Slashdot Mirror
Aussie Gov't Decides ISPs Aren't Responsible For Infected Computers
c0lo writes "In a sudden outburst of common sense, the Australian senate decided that it is not the government's responsibility to force ISPs to disconnect infected computers from the Internet. Peter Coroneos, chief of the Internet Industry Association, used a car analogy that actually makes sense: 'It would be like forcing car manufacturers to take responsibility for bad drivers.'"
It would be more like the government requiring car manufacturers to do something about car theft, since an 'infected computer' is essentially out of the user's control. And yes, the Australian government DOES require all cars to have an immobiliser.
There are 10 kinds of people in this world: those who understand binary, and nine other kinds of people.
'It would be like forcing car manufacturers to take responsibility for bad drivers.'"
No. it would be like making the DMV take responsibility for bad drivers on the highway, because the DMV issues the papers required for drivers to use the road.
The thing comparable "forcing car manufacturers to take responsibility", would be trying to force Dell, HP to take responsibility.
It should probably be noted that car manufacturers can be responsible for drivers going around in defective cars that have a high tendency to malfunction causing an accident unless the driver is an expert professional driver.
So it could make sense to hold Microsoft responsible for an OS with a horrible security record
The Australian Government making a sensible decision? What is this? This isn't why I vote (not that I have a choice).
To extend the metaphor to include iCode, then I guess car manufacturers will be working to help bad drivers and quarantine some of them if needed.
Better would be to say road operators had to remove reckless drivers. Which is arguable more sensible.
Now THAT's what I call service. They're even doing the car analogies for us!
No. It would be like forcing toll road operators to refuse access to cars that are actively spraying oil all over the road surface that have been causing accidents.
Democracy is a sheep and two wolves deciding what to have for lunch. Freedom is a well armed sheep contesting the issue
More like-- I operate a toll road, now I can ignore the robbers who shoot out tires on that road.
It would be like forcing an ISP to take responsibility for a copyright infringer.
In Britian it is necessary to get your car MOT tested every year after it is over three years old. This is to ensure that cars being used on the road aren't a danger to the people driving them or others.
An infected computer is a danger to its users and other people on the internet. It would surely be a good idea to have compulsory 'safety testing' for computers that connect to the internet.
holding car rental companies responsible for damage done by a car leased to a person whom has been repeatedly caught loaning his rental to people with suspended licenses.
When government sights, a few businesses, and universities were the only ones on the internet, misbehaviour was low because sysadmins knew that if users consistently misbehaved on the internet their site might get cutt off.
If AT&T knew that by leasing services to some spammer might get all the rest of their customers cut off, then AT&T would probably cut the guy off themselves.
The government shouldn't be requiring ISPs to disconnect infected computers, no. But ISPs still should be disconnecting infected computers. Not computers that don't run the ISP's anti-virus package, not computers that aren't up-to-date on Windows, but computers that're actively showing the tell-tale signatures of known infections (including spewing spam e-mail). If a computer shows up infected, the user should be warned. If the infection isn't removed fairly soon after, the computer should be disconnected until the user contacts the ISP about solutions.
Think of it like a medical quarantine. We don't quarantine you just because you haven't had your shots. But once you're diagnosed with the actual infectious diseases, you're quarantined until either you get medical treatment and are cured, you get over the infectious stage on your own or you die.
Why, then, is it the government's responsibility to force ISPs to block particular web sites from their services?
Is a telephone provider responsible for drug dealers, pimps and other assorted crooks, who run their business over the providers' telephone lines?
The telephone provider runs a line to your house. What takes place on the other side of the line, inside your house, they have no control over. The same is true for an ISP. They provide an Internet connection to your home. What you hook up to it, is your responsibility . . . and liability.
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
...ISPs being required to disconnnect infected computers.
The analogies are pointless. It comes down to factors such as feasability, harm done, harm prevented and responsibility. An ISP is capable of disconnecting the computers from the internet. Forcing them to do so would prevent harm. So it comes to whether the cure is worse than the disease.
The ISPs make the perfectly reasonable point that the goals can be achieved by self regulation, and this will be much more flexible. On the whole the ISPs are should be in favour of removing infected computers. They're an expensive annoyance.
Given this would be a government issued order, isn't it more like making the government responsible for bad drivers? Kind of like even allowing the government to, say, take someone's license if they're considered a danger to other road users?
