[funsec] Good, bad or indifferent?

Thomas Raef TRaef at wewatchyourwebsite.com
Mon Jan 25 15:38:01 CST 2010


Right. Is this sounding like "big-brother"?

 

Thomas J. Raef

e-Based Security <http://www.ebasedsecurity.com/> 

"You're either hardened or you're hacked!"

We Watch Your Website <http://www.wewatchyourwebsite.com/> 

"We Watch Your Website - so you don't have to."

 

From: Benjamin Brown [mailto:optikali at gmail.com] 
Sent: Monday, January 25, 2010 3:04 PM
To: Dave Dennis
Cc: Thomas Raef; funsec
Subject: Re: [funsec] Good, bad or indifferent?

 

Ah but the caveat here is that it is a federal mandate brought down on
the ISPs leaving them without the option to back down. I am interested
in seeing just how the government will choose to enforce/enact such
wide-sweeping legislation. 




On Mon, Jan 25, 2010 at 3:10 PM, Dave Dennis <dmd at speakeasy.org> wrote:

> On Mon, Jan 25, 2010 at 2:20 PM, Thomas Raef
> <TRaef at wewatchyourwebsite.com>wrote:
>

> >
http://tech.slashdot.org/story/10/01/25/1458231/Australian-ISPs-To-Disco
nnect-Botnet-Zombies?from=rss&utm_source=feedburner&utm_medium=feed&utm_
campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

> > Please share your thoughts.
> >
> >
> >
> > Thomas J. Raef
> >

The usual mess of uninformed, speculative, hearsay and panic on /.

So.

If the IsP is doing captive portal surfing and attempting to provide
malware
detection/cleaning tools, they have a noble purpose, but could run into
interesting legal liability if the idiot home user managed to screw the
pooch
and make an unbootable system as a result.  The logic in the captive
portal
would possibly need to be bright enough to handle every besotted version
of
Windows from 95 to present, with all interop of old applications
accounted for
or at least not a concern.  Thats a tall ask.  So once they start
breaking
heretofore "not broken" (as far as the home user is concerned) systems,
then
what ?  Its easily provable the home user PC was infected due to
traffic/signature/activity logged, but thats not going to mean anything
to the
home user if he/she can't boot up and play mafia wars.

I think fwiw this is usually where the conversation breaks down in the
USA on
this subject: To do the home fix the infected PC dance actually takes a
little
bit more than just malware removal: it takes behavior modification, it
takes
browser locking down / ad network blocking, it takes somehow coming up
with a
fix to years of really poor decisions on the part of the user, who
presumably is
running an old, unpatched, botched registry full of half-uninstalled
malware and
spyware and various apps, any of which may or may not be able to
withstand a
thorough clean/replace of some fairly important DLL.

So you get them to sign off on this, but their PC is mangled (to them)
afterwards, now what.  Customer support beat down, loads of posts to
various
dumbass consumer sites like Consumerist, "My ISP Broke My Computer" and
various
crying youtubes later, and will the ISP have the balls to stick to their
guns?

Or will they back down and cave in?

I don't see how they can avoid caving in.  Most users are monumentally
uninformed with regard to spyware / malware, their own risk averse
behavior, and
what even happened a week ago on the same PC.


My .02

-Dave D



+-------------------------
+ Dave Dennis
+ Seattle, WA
+ Speakeasy, Inc.
+ dmd at speakeasy.net
+ http://www.speakeasy.net
+-------------------------

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://linuxbox.org/pipermail/funsec/attachments/20100125/e16527da/attachment-0001.htm 


More information about the funsec mailing list