed OS's don't have a recall issue. This still leaves
RedHat et al out to dry, but future shrink-wrapped installs could go get
updates upon installation. The attractiveness of a class suit against
RH (e.g.) over current and past actions is much lower than that of an MS
suit (one advantage to riding the rocky road this far I suppose).
- One could argue that the analogy between Firestones and Windows is faulty
since Windows doesn't kill people (well, so long as they're not on a WinNT
battleship or on Windows-based life support or ...).
-> I would be surprised if it couldn't be successfully argued that a
product is defective even though noone dies from its use.
- Is this or is it not a good precedent to set?
-> Well, is it?
- Another possible criterion for class membership would be expense incurred
due to bandwidth costs on bill/traffic lines
-> I've already encountered a few people who are in such situations and have
logs showing massive Nimda and Code Red traffic
-> one guy has 55,000 logged Nimda hits on one of his colo'd servers, and I
believe that's unique combined hits (i.e., at ~16 requests per hit), easy
enough to verify).
Mostly useless pseudo-random number: 839
Rick Bradley - http://firstname.lastname@example.org (94 F)
More information about the linux-elitists