http://www.zdnet.com.au/make-zombie-code-mandatory-govt-report-339304001.htm
"A government report into cybercrime has recommended that internet service providers (ISPs) force customers to use antivirus and firewall software or risk being disconnected.
security
Committee chair Belinda Neal said in her introduction to the 262-page report titled "Hackers, Fraudsters and Botnets: Tackling the Problem of Cyber Crime" that due to the exponential growth of malware and other forms of cybercrime in recent years, "the expectation that end users should or can bear the sole responsibility for their own personal online security is no longer a tenable proposition".
"We need to apply the same energy and commitment given to national security and the protection of critical infrastructure to the cybercrime threats that impact on society more generally," she said."
not sure how they propose to enforce that, instrumentation approaches
that look inside the home gateway have a non-trivial falsh positive rate
and you've got a lot more hosts than ip addresses.
Come on, you aren't thinking gov't-enough.
"BASIC" broadband access will be a SSH/web-only proxy with firewalling/antivirus/etc capability. That whole pesky HTTP/1.0 problem was solved a long time ago. Maybe you don't even get your own IP anymore -- and you have to access your email through their web portal too. This also qualifies you as net-neutral in that everyone gets the same poor service. Only content providers that sign an agreement to be free of virii and malware (with an appropriate "inspection/sanitization" charge will be let through... e.g. Netflix or whomever) -- this way, you aren't being made to differentiate between bits, you are being made to ensure national security.
"BUSINESS" broadband access might give you a real IP, allow you to torrent, but you sign a piece of paper that authorizes them to charge you if you get infected, or better yet, a maintenance plan of a $24.95/month on top of your service to make sure you don't get infected with a remotely managed firewall/router or whatever will meet the definition of the regulation.
This can be solved so fast it'll make your head spin. Build a big proxy "cloud", send everyone 60 days notice once the regulation comes in effect, on day 61 throw the switch. Day 62, collect orders for the upgraded service. *PROFIT*
My only shock is that Washington isn't leading Canberra on this, with an even faster timeline than the one above.
Deepak
You forgot to talk about a tax on all of that too... 
Note the Great Firewall of Australia is slowly going down in flames...
Now, there are two options, fight these type of proposals (resources spent to avoid something and make political enemies) or encourage the proposal by Netherlands and France to put Internet Freedom as a basic right for democracies: http://ambafrance-us.org/spip.php?article1659
</end of politics>
Why not go for the low hanging fruit first? Ask ISPs to provide a
connection with inbound TCP filtered by default and enable inbound TCP
only by customer request.
We'll do that with carrier NATs after free pool depletion anyway...
might as well get started.
-Bill
You forgot to talk about a tax on all of that too... 
Note the Great Firewall of Australia is slowly going down in flames...
The industry has had plenty of entertainment out of the following
two videos in the last two weeks. The first video is of the Minister for
Broadband, Communications and the Digital Economy
Observation: The more someone uses the prefix "cyber", the less they
know what they're talking about.
(glares meaningfully at a coterie of cyberterrorism consultants)
Belinda Neal's committee is in the process of being pilloried by just
about everyone who knows how to spell TCP/IP. The whole thing is a
complete embarrassment: Last year we were all confronted with the spectacle
of her ridiculous clutch of MPs wasting the time of the security experts
invited to testify by quizzing them about movie plot threats. Now we
get a proposal to move "cybersecurity" regulation to ACMA, the same
Government body which licenses spectrum; and controlfreaky suggestions
about mandatory industry codes imposed on ISPs.
It's rampant screaming idiocy, the Dunning-Krueger effect in full motion.
I'd suggest that almost none of it will go anywhere at all, if not for
the fact that Belinda Neal's entire political party seems to share her
mastery of of the issue.
ObNOG: Botnets are bad, n'kay?
- mark
Joel Jaeggli <joelja@bogus.com> writes:
not sure how they propose to enforce that, instrumentation approaches
that look inside the home gateway have a non-trivial falsh positive rate
and you've got a lot more hosts than ip addresses.
Well you force your users to install some software to control that you
have a current anti virus and a firewall in place. This software will
only run for certain versions of Windows and will have quite a lot of
CVE entrys.
I will never get access to such a network. I don't use anti virus and I
don't have a firewall on my Laptop (by default I'm only running sshd and
if I need a (t)ftpd I start it manually).
Jens
