And thus we return to my original point, which is that it will depend on what is said/disclosed. If every copy of GAKscape had a banner, bigger than the Netscape "N" which said, "The government can read every message you send using this software no matter what you do" then I think consumers will be hard pressed to say they weren't warned.
I don't mean to be inflamatory, but it isn't much of a point. They aren't going to put such a banner up because that would limit their business. The goal of Netscape (though I don't single them out), any corporation that would profit from business of those who seek encryption while still allowing GAK, and the government, is to limit the public's awareness of the size of the hole. If they let people know the extent of the hole, then they'll use products w/out it which blows profits from companies involved, and doesn't benefit the government who want it in common use.
I disagree. Almost nobody read the fine print on the back of a note you sign when you buy a car or otherwise take out a loan, but the provisions are generally enforceable ... Ignorance is not necessarily an excuse.
The question is whether there was false representation of the security of the product. 1. The general knowledge of encryption and secure electronic financial transactions is significantly lower than that of more standard transactions. 2. Applying for a loan or buying a car involve actively going out, negotiating, signing contracts, etc. It will be much simpler to simply stick your vital info into a 'secure' browser. 3. The choice of browser to use will be done, based on representations by companies about the security of their product. If Netscape doesn't explicitly state in direct terms when accessing the browser that the GAK is a potential security risk, then they will be sued. Simply because someone will get blamed. Since they (or again any company that incorporates GAK.. I really don't want to target Netscape in specific) will make the threat sound as insignificant as possible, and not bring it to people's attention (and they can't afford to do so) when (not if) it is breached they will be taken to court repeatedly.
EBD
Jonathan ------------------------------------------------------------------------ ..Jonathan Zamick Consensus Development Corporation.. ..<JonathanZ@consensus.com> 1563 Solano Ave, #355.. .. Berkeley, CA 94707-2116.. .. o510/559-1500 f510/559-1505.. ..Mosaic/WWW Home Page: .. .. Consensus Home Page ..