[citation][nom]jojesa[/nom]Let me see if I understand your analogy.You have a window that does not close properly on your house and your neighbor informs you about it.You chose to ignore the neighbor (or you could have schedule a repair for a convenient date) and he comes to your house, thru that window you did not fix when he told you to, he takes some of your belongings and leave them in the sidewalk for anyone to take.So you will be ok with that, since you did not fix that window in a timely manner.[/citation]
No you have it all wrong. Perhaps this is better. It is not really a matter of who is worse both parties are guilty as far as I am concerned, but it seems only the Goatse face any real problems here. Yet AT&T knew of the problem and did nothing until the hole was used. Should they not be held responsiable for knowing of a potential security risk which they did nothing about until it was to late? The key word being "knowing", if they did not know of the hole before Goatse did anything then AT&T would be blameless imo, but they knew and did nothing so they too are to blame.
As for the whole windows on my house thing, that is my house and effects only me and those that live there where as AT&T has millions of customers. Not only did Goatse take records, but AT&T apparently continued to put at risk, not just one or two, but potentially thousands of customers data at risk by knowing of the problem and doing nothing about it.
Hope that clears it up.