Yeah, you're right. Ridiculous.
How does the governement decide whether a computer is infected or not?
Does running a P2P program counts as "infected"?
I understand that to decide whether a computer is infected or not, one would have to store and analyze the network traffic with DPI.
Do you also want the government to close their eyes when they see which websites you browse, and the content of your emails? (which is usually not encrypted)
Finally, does "infected computers" include computers from political oponents, like in China?
I actually had a few jokes to say about this story but I have to admit now that sometimes people on /. make me sick, not because they are bad inside, more because they don't really see anything wrong with totalitarism.
..it looks like we desperately need BadAnalogyGuy
Sometimes good news is good.
(I know, profound)
At least I can start drinking Foster's again to pretend to be "outback"!
Also I found a US winning a robot battle against Australia on the side panel, and robots merit an instant mouse click!
...
On a more enlightened note, I found TFA really shallow and not providing the news in the most ideal way I wanted:
The government accepted response to recommendations that federal, state and territory police forces establish an "e-crime managers group" to improve information-sharing and cross-jurisdiction cooperation, which would fall under the auspices of the Australia and New Zealand Policing Advisory Agency's e-Crime Committee.
So really our collective "uphill battle of common sense" is really just a temporary mitigation to the common sense necessity. (Don't confuse my comment in not being pleased by the article, just I was hoping for a bit more...sometimes the sensationalist Slashdot headlines get to me!?!!)
We should start a new Slashdot and return control to the geeks. It actually wouldn't be that hard to get some users to
It would be more like a robot enter your vehicle through its wide-open windows, jacking into the electric system, manufacturing more robots out of the car material, then sending more robots out to enter other cars with open windows.
Now all someone needs to do is write a virus containing a distributed bit-torrent server that "infects" users machine and there is jack shit they can do the ISP's wont have to be responsible for dealing with it.
Electronic Music Made Using Linux http://soundcloud.com/polyp
It's the operating system, stupid.
Road to hell, good intentions and all that.
Interestingly in cases like this, most only see the "obvious" benefit and stop there. They don't think about how such a system could (and would) be abused or what would be required to implement it (e.g. DPI and other surveillance of your traffic).
1. The Customer's PC is not the property or under control of the ISP
2. The ISP can trivially detect the presence of 'questionable activity' like egress email in the 1000's for a consumer broadband account
3. ISP's can through deep packet inspection (if employed) easily detect the presence of well known computer viruses / exploits both ingress and egress
4. If decided to do so, an ISP can cut off a customer's line or block an IP both automated (based on some pre-defined traffic analysis) or manually due to human inspection
So we've established that assuming that an ISP has a packet inspection system handing customers (not guaranteed) that they can handle dealing with offending PC's if in fact they chose to. The government has said that this is not the responsibility of ISP's to do this, and I fully agree. The responsibility for such an action should not be on a common carrier. The one difference of opinion I have with some is that if I was the government and I wanted to make a better internet for our citizenry, I'd want to knock virus/exploit based customers out of the internet until they've taken the steps necessary to remove the infection and make the PC suitable for healthy internet activity.
In order to accomplish said law, you could:
1. Add government honeypots and detect incoming exploit requests -- If the exploit is detected, then a letter is sent to the ISP requiring take-down until the problem has been cleaned up. Multiple offenses by the same subscriber results in fees? This would put a real financial onus on end users to make sure they're operating their PC's correctly
2. The same as the first idea, but instead of just honeypots, the ISP's can use deep inspection to detect exploits ahead of time. The ISP's aren't required by law to do this, so make a law that they are required to do this, but make the ISP's compensated for doing so so that it isn't directly levied from the customers. The fees charged to the offenders would then help to offset the ongoing costs of the system. Yes, it can be exploited as an copyright enforcement tool or the like, but I'm talking best measures here and assuming that it will only encompass the exploits, etc..
*I'm going to get flamed for this....*
Bye!
Any responsible ISP should be doing this voluntarily anyway. My ISP (Exetel) redirects you to a page telling you that you are infected and telling you how to fix it (and giving links to AV software hosted on their servers). Cars have mandatory yearly inspections or they aren't allowed on the road so Peter Coroneos was just trying to dodge legal liability not talking any kind of sense.
Botnets are a huge organised crime business and any ISP that isn't fighting them is either incompetent or is profiting from botnets (either being paid by the mob or making money selling DDOS protection and the like).
