vixie at isc.org
Thu May 29 19:49:09 CDT 2008
nanog at ian.co.uk (Ian Mason) writes:
> On 27 May 2008, at 16:33, Robert Bonomi wrote:
> > Amazon _might_ 'get a clue' if enough providers walled off the EC2
> > space, and they found difficulty selling cycles to people who couldn't
> > access the machines to set up their compute applications.
> This is a classic example of externalities in the economics of security.
> Currently, any damage caused by Amazon customers costs Amazon little or
> nothing. The costs are borne by the victims of that damage. On the other
> hand mitigating this damage would cause Amazon costs, in engineering and
> lost revenue. So in economic terms they have no incentive to 'do the
> right thing'.
i've heard this called "the chemical polluter business model".
> So to get Amazon to police their customers either requires regulation or
> an external economic pressure. Blocking AWS from folk's mail servers
> would apply some pressure, making areas of the net go dark to AWS would
> apply more pressure faster. A considerable amount of pressure could be
> placed by a big enough money damages lawsuit but that has a feedback
> delay of months to years.
to that end, i don't accept e-mail from any free e-mail provider, including
gmail, nor from most ISP mail servers. all of them face this same
economics decision, and all of them end up spewing quite a bit of spam, and
there's no end in sight. e-mail sourcing doesn't scale. the highest
quality e-mail comes from the smallest communities. EC2 will probably face
some boycotts. i don't think these will change the endgame, whatever it is.
More information about the NANOG