Recommendation in Australia for ISPs to force user security?

Deepak Jain deepak at ai.net
Tue Jun 22 14:17:16 CDT 2010


Come on, you aren't thinking gov't-enough.

"BASIC" broadband access will be a SSH/web-only proxy with firewalling/antivirus/etc capability. That whole pesky HTTP/1.0 problem was solved a long time ago. Maybe you don't even get your own IP anymore -- and you have to access your email through their web portal too. This also qualifies you as net-neutral in that everyone gets the same poor service. Only content providers that sign an agreement to be free of virii and malware (with an appropriate "inspection/sanitization" charge will be let through... e.g. Netflix or whomever) -- this way, you aren't being made to differentiate between bits, you are being made to ensure national security.

"BUSINESS" broadband access might give you a real IP, allow you to torrent, but you sign a piece of paper that authorizes them to charge you if you get infected, or better yet, a maintenance plan of a $24.95/month on top of your service to make sure you don't get infected with a remotely managed firewall/router or whatever will meet the definition of the regulation.

This can be solved so fast it'll make your head spin. Build a big proxy "cloud", send everyone 60 days notice once the regulation comes in effect, on day 61 throw the switch. Day 62, collect orders for the upgraded service. *PROFIT*

My only shock is that Washington isn't leading Canberra on this, with an even faster timeline than the one above.

Deepak

> -----Original Message-----
> From: Joel Jaeggli [mailto:joelja at bogus.com]
> Sent: Tuesday, June 22, 2010 2:58 PM
> To: Gadi Evron
> Cc: nanog at nanog.org
> Subject: Re: Recommendation in Australia for ISPs to force user
> security?
> 
> not sure how they propose to enforce that, instrumentation approaches
> that look inside the home gateway have a non-trivial falsh positive
> rate
> and you've got a lot more hosts than ip addresses.
> 
> On 06/22/2010 11:30 AM, Gadi Evron wrote:
> > http://www.zdnet.com.au/make-zombie-code-mandatory-govt-report-
> 339304001.htm
> >
> >
> > "A government report into cybercrime has recommended that internet
> > service providers (ISPs) force customers to use antivirus and
> firewall
> > software or risk being disconnected.
> > security
> >
> > Committee chair Belinda Neal said in her introduction to the 262-page
> > report titled "Hackers, Fraudsters and Botnets: Tackling the Problem
> of
> > Cyber Crime" that due to the exponential growth of malware and other
> > forms of cybercrime in recent years, "the expectation that end users
> > should or can bear the sole responsibility for their own personal
> online
> > security is no longer a tenable proposition".
> >
> > "We need to apply the same energy and commitment given to national
> > security and the protection of critical infrastructure to the
> cybercrime
> > threats that impact on society more generally," she said."
> >



More information about the NANOG mailing list