Results 1 to 7 of 7

Thread: Make ISP's liable for viruses

  1. #1
    T̙͓̞̣̯ͦͭͅͅȂͧͭͧ̏̈͏̖̖Z̿ ͆̎̄
    Join Date
    Dec 2004

    Make ISP's liable for viruses

    RSA Europe 2005 ISPs must be made liable for viruses and other bad network traffic, Bruce Schneier, security guru and founder and CTO of Counterpane Internet Security, told The Register yesterday.

    He said: “It’s about externalities – like a chemical company polluting a river – they don’t live downstream and they don’t care what happens. You need regulation to make it bad business for them not to care. You need to raise the cost of doing it wrong.” Schneier said there was a parallel with the success of the environmental movement – protests and court cases made it too expensive to keep polluting and made it better business to be greener.

    Schneier said ISPs should offer consumers “clean pipe” services: “Corporate ISPs do it, why don’t they offer it to my Mum? We’d all be safer and it’s in our interests to pay.

    “This will happen, there’s no other possibility.”

    He said there was no reason why legislators do such a bad job of drafting technology laws. Schneier said short-sighted lobbyists were partly to blame. He said much cyber crime legislation was unnecessary because it should be covered by existing laws – “theft is theft and trespass is still trespass”.
    Bruce Schneier talks cyber law | The Register

  2. #2
    AOs Resident Troll
    Join Date
    Nov 2003

    I did start something a while a go.....


    Where ISPs could block certain traffic...

    I believe rogers is trying this out now up here offering "secure internet" although I do not know all the details....and havent had much time for research lately

    How people treat you is their karma- how you react is yours-Wayne Dyer

  3. #3
    It’s about externalities – like a chemical company polluting a river – they don’t live downstream and they don’t care what happens.
    It's not the same...

    I would argue that ISP's aren't causing any malicious activity. The Chicago Transit Authority wouldn't be held responsible for providing transport to a man that just robbed a bank. ISP's shouldn't be held responsible for one of it's customers spreading malicious traffic... They don't have control over their clients resources.

    It's one of those things I don't agree with, but it's complex and I could probably be convinced otherwise.

  4. #4
    Join Date
    Oct 2002
    That's all fine and dandy, but the cost gets put onto the consumer. Broadband in the US is already too expensive, I don't even want to imagine the added cost of that. I already pay too much for added features I don't want, such as free subscriptions to McAfee, video email and games services. I can't opt out of them for a cheaper bill, but so many people "demanded" them, that now i'm stuck paying for things i can do or get for free anyway. I did opt in to a free McAfee subscription for AV but thats only because it was free anyway.

    Everybody always says force companies to do this, force companies to do that, but all in all it comes out of my pocket. I pay for drug laws to arrest the potheads who are more peaceful than most drunks I've run into. I pay for Social Security thats most likely not going to be there for me when I finally get to reap the benefits of it. I pay for foster children businesses and the DARE program. I pay for alot of things that I get zero benefit from. This is one of those things that I would get zero benefit from.

    I feel a computer virus is alot like a human virus. Sucks to be you. Sorry but I'm sick of getting messed with because of other people. Physical, Digital, Monetary or otherwise.

    Edit - It's one thing to help, it's another to be FORCED to help.

  5. #5
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Button Moon
    Surley the only way an ISP can be held responsible is if it is in their power to stop malicious code from getting passed through its servers but yet do nothing about it. Obviously now-a-days they can do this but yet do not bother, so yeah they should be held atleast partly responsible..... i think.

    (wow, when I started writting this is was trying to say they shouldnt be held responsible, but... it all came out wrong!....... And now I think they should be held responsible! ......... think im spending too much time here!!!!)
    Drugs have taught an entire generation of kids the metric system.


  6. #6
    T̙͓̞̣̯ͦͭͅͅȂͧͭͧ̏̈͏̖̖Z̿ ͆̎̄
    Join Date
    Dec 2004
    Hi Soda,

    I would tend to agree with your statement...and that's how it should work...but...

    I think they're looking at it from the perspective that the ISP is responsible :

    1. to provide a ' secure ' service

    2. in order to provide that ' secure service ' they must ensure against ' malicious traffic on their network '


    3. even though they are ' not ' responsible for the problem...they must ensure that their own system is not being a open road relaying the problem to other systems...

    Your analogy would be better if you were comparing an ISP with the safety of the ' vehicles ' of the Chicago Transit Authority...which they do have the responsibility to keep safe and secure and well-kept for public transportation....the question would then become :
    Does the Chicago Transit Authority have an obligation to it's customers to provide safe vehicles for them to travel on?


  7. #7
    1. to provide a ' secure ' service
    Did they say it was a secure service?

    Does the Chicago Transit Authority have an obligation to it's customers to provide safe vehicles for them to travel on?
    Yes, and if Comcast's network devices were comprimised then they could be held responsible for that. But their equipment isn't in question, is it?

    I started another thread about this topic just now.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts