Legislative proposal sent to my Congressman
Peter Beckman
beckman at angryox.com
Tue Oct 4 01:04:06 UTC 2016
On Mon, 3 Oct 2016, Lyndon Nerenberg wrote:
> The only cure to this will be changing the law so that the directors of the
> companies that ship massively insecure devices like these are personally
> liable for all the financial loss attributed to their products. Bankrupt a
> few companies' board of directors and you'll start seeing things change in a
> hurry.
Manufacturers are global, and their distribution is global. Local,
technical laws are difficult at best to get enacted, much less
consistently and by 190+ countries. And even when technically-minded laws
are implemented (see US Federal and State Do Not Call Lists) they are
problematic and difficult to enforce when abuse may be coming from outside
the US. And the tech usually is far ahead of the legislation.
The common device through which all of these smart devices will pass is
the router. Router manufacturers often build and sell larger big iron
routers to ISPs, or ISPs are buying end-user routers from manufacturers
and reselling to their customers. ISPs are motivated financially to avoid
unwanted and "bad" traffic on their networks.
The global ISP community is in the best position here to pressure their
vendors to implement a standard on end-user routers which protects their
networks from rogue and unsecured devices. The IoT manufacturers will need
to follow standards that the router manufacturers implement to limit the
negative impact of IoT devices if they want their devices on the
network/Internet.
When the standards are available to help protect the ISP networks at the
end of the last mile from unwanted and fraudulently created traffic, and
the ISPs pressure/demand the router manufacturers to implement the
protections, IoT and other device manufacturers will fall in line.
Beckman
---------------------------------------------------------------------------
Peter Beckman Internet Guy
beckman at angryox.com http://www.angryox.com/
---------------------------------------------------------------------------
More information about the NANOG
mailing list