[80294] in North American Network Operators' Group
Re: Schneier: ISPs should bear security burden
daemon@ATHENA.MIT.EDU (Adi Linden)
Thu Apr 28 10:21:02 2005
Date: Thu, 28 Apr 2005 09:17:53 -0500
From: Adi Linden <adil@adis.on.ca>
To: Iljitsch van Beijnum <iljitsch@muada.com>
Cc: NANOG list <nanog@merit.edu>
In-Reply-To: <C9FB4CB7-4612-4EB3-913E-BDA6A50BADCD@muada.com>
Errors-To: owner-nanog@merit.edu
> And how exactly does that translate to the online world?
It doesn't. There is none or very little punishment for lawlessness and
missbehaviour in the online world.
> Despite the safety and environmental regulations and the fact that
> you have to have a driver's license and insurance (at least here in
> NL), there is no requirement that your locks are industrial strength.
> Or that your car can be locked at all, for that matter.
There is a clear understanding of right and wrong in the general
population. There is law enforcement and meaning full punishment for
crooks and thieves. In the online world I have no recurse against anyone
compromising my computer.
> The fact that a compromised computer doesn't really hurt you all that
> much in the real world is exactly the reason why so many users don't
> care about security. When driving a car they at least have to be
> drunk to reach that level of carelessness.
The fact is that in the online world the abuser is laughing while the
abused is left to clean up the damage. Because a compromised computer
doesn't really hurt most do not even know that they are a victim.
Adi
