funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Public Policy and Consumer ISP Hygiene (was Comcast pop-ups)

From: "Larry Seltzer" <larry () larryseltzer com>
Date: Mon, 12 Oct 2009 06:25:03 -0400
And what would trigger this law? SPAM? a port-scan? A high bandwidth

attack on another network?

As a general matter nothing would trigger it. It goes into effect
immediately. Are you asking what constitutes an infected user? We'd have
to define that, but it's not the right question for this discussion
unless you think it's impossible to define. Is it? 


You don't mention SPAM, perhaps intentionally...


A customer sending out spam bot-like sounds like a trigger to me.


I would contend that, for the most part, infected PCs are not an ISP

problem, but the customer's problem.

Think of it as an Internet public health problem, and the ISPs are in
the best position to isolate the patients.


1) Educating users on proper use of anti-virus and anti-malware tools

- and
being ADHD about installing OS updates.

That just hasn't been getting the job done.


2) Replacing SMTP with something sane and secure. SMTP has got to be

IETF's
biggest failure.

Serious efforts at that many years ago (MARID) essentially failed.


3) Doing what we can to develop and increase our participation in a

public
key infrastructure and IPSEC.

Voluntarily? In what century will that happen?

Larry Seltzer
Contributing Editor, PC Magazine
larry_seltzer () ziffdavis com 
http://blogs.pcmag.com/securitywatch/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: