Re: Possibly yet another MS mail worm

["John Palmer" <nanog () adns net>]

----- Original Message ----- 
From: <Valdis.Kletnieks () vt edu>
To: "Henry Linneweh" <hrlinneweh () sbcglobal net>
Cc: <nanog () merit edu>
Sent: Monday, March 01, 2004 12:59
Subject: Re: Possibly yet another MS mail worm

On Mon, 01 Mar 2004 10:35:05 PST, Henry Linneweh <hrlinneweh () sbcglobal net>  said:
> > Everyday there is a new, news article on this and every day everyone
> > panics and eeryday some one says tell the government to make a law, it is time
> > to realize that no law is going to do anything for anyone soon. In the past we
> > just took care of the problem and we can do the same now by sharing the solutions we
> > shared then for FREE. 

> The basic problem is that for the average ISP, requiring the users to have a
> clue and to use secure software is financial suicide. <insert obligatory Randy
> Bush reference here>.  Until something happens to change the cost/benefit
> ratios, we're stuck with it.  Remember that vendor lock-in is an issue - why
> should the user spend all the time/money of obtaining new software and learning
> how to use it if they're currently not experiencing high amounts of cost/pain?
> Many users will write off "I'm only losing 2 or 3 days of work a year due to
> virus/worms" and balance that against "Moving to <anything else> would screw
> things up for 2 weeks while I relearn and reconfigure", and decide it's not
> worth changing...

I am kind of torn between new legislation to force users to clean up their machines
when infected vs letting things go becuase I don't like government intervention, in
general.

I guess if society deems it a big enough problem, they'll push for legislation. Right now,
folks don't seem to mind absorbing the cost of these worms.

Till this changes, I don't think anything will get done, either on the technical or legal
side.