Are ISP's responsible for worms and viruses

Thu Oct 20 19:15:20 UTC 2005

> Mind you, it would help if some of the anti-abuse groups
> would band together under some umbrella organization that
> ISPs could join. Botnet researchers, SPAM fighters, etc.
> That way there could be some sort of good housekeeping
> seal of approval that ISPs can use to competitive advantage
> in the marketplace. At that point, money starts to talk
> and there is an economic incentive to clean up your act
> and get that "seal".

What would help more would be if people realized that
worms and viruses aren't like crack, they're more like
biological WMD.  As such, it is unlikely to be a
productive solution holding the city where the WMD
are being delivered liable.  That becomes a game
of legal whack-a-mole.  What is needed, instead, is
to hold the companies selling the technology used to
build these WMD liable.  If companies that made
vulnerable OSs were held liable for the damage caused
by those vulnerabilities, you would rapidly see $$
make a BIG difference in the security quality of
OS Software.

Why do we have seat belts in every car manufactured
today?  Because auto makers started getting held
responsible for injuries caused by the failure to
install them.  As much as I think product liability
law, especially in the US, has become insane, the
software industry (where it so far hasn't really
been applied) is one area SCREAMING for this to
happen.

Eliminate (or even significantly reduce) the number
of systems being sold with virus friendly toolkits
and features enabled by default, and, you will go
a long way towards reducing the spam and virus/worm
problem.

Owen

-- 
If it wasn't crypto-signed, it probably didn't come from me.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20051020/c8eb5704/attachment.sig>