Schneier: ISPs should bear security burden
Steven M. Bellovin
smb at cs.columbia.edu
Wed Apr 27 20:00:02 UTC 2005
In message <ifmcvl.cm0wwg at yourwebmail.com>, "Steve Sobol" writes:
>
>
>And I'd argue that Owen's attitude is appropriate for transit and
>business-class connections[0] - but if you're talking about a consumer ISP,
>that's different. If the Big Four[1] US cable companies followed AOL's lead,
>we'd see a huge drop in malware incidents and zombies.
>
I see your point, and I almost agree -- almost, but not quite, because
there's a very big problem: consumers have very little choice of which
broadband ISP they can subscribe to. As you note, there are very few
cable ISPs, at least one of whom is also a major content owner. The
LEcs are flexing their muscles to get rid of UNE, which may eliminate
DSL options in many places. That will leave consumers with at most two
choices, and the players in that space seem to love walled gardens. Is,
for example, p2p "abuse"? After all, it uses up bandwidth. I worry
about giving too much power to unaccountable monopolists.
--Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb
More information about the NANOG
mailing list