========
CINC, 4th Penguin Legion
The government doesn,t force ISPs to disconect infected computers, but it will MONITOR all the computers, FILTER available content to users, LOG users access, and RESTRICT access, at its own discretion of course! Good to see its not doing anything to stop viruses, and malware and spam. . . . . .
Actually, if you're going to stick with cars, it's like a safety and emissions check in realtime. If your car is spewing excessive pollution or presents a hazard to other drivers (critical safety features like turn signals, head lights, tire treads, etc., missing or malfunctioning) they don't let you go around being a hazard on public roads. It makes sense for ISPs, in a uniquely capable position to detect it, to disconnect systems that are spewing malware and presenting a hazard to other computers on the network.
Mouth breathers generally don't hurt other people wheres an infected computer, quite possibly part of a huge botnet, is not only fully capable of harming others but its intent is to do harm to others. On the lighter side it may be just be spamming a shitload of phishing scams but when fully activated, and there is absolutely no doubt about this, it does indeed become a tool of destruction. What is the target this time? Government systems perhaps? Industrial controls? How about basic infrastructure, like the power grid, banking or transportation???? Get a Effing grip on reality here! Take down the effing puter if it is identified as being harmful.
I know if I saw a person in the act of causing harm, I would try to stop it. In the U.S. there are laws not only protecting citizens who act but also laws that require to act. (there can be a fine line seperating this from vigilanteism so be careful) Above all, a basic tenet of human existence is the right to self preservation. BOOM! HEADSHOT TO THE PERPETRATOR! You can try to debate or argue with that but you are attempting to defend the indefensible.
...still using cars, though.
The state provides us with roads to travel on but also polices those roads and removes people that are hazards to others. The ISP provides roads for our internet traffic and should remove users that are hazards to others (spam, viruses, etc).
Sorry, but if you can't manage your PC then you don't get to play Farmville till you get your shit fixed.
For once, I don't think this is a outbreak of common sense... I think that an ISP has responsibility for the traffic it brings to the internet and I think it represents its users. If an ISP allows users to connect to the internet who are screwing it up for everyone else, why should the ISP be allowed to do so? As far as analogies go, a project manager who delivers a project which doesn't meet the requirements is ultimately responsible for the team he or she manages... I'm not against holding the ISP responsible for the overall disruption to the internet its users may bring
> but once they know about it they have multiple ways of fixing the situation and then they are indeed fully in control.
Unfortunately, the fact is that as time goes on, there are more and more components in computers which themselves are programmable (with microcode, for example) yet not easily "format-able" like the magnetic media of a hard disk. Hiding malware in these devices is a hot topic of current research (BIOS-level rootkits, WiFi adapters hosting malware), and could easily become reality for a capable, targeted attack (look at Stuxnet, for example, but imagine what might have been if the industrial controller had been sophisticated enough to have hosted a multihost malware which could spread itself back to "cleaned-up" computers).
I have the feeling that there will be a large gap (because of fear of loss of IP or control, or DMCA-like laws trying to protect copyright) in the tools hardware manufacturers give consumers to "sanitize" possibly infected hardware, and the ability of black hats to use infected hardware to gain more permanent control over infected computers.
It would be like forcing car manufacturers to take responsibility for bad drivers.
No. It would be like forcing gun manufacturers to take responsibility for murderers.
~Loyal
I aim to misbehave.
"But ISPs still should be disconnecting infected computers... Think of it like a medical quarantine" - by Todd Knarr (15451) on Tuesday November 30, @03:04AM (#34385882) Homepage
Per my subject-line - I agree, & that's a great analogy you used: IF my ISP/BSP called me up & said I was showing telltale signs of infestation by "malware-in-general", I'd actually appreciate it (even though it doesn't happen to myself because of this -> http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE )... & I'd want to know about it (it'd surprise me though, because of the security guide I wrote, and yes, use).
APK
P.S.=> Not only out of consideration for myself, but also others (if I was spreading it or even sending spam because of such an infestation etc./et al)... apk
Only geeks support this, because we've been playing with a computer since birth so it wouldn't be a hassle to keep a computer clean. The rest of the world won't be receptive of a blacklist law.
