Owen DeLong wrote:
Software has been out of control for a long time and I hope that the gov't will start by
ruling the not responsible for our negligence or the damage it causes clauses
of software licenses invalid.
The beauty of my attractive nuisance argument is that the EULA doesn't
On Tue, Jun 08, 2010 at 11:14:10PM -0700, Paul Ferguson wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
To cut through the noise and non-relevant discussion, let's see if we can
boil this down to a couple of issues:
1. Should ISPs be responsible for abuse from within their customer
This would appear to be political in nature and therefore not operational,
right?
Larry Sheldon larryshel...@cox.net wrote:
On 6/9/2010 08:21, Joe Greco wrote:
Your car emits lots of greenhouse gases. Just because it's /less/ doesn't
change the fact that the Prius has an ICE. We have a
Going back then to a previous question, do we want more/any regulation ?
Yes.
All vulnerable industries should have their use of network
communications regulated. This means all power stations, electricity
line operators, dam gate operators, etc. They should all be required
to meet a standard
I would expect that the increased awareness of network security that
resulted would pay dividends in business and home use of networks.
I'd expect a lot of nice business for audit firms with the right government
connections, and another checklist with a magic acronym that has everything to
do
On Thu, 10 Jun 2010 12:27:18 BST, Michael Dillon said:
If any organization operates an infrastructure which could be
vulnerable to cyberattack that would damage the country in which they
operate, that organization needs to be regulated to ensure that their
networks cannot be exploited for
Tim Franklin wrote:
and another checklist with a magic acronym that has everything to do
with security theatre and nothing to do with either actual security or
the reality of operating a network.
Checklists come in handy in fact if many were followed (BCP checklists,
appropriate industry
Checklists come in handy in fact if many were followed (BCP
checklists, appropriate industry standard fw, system rules)
the net would be a cleaner place.
Sensible checklists that actually improve matters, yes.
The audit checklists I've often been subjected to, full of security theatre and
And would damage the country is a very fuzzy concept that you really don't
want to go anywhere near.
I wasn't drafting legislation; I was introducing a concept. I would
expect that actual
legislation would explicitly list which industries were subject to
such regulation.
Otherwise it might
J. Oquendo wrote:
More finger pointing here.
You say that like it's a bad thing. I'm pointing fingers at the company
that has a long history of selling software with shoddy security
(including releasing newer versions with restored vulnerabilities that
were found and fixed years earlier),
On Jun 9, 2010, at 11:05 PM, JC Dill wrote:
Owen DeLong wrote:
Software has been out of control for a long time and I hope that the gov't
will start by ruling the not responsible for our negligence or the damage
it causes clauses of software licenses invalid.
The beauty of my
On 6/9/10 2:56 PM, Owen DeLong wrote:
On Jun 9, 2010, at 8:26 AM, Brielle Bruns wrote:
On 6/9/10 6:27 AM, Jorge Amodio wrote:
Going back then to a previous question, do we want more/any
regulation ?
Laws and regulation exist because people can't behave civilly and
be expected to respect
On Thu, Jun 10, 2010 at 4:22 AM, Jorge Amodio jmamo...@gmail.com wrote:
Cyber Threats Yes, But Is It Cyber War?
http://www.circleid.com/posts/20100609_cyber_threats_yes_but_is_it_cyberwar/
-J
Cyber war is something made up by the security industry to save it from going
bankrupt because the
On Wed, Jun 09, 2010 at 16:44:38PM -0400, Barry Shein wrote:
MAYBE IF [please read thru before replying because I probably cover
most knee-jerk responses eventually]:
d) Microsoft hadn't ignored all these basic security practices in
operating systems which were completely well understood and
http://www.theatlantic.com/politics/archive/2010/06/homeland-securitys-cyber-bill-would-codify-executive-emergency-powers/57946/
http://tinyurl.com/2gyezyg
--
Somebody should have said:
A democracy is two wolves and a lamb voting on what to have for dinner.
Freedom under a constitutional
Owen DeLong wrote:
Heck, at this point, I'd be OK with it being a regulatory issue.
What entity do you see as having any possibility of effective regulatory
control over the internet?
The reason we have these problems to begin with is because there is no
way for people (or government
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Jun 8, 2010 at 11:11 PM, JC Dill jcdill.li...@gmail.com wrote:
Owen DeLong wrote:
Heck, at this point, I'd be OK with it being a regulatory issue.
