[127009] in North American Network Operators' Group
Re: Nato warns of strike against cyber attackers
daemon@ATHENA.MIT.EDU (Owen DeLong)
Wed Jun 9 16:59:00 2010
From: Owen DeLong <owen@delong.com>
In-Reply-To: <4C0FB295.7030005@2mbit.com>
Date: Wed, 9 Jun 2010 13:56:40 -0700
To: Brielle Bruns <bruns@2mbit.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jun 9, 2010, at 8:26 AM, Brielle Bruns wrote:
> On 6/9/10 6:27 AM, Jorge Amodio wrote:
>> Going back then to a previous question, do we want more/any =
regulation ?
>=20
> Laws and regulation exist because people can't behave civilly and be =
expected to respect the rights/boundries/property others.
>=20
> CAN-SPAM exists because the e-mail marketing business refused to self =
regulate and respect the wishes of consumers/administrators
>=20
Which is good, because it certainly eliminated most of the SPAM. -- NOT!
> FDCPA exists because the debt collectors couldn't resist the =
temptation to harass and intimidate consumers, and behave ethically.
>=20
And of course, it has caused them all to do so, now, right? -- NOT!
>=20
>=20
> It's just a matter of time, and really unavoidable. The thing is, =
these industries have no one to blame but themselves. In all cases, =
these laws/regulation only came into affect AFTER situations got out of =
control.
>=20
Software has been out of control for a long time and I hope that the =
gov't will start by ruling the "not responsible for our negligence or =
the damage it causes" clauses of software licenses invalid. That would =
actually be a major positive step because it would allow consumers to =
sue software manufacturers for their defects and the damages they cause =
leading to a radical change in the nature of how software developers =
approach responsibility for quality in their products. Right now, most =
consumer operating systems are "unsafe at any speed".
> Lately, the courts have been ruling that companies like LimeWire are =
responsible for their products being used for piracy/downloading because =
they knew what was going on, but were turning a blind eye.
>=20
This is a positive step, IMHO, but, now companies like Apple and =
Micr0$0ft need to be held to similar standards.
> Why not apply the same standards to ISPs? If it can be shown that you =
had knowledge of specific abuse coming from your network, but for =
whatever reason, opted to ignore it and turn a blind eye, then you are =
responsible.
>=20
I agree.
> When I see abuse from my network or am made aware of it, I isolate and =
drop on my edge the IPs in question, then investigate and respond. Most =
times, it takes me maybe 10-15 minutes to track down the user =
responsible, shut off their server or host, then terminate their stupid =
self.
>=20
Yep.
> A little bit of effort goes a long way. But, if you refuse to put in =
the effort (I'm looking at you, GoDaddy Abuse Desk), then of course the =
problems won't go away.
>=20
Agreed.
Owen
