funsec mailing list archives
Re: Public Policy and Consumer ISP Hygiene (was Comcast pop-ups)
From: Rich Kulawiec <rsk () gsp org>
Date: Tue, 13 Oct 2009 08:28:25 -0400
On Sun, Oct 11, 2009 at 10:29:05PM -0400, Larry Seltzer wrote:
Many of us have agreed that, for competitive reasons, it's not possible for ISPs to lock infected users out of a network. I'd like to suggest a crazy idea for your reaction: A law governing ISPs that sets rules for these situations.
I've long since given up on the idea of legal solutions to problems like these. For starters, any such proposed law will be so hopelessly mangled by the lobbyists that the end product will end up looking nothing like the proposal; and given the immense power of the duopoloy's lobbyists, at least in the US, I think they'd be all over this. [ See "CAN-SPAM" for a canonical example of this process. ] But even if a law that those of us who erudite enough to be here ;-) was enacted precisely as we wished, it would only cover this jurisdiction. And this is a global problem. And even if -- by fiat, let's say -- that same law was put in place globally, who would enforce it? What organization has the expertise, the human resources, and everything else required to make it stick? I think the best available solution to this is blacklisting. It achieves an immediate goal (preventing abuse/attacks from an obviously-infected system) and it pushes toward a longer-term goal (convincing those responsible for the system, that is, the former owner and the ISP, to isolate it/clean it up/fix it). It can be done without legal action, since any of us are of course free to decline the privilege of network services to anyone we want. It scales reasonably well. It can be handled by multiple services with different criteria so that we have a choice of which to use, and so that those with, ummm, braindamaged criteria, will be recognized as such and largely ignored. And -- as we have seen on several occasions -- when properly used, it can, ummm, persuade those responsible for poorly-managed operations to change their ways. To be clear: I *don't* like this at all. I remember a time when people took pride in their operations and worked hard to make sure that they were good network neighbors. When they screwed up, they fixed it and apologized, and then tried to learn how not to screw up that way again. I would prefer that we go back to that ethic. But that is absolutely not going to happen; there's far too much money to be made by a combination of (a) studied negligence and (b) passive or active cooperation with abusers. ---Rsk _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Public Policy and Consumer ISP Hygiene(was Comcastpop-ups), (continued)
- Re: Public Policy and Consumer ISP Hygiene(was Comcastpop-ups) Valdis . Kletnieks (Oct 20)
- Re: Public Policy and Consumer ISP Hygiene(was Comcastpop-ups) Nick FitzGerald (Oct 20)
- Re: Public Policy and Consumer ISP Hygiene(was Comcastpop-ups) Rich Kulawiec (Oct 20)
- Re: Public Policy and Consumer ISP Hygiene(was Comcastpop-ups) Rich Kulawiec (Oct 20)
- Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) chris (Oct 19)
- Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) Rich Kulawiec (Oct 19)
- Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) Nick FitzGerald (Oct 19)
- Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) chris (Oct 19)
- Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) Rich Kulawiec (Oct 17)
- Re: Public Policy and Consumer ISP Hygiene (was Comcast pop-ups) Michael Collins (Oct 13)
- Re: Public Policy and Consumer ISP Hygiene (was Comcast pop-ups) Rich Kulawiec (Oct 13)
- Re: Public Policy and Consumer ISP Hygiene (was Comcast pop-ups) Michael Collins (Oct 13)
- Re: dumb. Comcast pop-ups Toralv_Dirro (Oct 10)
- Re: dumb. Comcast pop-ups Jon Kibler (Oct 10)
- Re: dumb. Comcast pop-ups Michael Collins (Oct 10)
- Re: dumb. Comcast pop-ups Jim Murray (Oct 11)
- Re: dumb. Comcast pop-ups Jon Kibler (Oct 11)
- Re: dumb. Comcast pop-ups Michael Collins (Oct 11)