nanog mailing list archives
Re: Schneier: ISPs should bear security burden
From: Valdis.Kletnieks () vt edu
Date: Thu, 28 Apr 2005 11:51:23 -0400
On Thu, 28 Apr 2005 10:47:50 EDT, James Baldwin said:
in order to provide the best connectivity possible, measured by least obstructions perceived by the user at the lowest price point, at the highest margin possible we need to relocate the operating cost to the appropriate party. Providing all users with unfiltered transit increases our operating expense without providing the customer with any added benefit. Providing a subset of users with unfiltered transit when necessary pushes that expense onto the users requesting additional service.
It would seem that relocating the costs of doing extra (filtering, etc) *should* be passed on to the people who necessitated the extra handling by running software that needs extra protection. As it stands, you're charging the people who (in general) aren't the problem more for you *not* to do something... Car insurance companies figured this out long ago: They charge extra premiums to those customers who incur them more cost - that's why male teenagers pay more than middle-aged people, and why people with multiple tickets pay more. Would any car insurance company be able to stay in business long-term if they raised the premium for middle-aged men driving boring Toyota sedans because somebody else's teenager wrapped their Camaro around a tree? Why is it perceived as reasonable in this industry?
Attachment:
_bin
Description:
Current thread:
- Re: Schneier: ISPs should bear security burden, (continued)
- Re: Schneier: ISPs should bear security burden Barry Shein (Apr 29)
- Re: Schneier: ISPs should bear security burden James Baldwin (Apr 27)
- Re: Schneier: ISPs should bear security burden Owen DeLong (Apr 27)
- Re: Schneier: ISPs should bear security burden Adi Linden (Apr 28)
- Re: Schneier: ISPs should bear security burden Iljitsch van Beijnum (Apr 28)
- Re: Schneier: ISPs should bear security burden Adi Linden (Apr 28)
- Re: Schneier: ISPs should bear security burden Owen DeLong (Apr 28)
- Re: Schneier: ISPs should bear security burden John Dupuy (Apr 28)
- Re: Schneier: ISPs should bear security burden william(at)elan.net (Apr 28)
- Message not available
- Re: Schneier: ISPs should bear security burden James Baldwin (Apr 28)
- Re: Schneier: ISPs should bear security burden Valdis . Kletnieks (Apr 28)
- Re: Schneier: ISPs should bear security burden James Baldwin (Apr 28)
- Re: Schneier: ISPs should bear security burden Andy Johnson (Apr 28)
- Re: Schneier: ISPs should bear security burden Owen DeLong (Apr 28)
- Re: Schneier: ISPs should bear security burden Owen DeLong (Apr 28)
- Re: Schneier: ISPs should bear security burden Owen DeLong (Apr 28)
- Message not available
- Re: Schneier: ISPs should bear security burden Jay R. Ashworth (Apr 30)
- Re: Schneier: ISPs should bear security burden Robert M. Enger (Apr 30)
- Re: Schneier: ISPs should bear security burden Suresh Ramasubramanian (Apr 30)
- Message not available
- Re: Schneier: ISPs should bear security burden Owen DeLong (Apr 27)