The Federal Trade Commission is serious about making ISPs more responsible for curbing the flood of spam coming from compromised machines. They have issued no edicts, as of yet, though it seems a certaintly they will, eventually. Guidelines for ISPs would be a nice start.
Anyone who has dealt with a compromised machine knows well the problem. And at times it is almost impossible to convince an owner/user that the machine is infected/compromised/owned. It's like telling someone they have a social disease. They simply don't want to believe it and will often go into vehement denial.
I think that before ISPs will feel free to take such measures as cutting off infected machines until they are cleaned up, some protections for the providers will have to be put in place. Some certain percentage of those cut off will go into denial, and straight to an attorney, if the affected ISP is not legally on very firm ground. It will take legislation, and not just an edict from the FTC, to accomplish that. That makes any effective effort by the ISPs seem a remote possibility to me. In matters of technology, our lawmakers have proven themselves to be less than "on the ball".
Some ISPs now take agressive action against compromised machines, whether they are used in spamming or DoS attacks or what have you. But these are in the minority and will continue to be the exception until some legal protections and definitive listing of an ISP's responsibilities comes along.
And we as consumers of services might have to resign ourselves to some price increases for access to finance this. Personally, I'd pay some to [say] cut my spam load in half.
Jack
No comments:
Post a Comment
All comments are moderated.
Note: Only a member of this blog may post a comment.