[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Windows' future (reprise)
- To: "full-disclosure@xxxxxxxxxxxxxxxxx" <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Windows' future (reprise)
- From: "Thor (Hammer of God)" <Thor@xxxxxxxxxxxxxxx>
- Date: Mon, 17 May 2010 18:08:20 +0000
>Is my business at risk, if I
>say the wrong thing, and my customers go out of business because
>their hardware/software combination is no longer viable? I imagine
>these questions are on the minds of many IT managers, and with a
>chart on the wall showing 243% mutation, it is only reasonable that
>they be asked.
>
>Stu
>
>---
>Stuart Udall
>stuart at () cyberdelix dot net - http://www.cyberdelix.net/
In business, you are always exposed to some level of risk when you charge for
professional services. That's why you carry various business insurance
policies should you engage in a project in which you are responsible for some
level of loss on behalf of your client. $5 million in E&O is typical, though
I've seen a little as $1 million as a requirement.
Given that malware and virus mitigation is a systemic issue, I doubt you could
be held responsible for a company "going out of business" because an AV program
made their hardware and software unviable. However, when you make public posts
to a mailing list that is replicated worldwide about how you are consulting for
a business that purchased a $24,000 .net application (or whatever it was) but
then go on to say how you know absolutely nothing about .net, I do think you
are opening yourself up for legal action should the company have issues (which,
they probably will) and there is basically "proof" in your own words that you
are unqualified to do the work.
I know my way around different .nix installations a bit. I can make stuff run,
and I actually quite good at screwing up a kernel rebuild. However, I don't
trust myself to set up a secure unix installation; certainly not to a point
that I would provide professional services and bill clients for. If I were to
do that, I would (and should) be held liable for damages arising out errors I
am responsible for.
The "right" thing to do here, from a business and ethics standpoint, is to
subcontract a .net professional who can represent you properly. The job will
get done properly, you will make money, and your customer will be happy.
You're in London, right? Call up some guys at NGS and see if they can help
you. There are some really good people there.
t
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/