[AusNOG] Telstra manipulating DNS to block botnets

Roland Chan roland at chan.id.au
Sun Jun 17 19:01:34 EST 2012


I'd go further than that. The analogy is flawed in many ways, but the
2 most salient are:

- Roadworthiness is not an implicit part of owning a car (at least not
one that's driven on public roads). It's an explicit requirement of
operating a vehicle mandated by law. No such corresponding thing
exists for computers, and given the current state of technology I
believe it would impossible to define and enforce.
- Roadworthiness is the ability of the vehicle to perform when
operated lawfully, and says nothing about the ability of the vehicle
to perform when under attack or used as a weapon. Up to date security
measures on a computer do not provide anywhere near as much confidence
about the protection from compromise as a roadworthiness certificate
does for mechanical reliability of a car.

I'll torture the analogy a bit further though: imagine losing your
licence because your car was stolen and used in an armed robbery.
Flawed again, but I couldn't help myself. I hate analogies and
torturing them gives me pleasure. ;)

I do agree with Damien that a service provider that does not have
explicit T&Cs dealing with this scenario may well end up in trouble,
and a provider that does have these T&Cs will have a significant
customer service issues that will generate immense cost to the
business, to say nothing of the reputational impact.

I don't agree that we're talking about a short term support cost spike
either. Users will be repeatedly compromised, quarantined and calling
in for support.

Quarantine is painful for the customer and the provider, and does not
deliver sufficient long term benefit to the user, the provider or the
Internet at large to balance the cost, at least in my opinion. If
there were cheap, reliable and easily deployable measures a user could
take to secure their computers in the long term I would probably think
differently. Until then, I'm happy with mucking about with DNS to take
a chunk out of the problem (Disclosure: I used to lead the group that
designed all the stuff in the BigPond network that Barrie's been
talking about, including the Interpol filtering).

Roland

On Sun, Jun 17, 2012 at 4:59 PM, Damien Gardner Jnr <rendrag at rendrag.net> wrote:
> On 17/06/2012 3:39 PM, Mark Andrews wrote:
>>
>> If you have a un-roadworth car you get it fixed before you go back on the
>> road. As the owner of the car it is your responsability to get it fixed
>> either by doing the repairs yourself or paying someone to do it for you. It
>> is a implicit part of owning a car. The same should apply to compromised
>> machines. You do the work yourself or you pay someone to do it for you. Can
>> you tell me anyone who buys a machine these days that is not aware that
>> machines get compromised? About the only thing that may not be aware of is
>> that they should be fixing their machines when they get compromised and yes
>> that may be a additional cost. Mark
>
>
> The problem with your analogy there, is that for a decent proportion of
> folk, if their car breaks down, they'll simply go 'well, I can't afford to
> fix it, we'll cancel the rego and let it sit..'.  If ISP's are going to
> force users to get their computer 'fixed', or not have access to the
> internet, then they'll need to be willing to let the user out of whatever
> contract their in, with no break fee, if they cannot afford to fix said
> computer..  Otherwise I can just see them lining up at the TIO's doorstep
> for 'non-provision of services' or the like..
>
> --
> Damien Gardner Jnr
> VK2TDG. Dip EE. GradIEAust
> rendrag at rendrag.net - http://www.rendrag.net/
> --
> We rode on the winds of the rising storm,
>  We ran to the sounds of thunder.
> We danced among the lightning bolts,
>  and tore the world asunder
>



More information about the AusNOG mailing list