Firewall Wizards mailing list archives
Re: Botnets, IRC servers and firewalls?
From: Paul Robertson <proberts () patriot net>
Date: Thu, 5 Feb 2004 10:45:02 -0500 (EST)
On Thu, 5 Feb 2004, Gadi Evron wrote:
> running over people on the sidewalk. The "worst" thing a home user can do > is execute a virus or trojan- and the interface presents that in > essentially the same way as non-active content- that's not really an > end-user problem. Take the execute bit off the place where attachments > normally get saved, and you'd remove a huge percentage of the problems. > We at some point must come to the place where "breaking" 2% of > functionality to save 98% of users is worth doing. > Okay, I didn't intend this as more than a joke, but it evolved to something different.
I know, but it's a partially compelling idea until we analyze it (and to some, even after that.) So I think it's fair to move it from an off-hand irony to a short philosophical debate.
A user that runs an un-protected machine, or anyone for that matter, can be used to DDoS, spam, bounce hackers, commit frauds, etc. Who should be held liable for actions committed from that machine? Is this "the Trojan horse defense" again?
Ultimately the person using the machine to commit the crime should hold liability. Liability is different than responsibility, and I sought to illustrate some of that.
> No, it'd just make a legal mess where a single malicious bad actor could > bring down an ISP. Well than, speaking in the philosophical level, why shouldn't an ISP that allows its users to commit crimes not be "put down" ?
Because the ISP doesn't have a say in who its customers are- while they're not exactly common carriers, I really believe that they should have some common-carrier like protections. (This is a US centric view of what a common carrier is- other countries have come out of the nationalized telecom business late, if at all.) If I wanted to take out a competitor, should I be able to do it with 5 bad actors? This will not be a level playing field.
I exaggerate in this email, please take what I say in context.
I noted the irony in your message, but I think the fact is that we *need* to take responsibility rather than pointing blame, so I used your message to illustrate that. Each message here is read by thousands of people, if we can stimulate some brain cells, perhaps we can come up with answers that aren't the usual complaints... Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts () patriot net which may have no basis whatsoever in fact." probertson () trusecure com Director of Risk Assessment TruSecure Corporation _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Botnets, IRC servers and firewalls?, (continued)
- Re: Botnets, IRC servers and firewalls? Chris Blask (Feb 04)
- Re: Botnets, IRC servers and firewalls? Patrick M. Hausen (Feb 05)
- RE: Botnets, IRC servers and firewalls? Matt Bazan (Feb 04)
- RE: Botnets, IRC servers and firewalls? Marcus J. Ranum (Feb 04)
- Re: Botnets, IRC servers and firewalls? mlh (Feb 04)
- Re: Botnets, IRC servers and firewalls? Gadi Evron (Feb 05)
- Re: Botnets, IRC servers and firewalls? Paul Robertson (Feb 05)
- Re: Botnets, IRC servers and firewalls? Gadi Evron (Feb 05)
- Re: Botnets, IRC servers and firewalls? Paul Robertson (Feb 05)
- Re: Botnets, IRC servers and firewalls? Gadi Evron (Feb 05)
- Re: Botnets, IRC servers and firewalls? Paul Robertson (Feb 05)
- Re: Botnets, IRC servers and firewalls? Marcus J. Ranum (Feb 05)
- Re: Botnets, IRC servers and firewalls? Gwendolynn ferch Elydyr (Feb 05)
- Re: Botnets, IRC servers and firewalls? Gadi Evron (Feb 05)
- Re: Botnets, IRC servers and firewalls? Paul Robertson (Feb 05)
- Re: Botnets, IRC servers and firewalls? Gadi Evron (Feb 05)
- Re: Botnets, IRC servers and firewalls? Paul Robertson (Feb 05)
- Re: Botnets, IRC servers and firewalls? Gadi Evron (Feb 05)
- Re: Botnets, IRC servers and firewalls? mlh (Feb 04)
- Re: Botnets, IRC servers and firewalls? Gadi Evron (Feb 05)
- Re: Botnets, IRC servers and firewalls? Paul Robertson (Feb 05)
- Re: Botnets, IRC servers and firewalls? Gadi Evron (Feb 05)