Re: Schneier: ISPs should bear security burden

[Fergie (Paul Ferguson)]

Oh, come on Jerry, you're beginning to sound like part
of the problem.

Stop being a knee-jerking crumudgeon for a moment and
thhink about what Schneier is _really_ saying.

Being vague, and obfuscating the issue with vague
answers doesn't do due diligence.

- ferg

Jerry Pasker <info@n-connect.net> wrote:

>I've been there -- I know how I feel about it -- but I'd love
>to know how ISP operations folk feel about this.
>


It means 10 different things to 10 different people.  The article was 
vague.  "Security" could mean blocking a few ports, simple Proxy/NAT, 
blocking port 25 (or 139... or 53.. heh heh) or a thousand different 
things.  There is a market for this, it's called "managed services." 
ISPs do this type of thing all the time.  And customers pay for it. 
Maybe he means "broadband home users".  News flash... home users will 
get it wherever it's cheap.  And cheap means no managed services.

To the author of the article:  Should ISPs be *REQUIRED* to do it? 
Just try it and see what happens.... try to pass a law and regulate 
the internet, I dare you... :-)   (I double-dog-dare you to get the 
law makers to understand it first!)

Every security appliance ven-duh on the planet would be in there, 
trying to have laws written that would require the use of their own 
proprietary solutions to the "problem."  (and the proposed problem 
would differ depending upon the "solutions" that the particular 
ven-duh offered)

Wait a second... this article was FROM security ven-duhs... all 
offering solutions to these problems...uh-oh.... this is probably 
their first move in getting a law.....  step 1)  cause a public 
outcry....... so it's starting already.

I think we've all seen this act before.........

Some days, the world really annoys me.  :-(

-Jerry


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg@netzero.net or fergdawg@sbcglobal.net
 ferg's tech blog: http://fergdawg.blogspot.com/