What entity do you see as having any possibility of effective regulatory
control over the
On Tue, Jun 08, 2010 at 11:14:10PM -0700, Paul Ferguson wrote:
1. Should ISPs be responsible for abuse from within their customer base?
Yes -- if they wish to be considered at least minimally professional.
The principle is if it comes from your host/network on your watch, it's
your abuse. Given
On Jun 8, 2010, at 11:11 PM, JC Dill wrote:
Owen DeLong wrote:
Heck, at this point, I'd be OK with it being a regulatory issue.
What entity do you see as having any possibility of effective regulatory
control over the internet?
The reason we have these problems to begin with is
On Jun 8, 2010, at 11:14 PM, Paul Ferguson wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
To cut through the noise and non-relevant discussion, let's see if we can
boil this down to a couple of issues:
1. Should ISPs be responsible for abuse from within their customer base?
- Original message -
All that said, the biggest problem is users. Social Engineering is a far
bigger threat than anything in software. And I don't know how we stop that.
Anyone have an idea?
Users will click anything they find 'interesting', can't change that part up
front.
On Jun 8, 2010, at 10:37 PM, Paul Ferguson wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Jun 8, 2010 at 10:22 PM, Owen DeLong o...@delong.com wrote:
Please, be for real -- the criminals go after the entrenched majority.
If it were any other OS, the story would be the
I'm all for that, but, point is that people who fail to meet that standard are
currently getting a free ride. IMHO, they should pay and they should have
the recourse of being (at least partially) reimbursed by their at-fault
software
vendors for contributory negligence.
Great idea. You
Obviously NATO is not concerned with proving the culprit of an attack an
albeit close to impossibility. Considering that many attackers
compromise so many machines, what's to stop someone from instigating. I
can see it coming now:
hping -S 62.128.58.180 -a 62.220.119.62 -p ++21 -w 6000
On Wed, 9 Jun 2010 06:27:08 -0500 (CDT)
Joe Greco jgr...@ns.sol.net wrote:
I'm all for that, but, point is that people who fail to meet that
standard are currently getting a free ride. IMHO, they should pay
and they should have the recourse of being (at least partially)
reimbursed by
On Wed, 09 Jun 2010 00:36:29 EDT, Patrick W. Gilmore said:
But it is not -just- market share. There are a lot more Windows Mobile
compromises, viruses, etc., than iOS, Symbian, and RIM. I think
combined. Yet Windows Mobile has the lowest market share of the four.
I'll just point out that
So? If said end customer is operating a network-connected system without
sufficient knowledge to properly maintain it and prevent it from doing
mischief
to the rest of the network, why should the rest of us subsidize her
negligence?
I don't see where making her pay is a bad thing.
I see
No, but we can and do require cars to have functional brakes and minimum tread
depths, and to be tested periodically.
Obviously this is acceptable because the failure modes for cars are worse, but
the proposed solution is less intrusive being after the fact.
Excuse topposting, on mobile.
Joe
On the other hand think as the Internet being a vast ocean where the
bad guys keep dumping garbage, you can't control or filter the
currents that are constantly changing and you neither can inspect
every water molecule, then what do you do to find and penalize the
ones that drop or permit
I'm all fine with noting that certain products are particularly awful.
However, we have to be aware that users are simply not going to be required
to go get a CompSci degree specializing in risk management and virus
cleansing prior to being allowed to buy a computer. This implies that our
No, but we can and do require cars to have functional brakes and
minimum tread depths, and to be tested periodically.
Obviously this is acceptable because the failure modes for cars
are worse, but the proposed solution is less intrusive being after the fact.
Grandma does not go check her
On Jun 9, 2010, at 5:02 AM, Joe Greco wrote:
So? If said end customer is operating a network-connected system without
sufficient knowledge to properly maintain it and prevent it from doing
mischief
to the rest of the network, why should the rest of us subsidize her
negligence?
I don't
1. Should ISPs be responsible for abuse from within their customer base?
Not sure, ISPs role is just to move packets from A to B, you need to
clearly define what constitutes abuse and how much of it is considered
a crime.
If I call your home every five minutes to harass you over the phone is
On Jun 9, 2010, at 4:27 AM, Joe Greco wrote:
I'm all for that, but, point is that people who fail to meet that standard
are
currently getting a free ride. IMHO, they should pay and they should have
the recourse of being (at least partially) reimbursed by their at-fault
software
vendors
On Wed, 2010-06-09 at 07:02 -0500, Joe Greco wrote:
There is only so much proper security you can expect the average PC user
to do.
