Schneier: ISPs should bear security burden

Oh, come on Jerry, you're beginning to sound like part
of the problem.

Stop being a knee-jerking crumudgeon for a moment and
thhink about what Schneier is _really_ saying.

Being vague, and obfuscating the issue with vague
answers doesn't do due diligence.

- ferg

I've been there -- I know how I feel about it -- but I'd love
to know how ISP operations folk feel about this.

It means 10 different things to 10 different people. The article was
vague. "Security" could mean blocking a few ports, simple Proxy/NAT,
blocking port 25 (or 139... or 53.. heh heh) or a thousand different
things. There is a market for this, it's called "managed services."
ISPs do this type of thing all the time. And customers pay for it.
Maybe he means "broadband home users". News flash... home users will
get it wherever it's cheap. And cheap means no managed services.

To the author of the article: Should ISPs be *REQUIRED* to do it?
Just try it and see what happens.... try to pass a law and regulate
the internet, I dare you... :slight_smile: (I double-dog-dare you to get the
law makers to understand it first!)

Every security appliance ven-duh on the planet would be in there,
trying to have laws written that would require the use of their own
proprietary solutions to the "problem." (and the proposed problem
would differ depending upon the "solutions" that the particular
ven-duh offered)

Wait a second... this article was FROM security ven-duhs... all
offering solutions to these problems...uh-oh.... this is probably
their first move in getting a law..... step 1) cause a public
outcry....... so it's starting already.

I think we've all seen this act before.........

Some days, the world really annoys me. :frowning: