so, how would you justify giving users security? [was: Re: botted hosts]

[Gadi Evron <ge () linuxbox org>]

> senders and sender-isp's have a long list of things they have to do in order
> to not be compared to toxic polluters (a term i believe michael rathbun coined
> for use in this context, and for which i am thankful.)  don't try to make this
> about right-to-communicate or who-gets-to-decide.

I don't see why not?
Point is, most ISP's today try and sell "security" in the form of a 
shiny new AV suite, maybe a personal firewall.

Anyone ever considered just closing these ports? People will pay you 
more and just for your ACL services! You can put all your troubles 
behind some firewall and forget about 9/8th of the helpdesk calls about:
- My connection is slow!
- My computer is slow!
- Whatever else doesn't work!

Oooh, shiny! More costs savings!

Ooh, shiny, less warez servers, pr0n and what not servers running on 
your bandwidth. Less DDoS coming from you - less bandwidth - more fun! 
More profit!

Then if they (the users) want ports open (oh gosh, a smart luser in the 
bunch!) you can take a bit more money again and make them a customer 
that can pollute.

Why is this such a bad idea? I believe the above suggestions make such 
perfect sense in any reasoning that not going through with getting off 
blacklists and a nutty house of worms is pretty much ludicrous.

Give me a break people.

Most people won't care about their "freedom" if they can do whatever 
they want by asking for it. Most users want Web, Mail and IM. Three 
things. How are any of these guys who could easily get their privileges 
(and your responsibilities) back again even going to guess that some big 
right is being taken away? They have complete freedom and x9000 more 
safety. They can even sign a paper stating exactly that.

So, costs savings on bandwidth and support. Less net abuse. Ouch - less 
demand on AV sales? Run the numbers people.

        Gadi.