Sure - but if their computer, as a result of their ignorance, starts
belching out spam, ISPs should be able at very least to counteract the
problem. For example,
I'm not opposed to making operating systems and applications safer.
As I said, just as with cars, the manufacturers should be held liable
by the consumers. However, the consumer that is operating the
car that plows a group of pedestrians is liable to the pedestrians.
The manufacturer is
On Jun 9, 2010, at 5:28 AM, Joe Greco wrote:
No, but we can and do require cars to have functional brakes and
minimum tread depths, and to be tested periodically.
Obviously this is acceptable because the failure modes for cars
are worse, but the proposed solution is less intrusive being
I'm all fine with noting that certain products are particularly awful.
However, we have to be aware that users are simply not going to be required
to go get a CompSci degree specializing in risk management and virus
cleansing prior to being allowed to buy a computer. This implies that our
Once upon a time, JC Dill jcdill.li...@gmail.com said:
I'm still truly amazed that no one has sic'd a lawyer on Microsoft for
creating an attractive nuisance - an operating system that is too
easily hacked and used to attack innocent victims, and where others have
to pay to clean up after
Once upon a time, Alexander Harrowell a.harrow...@gmail.com said:
No, but we can and do require cars to have functional brakes and minimum
tread depths, and to be tested periodically.
Not in this state.
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet
Once upon a time, Jorge Amodio jmamo...@gmail.com said:
That's why at least in the US by *regulation* you must have insurance
to be able to operate a car, instead of mitigating the safety issues
that represents a teenager texting while driving we deal with the
consequences.
The insurance
On Jun 9, 2010, at 5:02 AM, Joe Greco wrote:
So? If said end customer is operating a network-connected system without
sufficient knowledge to properly maintain it and prevent it from doing
mischief
to the rest of the network, why should the rest of us subsidize her
negligence?
I
On Jun 9, 2010, at 6:09 AM, Chris Adams wrote:
Once upon a time, Jorge Amodio jmamo...@gmail.com said:
That's why at least in the US by *regulation* you must have insurance
to be able to operate a car, instead of mitigating the safety issues
that represents a teenager texting while driving
On Jun 9, 2010, at 4:27 AM, Joe Greco wrote:
I'm all for that, but, point is that people who fail to meet that standard
are
currently getting a free ride. IMHO, they should pay and they should have
the recourse of being (at least partially) reimbursed by their at-fault
software
On Wed, 2010-06-09 at 07:02 -0500, Joe Greco wrote:
There is only so much proper security you can expect the average PC use=
r
to do.
Sure - but if their computer, as a result of their ignorance, starts
belching out spam, ISPs should be able at very least to counteract the
problem. For
On Jun 9, 2010, at 6:17 AM, Joe Greco wrote:
On Jun 9, 2010, at 5:02 AM, Joe Greco wrote:
So? If said end customer is operating a network-connected system without
sufficient knowledge to properly maintain it and prevent it from doing
mischief
to the rest of the network, why should the
Grandma does not go check her tread depth or check her own brake pads and
discs for wear. She lets the shop do that. I was hoping I didn't have to
get pedantic and that people could differentiate between I pay the shop a
few bucks to do that for me and I take responsibility personally to
:I think anyone in their right mind would agree that if a provider see
:criminal activity, they should take action, no?
What a provider should do and what makes sense under the law of the
land are two different things.
:If that also holds true, then why doesn't it happen?
The laws pertaining to
On 6/9/2010 01:11, JC Dill wrote:
Owen DeLong wrote:
Heck, at this point, I'd be OK with it being a regulatory issue.
What entity do you see as having any possibility of effective regulatory
control over the internet?
Doesn't matter as long as it enables radial outbound finger pointing.
On Jun 9, 2010, at 6:50 AM, Joe Greco wrote:
On Wed, 2010-06-09 at 07:02 -0500, Joe Greco wrote:
There is only so much proper security you can expect the average PC use=
r
to do.
Sure - but if their computer, as a result of their ignorance, starts
belching out spam, ISPs should be able
I am pretty sure I saw stats that suggested that old cars that crashed into
new cars did substantially more damage to the new car and its occupants than
an equivalent crash between two new cars, something to do with the old car
not absorbing about half the impact into its own (nonexistent)
On 6/9/2010 01:14, Paul Ferguson wrote:
To cut through the noise and non-relevant discussion, let's see if we can
boil this down to a couple of issues:
If I may offer a few edits and comments .
1. Should ISPs be responsible for abuse from within their customer base?
1. Should ISPs be
Original message
Generally speaking, nobody wants to be the cop that makes that call.
Theoretically an ISP *might* be able to do that, but most are unwilling,
and those of us that do actually play BOFH run the risk of losing
customers to a sewerISP that doesn't.
Our
On 6/9/2010 06:11, Owen DeLong wrote:
On Jun 8, 2010, at 11:11 PM, JC Dill wrote:
Owen DeLong wrote:
Heck, at this point, I'd be OK with it being a regulatory issue.
What entity do you see as having any possibility of effective regulatory
control over the internet?
The reason we
On 6/9/2010 06:14, Owen DeLong wrote:
On Jun 8, 2010, at 11:14 PM, Paul Ferguson wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
To cut through the noise and non-relevant discussion, let's see if we can
boil this down to a couple of issues:
1. Should ISPs be responsible for abuse
On Wed, 2010-06-09 at 08:50 -0500, Joe Greco wrote:
Primarily because the product that they've been given to use is defective
by design.
Indeed. So one approach is to remove the protection such defective
designs currently enjoy.
supposed to play out for the single mom with a latchkey kid?
On 6/9/2010 07:39, Jorge Amodio wrote:
1. Should ISPs be responsible for abuse from within their customer base?
Not sure, ISPs role is just to move packets from A to B, you need to
clearly define what constitutes abuse and how much of it is considered
a crime.
If I call your home every
On 6/9/2010 07:39, Jorge Amodio wrote:
1. Should ISPs be responsible for abuse from within their customer base?
Not sure, ISPs role is just to move packets from A to B, you need to
clearly define what constitutes abuse and how much of it is considered
a crime.
If I call your home every
On 6/9/2010 08:05, Chris Adams wrote:
Once upon a time, JC Dill jcdill.li...@gmail.com said:
I'm still truly amazed that no one has sic'd a lawyer on Microsoft for
creating an attractive nuisance - an operating system that is too
easily hacked and used to attack innocent victims, and where
On 6/9/2010 08:08, Chris Adams wrote:
Once upon a time, Alexander Harrowell a.harrow...@gmail.com said:
No, but we can and do require cars to have functional brakes and minimum
tread depths, and to be tested periodically.
Not in this state.
You might not have the state inspection rip-off,
On 6/9/2010 08:09, Chris Adams wrote:
Once upon a time, Jorge Amodio jmamo...@gmail.com said:
That's why at least in the US by *regulation* you must have insurance
to be able to operate a car, instead of mitigating the safety issues
that represents a teenager texting while driving we deal with
On 6/9/2010 08:21, Joe Greco wrote:
Your car emits lots of greenhouse gases. Just because it's /less/ doesn't
change the fact that the Prius has an ICE. We have a Prius and a HiHy too.
Did Godwin say anything about rand discussions degenerating to
mythologies like gorebull warming?
--
On 6/9/10 6:27 AM, Jorge Amodio wrote:
Going back then to a previous question, do we want more/any regulation ?
Laws and regulation exist because people can't behave civilly and be
expected to respect the rights/boundries/property others.
CAN-SPAM exists because the e-mail marketing
On Wed, Jun 09, 2010, Larry Sheldon wrote:
You might not have the state inspection rip-off, but I'll bet that if
your state accepts federal highway money, you have mechanical condition
standards that include tires, brakes, seat belts and a lot of other things.
.. and a change in the minimum
On 6/9/10 8:43 AM, Michiel Klaver wrote:
Our experiences from the Dutch ISP market indicate otherwise, customers
are more than happy to be informed they might have been infected by a
virus/worm. Most customers are too afraid of loosing valuable documents
due to a file-eating virus for example,
What I don't want to see which you are advocating... I don't want to see
the end users who do take responsibility, drive well designed vehicles
with proper seat belts and safety equipment, stay in their lane, and
do not cause accidents held liable for the actions of others. Why should
we
Yes, it's complex, but, it is the only mechanism the law provides
for the transfer of liability. You can't leap-frog the process and
have the SPAM victims going directly after LatchKeyMom's
OS Vendor because there's no relationship there to provide
a legal link of liability.
This leads to
On 6/9/2010 10:58, Owen DeLong wrote:
What happened to the acronyms AUP and TOS?
I'm not sure what you mean by that. I'm talking about an ISPs liability to
third party victims, not to their customers.
