Re: Good, bad or indifferent?

[Dave Dennis <dmd () speakeasy org>]

> On Mon, Jan 25, 2010 at 2:20 PM, Thomas Raef
> <TRaef () wewatchyourwebsite com>wrote:
>
> > http://tech.slashdot.org/story/10/01/25/1458231/Australian-ISPs-To-Disconnect-Botnet-Zombies?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29
> > Please share your thoughts.
> >
> >
> >
> > Thomas J. Raef

The usual mess of uninformed, speculative, hearsay and panic on /.

So.

If the IsP is doing captive portal surfing and attempting to provide malware
detection/cleaning tools, they have a noble purpose, but could run into
interesting legal liability if the idiot home user managed to screw the pooch
and make an unbootable system as a result.  The logic in the captive portal
would possibly need to be bright enough to handle every besotted version of
Windows from 95 to present, with all interop of old applications accounted for
or at least not a concern.  Thats a tall ask.  So once they start breaking
heretofore "not broken" (as far as the home user is concerned) systems, then
what ?  Its easily provable the home user PC was infected due to
traffic/signature/activity logged, but thats not going to mean anything to the
home user if he/she can't boot up and play mafia wars.

I think fwiw this is usually where the conversation breaks down in the USA on
this subject: To do the home fix the infected PC dance actually takes a little
bit more than just malware removal: it takes behavior modification, it takes
browser locking down / ad network blocking, it takes somehow coming up with a
fix to years of really poor decisions on the part of the user, who presumably is
running an old, unpatched, botched registry full of half-uninstalled malware and
spyware and various apps, any of which may or may not be able to withstand a
thorough clean/replace of some fairly important DLL.

So you get them to sign off on this, but their PC is mangled (to them)
afterwards, now what.  Customer support beat down, loads of posts to various
dumbass consumer sites like Consumerist, "My ISP Broke My Computer" and various
crying youtubes later, and will the ISP have the balls to stick to their guns?

Or will they back down and cave in?

I don't see how they can avoid caving in.  Most users are monumentally
uninformed with regard to spyware / malware, their own risk averse behavior, and
what even happened a week ago on the same PC.


My .02

-Dave D



+-------------------------
+ Dave Dennis
+ Seattle, WA
+ Speakeasy, Inc.
+ dmd () speakeasy net
+ http://www.speakeasy.net
+-------------------------
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.