funsec mailing list archives
Re: Good, bad or indifferent?
From: "Thomas Raef" <TRaef () wewatchyourwebsite com>
Date: Mon, 25 Jan 2010 15:38:01 -0600
Right. Is this sounding like "big-brother"? Thomas J. Raef e-Based Security <http://www.ebasedsecurity.com/> "You're either hardened or you're hacked!" We Watch Your Website <http://www.wewatchyourwebsite.com/> "We Watch Your Website - so you don't have to." From: Benjamin Brown [mailto:optikali () gmail com] Sent: Monday, January 25, 2010 3:04 PM To: Dave Dennis Cc: Thomas Raef; funsec Subject: Re: [funsec] Good, bad or indifferent? Ah but the caveat here is that it is a federal mandate brought down on the ISPs leaving them without the option to back down. I am interested in seeing just how the government will choose to enforce/enact such wide-sweeping legislation. On Mon, Jan 25, 2010 at 3:10 PM, Dave Dennis <dmd () speakeasy org> wrote:
On Mon, Jan 25, 2010 at 2:20 PM, Thomas Raef <TRaef () wewatchyourwebsite com>wrote:
http://tech.slashdot.org/story/10/01/25/1458231/Australian-ISPs-To-Disco nnect-Botnet-Zombies?from=rss&utm_source=feedburner&utm_medium=feed&utm_ campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29
Please share your thoughts. Thomas J. Raef
The usual mess of uninformed, speculative, hearsay and panic on /. So. If the IsP is doing captive portal surfing and attempting to provide malware detection/cleaning tools, they have a noble purpose, but could run into interesting legal liability if the idiot home user managed to screw the pooch and make an unbootable system as a result. The logic in the captive portal would possibly need to be bright enough to handle every besotted version of Windows from 95 to present, with all interop of old applications accounted for or at least not a concern. Thats a tall ask. So once they start breaking heretofore "not broken" (as far as the home user is concerned) systems, then what ? Its easily provable the home user PC was infected due to traffic/signature/activity logged, but thats not going to mean anything to the home user if he/she can't boot up and play mafia wars. I think fwiw this is usually where the conversation breaks down in the USA on this subject: To do the home fix the infected PC dance actually takes a little bit more than just malware removal: it takes behavior modification, it takes browser locking down / ad network blocking, it takes somehow coming up with a fix to years of really poor decisions on the part of the user, who presumably is running an old, unpatched, botched registry full of half-uninstalled malware and spyware and various apps, any of which may or may not be able to withstand a thorough clean/replace of some fairly important DLL. So you get them to sign off on this, but their PC is mangled (to them) afterwards, now what. Customer support beat down, loads of posts to various dumbass consumer sites like Consumerist, "My ISP Broke My Computer" and various crying youtubes later, and will the ISP have the balls to stick to their guns? Or will they back down and cave in? I don't see how they can avoid caving in. Most users are monumentally uninformed with regard to spyware / malware, their own risk averse behavior, and what even happened a week ago on the same PC. My .02 -Dave D +------------------------- + Dave Dennis + Seattle, WA + Speakeasy, Inc. + dmd () speakeasy net + http://www.speakeasy.net +------------------------- _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Good, bad or indifferent? Thomas Raef (Jan 25)
- Re: Good, bad or indifferent? Benjamin Brown (Jan 25)
- Re: Good, bad or indifferent? Dave Dennis (Jan 25)
- Re: Good, bad or indifferent? Benjamin Brown (Jan 25)
- Re: Good, bad or indifferent? Benjamin Brown (Jan 25)
- Re: Good, bad or indifferent? Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 25)
- Re: Good, bad or indifferent? Dave Dennis (Jan 25)
- Re: Good, bad or indifferent? Benjamin Brown (Jan 25)
- <Possible follow-ups>
- Re: Good, bad or indifferent? Thomas Raef (Jan 25)
- Re: Good, bad or indifferent? Thomas Raef (Jan 25)
- Re: Good, bad or indifferent? Dave Dennis (Jan 25)
- Re: Good, bad or indifferent? phester (Jan 25)
- Re: Good, bad or indifferent? Dave Dennis (Jan 25)