Acceptable Use Policy and Terms of Service
AUP/TOS are between the ISP and their
Larry Sheldon wrote:
On 6/9/2010 10:58, Owen DeLong wrote:
What happened to the acronyms AUP and TOS?
I'm not sure what you mean by that. I'm talking about an ISPs liability to
third party victims, not to their customers.
Acceptable Use Policy and Terms of Service
--=-sFVAwQY0p26r8nFOk9Ww
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
On Wed, 2010-06-09 at 08:50 -0500, Joe Greco wrote:
Primarily because the product that they've been given to use is defective
by design.
Indeed. So one approach is to remove the protection
d...@bungi.com (Dave Rand) writes:
...
With more than 100,000,000 compromised computers out there, it's really
time for us to step up to the plate, and make this happen.
+1.
--
Paul Vixie
KI6YSY
What I don't want to see which you are advocating... I don't want to see
the end users who do take responsibility, drive well designed vehicles
with proper seat belts and safety equipment, stay in their lane, and
do not cause accidents held liable for the actions of others. Why should
we
On 6/9/2010 12:17, Joe Greco wrote:
What I don't want to see which you are advocating... I don't want to see
the end users who do take responsibility, drive well designed vehicles
with proper seat belts and safety equipment, stay in their lane, and
do not cause accidents held liable for the
You buy a car and as you're driving along a message comes into the
dashboard: Car Update needed, to fix A/C you ignore it. Don't update
it who cares, you're driving smoothly. Another alert comes into the car
dashboard: Critical alert, your breaks need this patch... You ignore
it and drive
So, just so we're clear here, I go to Best Buy, I buy a computer, I
bring it home, plug it into my cablemodem, and am instantly Pwned by
the non-updated Windows version on the drive plus the incessant cable
modem scanning, resulting in a bot infection... therefore I am
negligent?
On Wed, 09 Jun 2010 12:32:54 CDT, Larry Sheldon said:
On 6/9/2010 12:17, Joe Greco wrote:
So, just so we're clear here, I go to Best Buy, I buy a computer, I
bring it home, plug it into my cablemodem, and am instantly Pwned by
the non-updated Windows version on the drive plus the incessant
Larry Sheldon wrote:
On 6/9/2010 08:05, Chris Adams wrote:
Once upon a time, JC Dill jcdill.li...@gmail.com said:
I'm still truly amazed that no one has sic'd a lawyer on Microsoft for
creating an attractive nuisance - an operating system that is too
easily hacked and used to attack
Larry Sheldon wrote:
On 6/9/2010 01:11, JC Dill wrote:
Owen DeLong wrote:
Heck, at this point, I'd be OK with it being a regulatory issue.
What entity do you see as having any possibility of effective regulatory
control over the internet?
Doesn't matter as long as it
Jorge Amodio wrote:
Unfortunately in the software industry you get (when you do, not
always) the alert and the patch after the fact, ie the exploit has
been already out there and your machine may probably have been already
compromised.
I never seen any operating system coming with a sign
On 6/9/2010 13:35, JC Dill wrote:
IMHO it is impossible to regulate the internet as a whole.
Exactly so.
That is precisely why you don't want somebody else to attempt it.
The only hope is for everybody to take personal responsibility for their
little piece of it.
--
Somebody should have
The original article is FUD. The Times newspaper is historically known as MI5,
MI6's newspaper of choice.
Andrew
http://sites.google.com/site/n3td3v/
On 6/9/2010 1:43 PM, Larry Sheldon wrote:
On 6/9/2010 13:35, JC Dill wrote:
IMHO it is impossible to regulate the internet as a whole.
Exactly so.
That is precisely why you don't want somebody else to attempt it.
The only hope is for everybody to take personal responsibility for their
On Wed, 2010-06-09 at 12:08 -0500, Joe Greco wrote:
That's not going to happen (but I'll be happy to be proven wrong).
Oh, there are so many things that are not going to happen, aren't
there? And because of that we shouldn't even bother suggesting
regulation as a solution to anything because the
On 6/9/2010 14:37, Karl Auer wrote:
[good stuff]
Try thinking about what *could* happen rather than what *can't* happen.
Even better: Think here is what I can do. And then do it.
--
Somebody should have said:
A democracy is two wolves and a lamb voting on what to have for dinner.
