Colm MacCarthaigh wrote:
> If the worm had a malicious (in your terms) payload, it would have
> caused networks just as many problems (so no gain there), and more harm
> to MS-SQL users. Using your logic, surely this much more damaging
> experience would have cause MS-SQL admins to be more responsible in
> keeping up to date ? Or rather, more fearful of future exploits.

Precisely my point. Sapphire was not designed to inspire fear. If this had
been a terrorist act it would have done so, and it could have done so. It
did not. In my mind Sapphire inspires confidence that somebody, somewhere
might actually be thinking for a change. Unfortunate inconveniences aside,
anything actually *damaged* by Sapphire (in a physical/non-trivial sense of
the word) was too vulnerable for use in the first place.

Sincerely,

Jason Coombs
jasonc (at) science (dot) org [email concealed]

[ reply ]