"Default" Internet Service (was: Re: Points on your Internet

Paul Vixie vixie at vix.com
Sun Jun 13 06:05:21 UTC 2004


> >We have methods of dealing with these abuse problems today, unfortanately
> >as Paul Vixie often points out there are business reasons why these
> >problems persist. Often the 'business' reason isn't the tin-foil-
> >hat-brigade's reason so much as 'we can't afford to keep these abuse
> >folks around since they don't make money for the company'.
> 
> I'll argue that we have don't effective methods of dealing with this today,
> and it's not the lack of abuse desk people as much as the philosophy of
> closing barn doors after the fact.   The idea that we can leave everything
> wide open for automated exploit tools, and then clean up afterwards
> manually with labor-intensive efforts is fundamentally flawed.

and i'd agree.  the trouble, when this problem was first isolated, was that
the costs and benefits were assymetric.  the people who needed the added
services (filtering, training, remote OS upgrades/audits/management, etc)
were the ones least able/willing to pay extra for those services.  the folks
who didn't need them have always complained that they have to pay more to
avoid getting them.

now, though, there's an opportunity to do a marketing U-turn on this.  cable
and dsl providers in the USA can point to the national cybersecurity plan and
say that to comply with it they have to put infected computers in cyberjail,
with a fee of $N to get these machines audited, and if found clean, put back
on the net, noting that N doubles every time this process is invoked, and
that a deposit of $(0.5*N) is required as prepayment for the next incident,
refundable after one year if there are no further incidents.  then offer to
remotely manage their host ("give me your root passwords, trust me!") for an
annual fee of $(0.75*N).  if the initial value of N were $500, you might be
able to get the people who need this service to pay for it.  it's worth a try?
-- 
Paul Vixie



More information about the NANOG mailing list