Freedom
On June 8, 2010 at 21:05 fergdawgs...@gmail.com (Paul Ferguson) wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Jun 8, 2010 at 8:59 PM, JC Dill jcdill.li...@gmail.com wrote:
I'm still truly amazed that no one has sic'd a lawyer on Microsoft for
creating an
On Jun 9, 2010, at 8:26 AM, Brielle Bruns wrote:
On 6/9/10 6:27 AM, Jorge Amodio wrote:
Going back then to a previous question, do we want more/any regulation ?
Laws and regulation exist because people can't behave civilly and be expected
to respect the rights/boundries/property others.
On June 9, 2010 at 07:39 jmamo...@gmail.com (Jorge Amodio) wrote:
1. Should ISPs be responsible for abuse from within their customer base?
Not sure, ISPs role is just to move packets from A to B, you need to
clearly define what constitutes abuse and how much of it is considered
a
On 6/9/2010 15:56, Owen DeLong wrote:
On Jun 9, 2010, at 8:26 AM, Brielle Bruns wrote:
On 6/9/10 6:27 AM, Jorge Amodio wrote:
Going back then to a previous question, do we want more/any regulation ?
Laws and regulation exist because people can't behave civilly and be
expected to respect
Again, apples and oranges to a degree. Car owners don't receive a use
at your own risk disclaimer either. Yet some Toyota owners faced
horrifying instances of subpar prechecks. GM recalled a million or so
cars and the list will always go on and on. Mistakes happen period and
when mistakes
On Jun 9, 2010, at 2:05 PM, Larry Sheldon wrote:
On 6/9/2010 15:56, Owen DeLong wrote:
On Jun 9, 2010, at 8:26 AM, Brielle Bruns wrote:
On 6/9/10 6:27 AM, Jorge Amodio wrote:
Going back then to a previous question, do we want more/any regulation ?
Laws and regulation exist because
Your humor has me roflmao
-henry
From: Paul Vixie vi...@isc.org
To: na...@merit.edu
Sent: Wed, June 9, 2010 10:14:34 AM
Subject: Re: Nato warns of strike against cyber attackers
d...@bungi.com (Dave Rand) writes:
...
With more than 100,000,000 compromised
On Wed, 2010-06-09 at 12:08 -0500, Joe Greco wrote:
That's not going to happen (but I'll be happy to be proven wrong).
Oh, there are so many things that are not going to happen, aren't
there? And because of that we shouldn't even bother suggesting
regulation as a solution to anything
On 6/9/2010 14:37, Karl Auer wrote:
[good stuff]
Try thinking about what *could* happen rather than what *can't* happen.
Even better: Think here is what I can do. And then do it.
Some of us already do:
Implement BCP38
Implement spam scanning for e-mail
Have a responsive abuse desk
On 6/9/2010 18:04, Joe Greco wrote:
On 6/9/2010 14:37, Karl Auer wrote:
[good stuff]
Try thinking about what *could* happen rather than what *can't* happen.
Even better: Think here is what I can do. And then do it.
Some of us already do:
Implement BCP38
Implement spam scanning for
Cyber Threats Yes, But Is It Cyber War?
http://www.circleid.com/posts/20100609_cyber_threats_yes_but_is_it_cyberwar/
-J
Jorge Amodio wrote:
So NANOGer's, what will be the game plan when something like this
happens, will you be joining NATO and pulling fiber. I wonder when all
types of warm-fuzzy filtering will be drafted into networking: Thou
shall re-read RFC4953 lest you want Predator strikes on your NAP
[In the message entitled Re: Nato warns of strike against cyber attackers on
Jun 8, 16:03, J. Oquendo writes:]
All humor aside, I'm curious to know what can anyone truly do at the end
of the day if say a botnet was used to instigate a situation. Surely
someone would have to say something
None of this needs to be done for free. There needs to be a security
fee charged _all_ customers, which would fund the abuse desk.
With more than 100,000,000 compromised computers out there, it's really
time for us to step up to the plate, and make this happen.
Or you should send the bill
Brielle Bruns wrote:
Problem is, there's no financial penalties for providers who ignore
abuse coming from their network.
DNSbl lists work only because after a while, providers can't ignore
their customer complaints and exodus when they dig deep into the
bottom line.
We've got several
On 6/8/2010 15:44, J. Oquendo wrote:
Brielle Bruns wrote:
Problem is, there's no financial penalties for providers who ignore
abuse coming from their network.
DNSbl lists work only because after a while, providers can't ignore
their customer complaints and exodus when they dig deep into the
1 - 100 of 136 matches
Mail list logo
