Re: Cyberterrorism [was: Re: NSA wiretap, Friday night]

responder <no@xxxxxxxxxxxx> wrote:
I *think* I agree with that. I wonder if it's really needed
tho. Wouldn't someone move from one ISP to another if it was
really bad at their original ISP?

I think that may actually be one of the best arguments in favor
of the need for a statutory requirement. Specifically *if* the
requirement and the implementation is is uniform and identical
at all ISP's, there would be little or no motivation to switch
providers.... If the user is switching providers to avoid
cleaning the machine, the new provider would be required to do
exactly the same thing as the original provider was required to
do.

I hadn't considered the possibility that the "bad" ISPs would be
in higher demand than "good" ones.

WRT the warrantless wiretap, that is an abuse of power because
it clearly seems, and has been judged to be illegal and
unconstitutional in very significant ways. It appears to be
a direct affront to the rule of law and to every citizen. I
don't necessarily feel comfortable with FISA, for example, but
prefer that laws be uniformly and fairly enforced, or else
challenged properly, - rather than ignored. We need to have
our "leaders" show proper respect for laws that are on the
books as well as to the Constitution.

<warrantless sarcasm>
Who cares about the Constitution? After all, "it's just a God
damn piece of paper." Google if you must for the originator of
that quote.
</warrantless sarcasm>

While any authority *might* be abused, I really wonder who
might think they would benefit from abuse of of a "mandatory
disconnect" statute, while simultaneously being in a position
to do so.

If there were an organization that wanted their OS or routers,
whatever, to prevail over others, then they might inject software
to abuse their competition in this regard.

Maybe it's not abuse, but incompetence or ignorance or SOP for
the ISP or OS? For instance, my firewall log software (PSAD)
routinely emails me that a machine where I work constantly
port scans my VPN connected host at my house. I contacted my
company's network support about that and was told by a very
skilled (based on my years of experience with him) person that
they hadn't installed anything odd on that WinXP machine.

It is proper for government to provide for common security
needs, particularly when private sector cannot effectively do
so.

Or will not, or doesn't see any motivation to do so.

Should their be any detection of client machine components
to see if they are have vulnerabilities? For example, if
someone is running a really bad version of IE or Exchange,
should the user be alerted by email that their service will
be restricted (brown out or disconnect) after some number of
minutes or days?

No, I would not think so. The criterion should be that if a
connected machine is compromised, it should be disconnected.
Nothing more is needed or justified.

I think at least an email is needed. Otherwise the ISP is just
letting the time bomb tick.

So, have you written to any members of Congress in your area?
Have you contacted any universities? Maybe you should? How
about an RFC?

Cheers...

--
PLEASE post a SUMMARY of the answer(s) to your question(s)!
Show Windows & Gates to the exit door.
Unless otherwise noted, the statements herein reflect my personal
opinions and not those of any organization with which I may be affiliated.
.

Relevant Pages

  • RE: Quoted Printable in Messages (Subject Changed)
    ... so the originator will know to translate before sending. ... a "Microsoft" thing by the way; it allows other character sets to be ... received on VMSmail. ... Ideally I would get my ISP to reject such messages and prompt the ...
    (comp.os.vms)
  • Re: Mail Attack
    ... the only _real_ information we have is that the spam ... KRNIC is not a ISP but a National Internet Registry similar to APNIC. ... [Admin Contact Information] ... originator of these messages and you can then either persue legal ...
    (RedHat)
  • Re: PB adressing an unique email
    ... Sounds like your ISP is on a "blacklist" most likely for not providing reverse DNS lookup. ... smtp;450 Service unavailable; Sender address blocked using dsn.rfc-ignorant.org; Not supporting null originator (DSN) ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • Re: please do this
    ... This and the previous mail has been reported to the ISP of the ... originator. ... sender, it is spam. ... Rob ...
    (freebsd-questions)
  • Re: Cyberterrorism [was: Re: NSA wiretap, Friday night]
    ... uniform rule to disconnect compromised machines. ... Wouldn't someone move from one ISP to another if it was really bad at ... but only obeying the terms of a statute ... needs the connection open, the ISP can open it through the proxy server. ...
    (comp.os.linux.security)