Why won't providers source-filter attacks? Simple.
alter3d at alter3d.ca
Tue Feb 4 23:35:13 UTC 2014
On 2/4/2014 5:00 PM, Mark Andrews wrote:
>> Nope: it's easy to explain; you merely have to be a cynical bastard:
>> Attack traffic takes up bandwidth.
>> Providers sell bandwidth.
>> It *is in their commercial best interest (read: maximizing shareholder
>> value) *NOT* to filter out DOS, DDOS, and spam traffic until their hand is
>> forced -- it's actually their fiduciary duty not to.
> Then the need to be made criminally liable for the damage that it causes.
> Yes, the directors of these companies need to serve gaol time.
That would never fly, because it would put the politicians at odds with
the telecom buddies that make huge political donations. Hard to throw
someone in jail then hit them up for campaign money. What will
probably happen is the same thing we do with everything else that might
be used for evil purposes but where we don't want to tackle the real
underlying problem -- just write a law banning something and hope the
problem goes away.
Make it illegal to posses a device capable of bandwith greater than
33.6Kbps without a special license, and BAM -- no more problems,
overnight. For added political-style points, tack on a catchy moniker,
like "Immoral Bandwidth Prohibition", "The War on DDOS", or
"High-Capacity Digital Assault Bandwidth" to help sell it to the
public. The public will be OK with their funny cat videos taking 19
hours to load if they know they're preventing bad guys from doing
After all, it's worked flawlessly for alcohol, drugs and guns, so it
MUST work for networks... and it's much easier than those silly,
so-called "solutions" y'all are talking about! :p
(P.S. Dear politicians: in case you're reading this, the above was
satire and should not be construed as anything resembling a good idea.)
More information about the NANOG