Punishing the victim has never been popular. See how popular TSA is? Whatever the problem is, you start with the criminal. We are far from exhausting all options against spammers. This is purely a zero-cost (to the law makers) law made to fill a resume for re-election. Off the top of my head I can think of all sorts of punishments more effective at stopping spammers and botters.
Let's start lightly.
1) Removal of constitutional rights.
2) Banned use of government facilities. (roads, post office)
3) RIAA style fines automatically garnished from their bank accounts. (Want to access a computer or get food?)
4) Public Beating
5) Private Beating
6) Private Execution
7) Public Execution
8) Predator strikes on their house
I actually think the car analogy is a poor one. That would imply that car manufacturers, or even the dealers, KNEW about bad drivers, and had a way of disabling their automobiles.
ISP's can tell with a fair degree of certainty that a computer they have connected to the network is spewing either spam, or participating in a known 'botnet. They also have a way to contact the user to tell them that something is happening. Also, having an infected computer isn't usually something the user chooses, and they often have no idea of what is going on. That's not to say that we should be making laws that force ISP's to act regardless of the circumstances. That's more like telling someone they can only use a baseball bat to fix a pair of eyeglasses.
On the other hand, this is COMPLETELY different from "bad people" who are doing things like file sharing or downloading stuff, or even using more than their share of Internet bandwidth. Writing laws to force ISPs to become the puppets of the big media monopolies is BAD, BAD, BAD.
Your Servant, B. Baggins
I'm guessing all those nice capitalist non-government-affiliated antivirus companies might just have an idea or two about that.
What? Why on earth would it? We're talking about detecting malware, not enforcing copyright law.
DPI would not necessarily be required. And even if it was, it does not involve storing traffic, just looking inside it as it goes past.
Who said anything about the government seeing this? This is about ISPs doing filtering, not the government. And it would be machines doing the inspection, not humans. Most people are happy with machines seeing the contents of their email, given as how it's impossible to send an email without machines seeing its contents.
Um, what? How the hell did we get from "ISPs monitoring for signs of malware infection" to "Big Brother grinding the faces of political opponents in the dust"?
The "slippery slope" argument is a logical fallacy, Mr Coward.
Ditto, except replace "don't really see anything wrong with" with "appear to be completely incapable of distinguishing between reasonable government activity and".
This ruling basically says that tollbooth attendants are not required to stop drunk drivers from driving drunk.
While I would say that this is true, barring any specific law, I also see that such a law would be a good idea. Governments could easily pass a law that required tollbooth operators to refuse to let drunk drivers get on their highway. Such a law would not be a bad law. I see few reasonable objections to it.
As such, I would state that while without a law, ISP's should not be legally required to stop infected computers from using them, it should be quite easy for a government to pass such a law, and that law would be:
a. Reasonable and proper
b. A good idea
excitingthingstodo.blogspot.com
I've picked pieces from all the analogies given and here's what I believe to be the closest one:
It would be like toll booths taking responsibility for crashes that occur on the toll road.
No, there is no "-1 I'LL NEVER ADMIT BEING WRONG!!!" mod.
The technology for sequestering detected infected clients has been in use for at least a decade.
Universities (some) have plopped (especially) incoming freshmen into a "click here to download your anti-virus update", with NO access to other (normal) internal NOR external resources until the machine comes up clean. It's not 100% effective, but certainly can reduce the problems.
Basically POP3, IMAP4 and HTTP connections are ALL hijacked for the sequestered "user" (RTP could be handled, as well, and all SIPs hijacked unless encrypted, in which case they fail).
The user gets an "INBOX" with ONE message, and a whereever-requested return HTML (or even text/plain) page that explains the problem, gives a phone number (recording) for "further information and support".
If this is rocket-science, we've long colonized Mars.
The idea is to both protect resources and reputation of the ISP, while minimizing "tech support" costs from the most-needy AKA most-ignorant-and-"entitled" users.
Since it's USUALLY Windows users that need such treatment, let's just point to Microsoft's answer:
[supposedly a PDF] http://go.microsoft.com/?linkid=9746317 by Microsoft Senior Vice President of "Trustworthy Computing" Scott Charney. Now, just why "preventing an infected computer from connecting to the Internet, like keeping a leper in a leper colony and away from society," is seemingly always described as "controversial" is beyond me. Maybe because computing "should be trustworthy, and not liable to continued infections".
Yet they are responsible for any illegal or reprehensible content that ends up on computers? Can't play both sides, Aussie Gov.