Do We Really Want Our ISPs To Protect Us All The Time?
from the what-if-they-protect-us-too-well dept
There's been an ongoing debate about whether or not protection against things like spam and malware belong at the network level or on the desktop. There are strong arguments for both. At the network level, obviously, it takes the responsibility off of the end-user (who is often the weakest link in all of this) and also makes sure that everything is up-to-date. In fact, many end-users are trying to get out from under the responsibility of safe computing by saying they'd prefer it if their ISPs protected them from spyware. However, in just relying on your ISP, it leads to all sorts of other problems. First off, in an age of laptops and wireless connections, your regular ISP isn't always how you connect to the internet. So totally relying on your ISP can create other problems when going off network. A second problem is that the user can't get around blocks if they're incorrect. For example, I'm currently on a different ISP than usual, and I just tried to send an email to a colleague, but it was rejected because this ISP says it had characteristics of a spam message. In other words, I'm mostly stuck (there are some ways around it, but it's somewhat involved). The ISP's attempt to "protect" means that I can't actually do my work any more.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
No Subject Given
[ link to this | view in chronology ]
No Subject Given
[ link to this | view in chronology ]
Re: No Subject Given
[ link to this | view in chronology ]
ISP Protection and port scanning.
I want any issues related to port blocking be issues that I caused, and not something I have no control over.
[ link to this | view in chronology ]
Re: No Subject Given
[ link to this | view in chronology ]
No Subject Given
[ link to this | view in chronology ]
Protection, my rights and knowledge
On the other hand, I have the right to know what's happening to my connection, and spam is easily filtered, shouldn't bother anyone anymore. So what if I get 50+ spam messages a day? They all get caught by gmail or any other junk filter nowadays.
The fact is that some people really NEED protection, some people only surf knowing how to open the browser and click links, while me and others care about routers, switches, filters, virus, spyware, protection and security, most people still are "lambs" at the net. So, maybe a profile for users? Initiate, Intermediate, Advanced?! Yeah, yeah, too much work, no ISP will provide that.
[ link to this | view in chronology ]
Re: Protection, my rights and knowledge
n00bs would get a company that protect and block anything and everything that is potentially harmful.
Intermediate is the hard one of the group to maintain these i supose would block only spyware malware and bloatware.
Expert (which i am hoping alot of you are) wouldnt block anything thus leaving it down to the user
[ link to this | view in chronology ]
ISP Protection
[ link to this | view in chronology ]
The problem with leaving security to end users...
[ link to this | view in chronology ]
Look at the otherside of the coin
My company actually run and maintain a relatively small ISP on the Isle of Wight, UK (12,000 customers) and we come up against this question a hell of a lot.
I can see the arguments for both sides to be honest - you've got the 'tech-savvy' user who simply wants un-adulterated un-protected Internet access and you've got the 'n00b' who doesn't know one end of a keyboard from the other and needs hand-holding through every step of the way.
We actually implement a zero tolerance on our network. We have a number of systems in place, such as RBL's, Bayesian Spam Filters (which simply tag spam with a ***SPAM*** header) and virus filters which pick up between 1,000 and 1,500 viri per day.
To be honest, the above systems have given us some very good publicity with only 2 complaints in the last 4 years from two 'noobs' who wanted to know 'who was reading their email and deciding it was spam'.... once explained, they went on their merry way.
However, when we get a complaint about a virus infected machine on our network or a trojan on the network, we simply disconnect their service and notify them (requesting they install an AV and disinfect their system)... we operate a three strikes and out rule. Basically, you get reported three different times for spamming/virus/trojan/port scanning etc - and we permanently discontinue service. With only 1 occurance of that ever, we're pretty pleased with it.
The benefit of doing it this way is that we significantly reduce the amount of email spam that hits our systems (with a negligable amount of false positives / negatives getting through) and tech-savvy users who know what they're doing (hopefully!) simply get the added benefit of a cleaner network without the worry of being port-scanned etc...
It's an interesting debate, thats for sure - but I think it's safe to say that if all ISP's took responsibility for this stuff, then the problem wouldn't be half as bad as it currently is.
[ link to this | view in chronology ]
Don't block anything!
[ link to this | view in chronology ]
Advice
Carl, Yours is a good policy so long as you (1) tell people to exactly what you're doing and (2) deal with reported problems very quickly. It can be hard enough to set up e.g. conferencing software without an ISP blocking random things and e.g virus scanners do produce false positives.
My team has twice threatened legal action because files were being blocked (nothing to do with any company mentioned above). In the first case we were working on a very short deadline and a supplier kept claiming they'd sent an upgrade with bug fixes but nothing arrived. We were sure they were lying (hence the threat), but we found out much later that emails containing the install set were being repeatedly filtered and binned without either the sender or reciever being notified. The second case is too recent to discuss in a public forum.
[ link to this | view in chronology ]
Re: Advice
As mentioned, I'm not using my own ISP right now, because I'm travelling -- so it's not a question of changing ISPs. But, yes, I did figure out a way around the problem.
[ link to this | view in chronology ]
parental isp psycosis
I am forever telling my Adelphia.com that I dont use MicroSoft products on my computer; do not block ports to my computer; I dont need your help protecting my computer - it's my property and I'll do what I want tto and with it.
Do they listen? They didnt even tell me what they did, nor did they mention a drop in service fees over a year ago! I've been over-paying $16/month since they lowered the prices in 2004! And now it's the day before 2006
The bill is due and I'm awaiting a copy of the ledger of account activity before paying them for the month.
When we last spoke, I told them that the bill payment would be delayed until I get the ledger
As for "protectionism", I want, and they should offer both opt-in and opt-out choices. why?
Because users (respectfully) dont know what's going but, for those I refer to as gurus, do.
I've told them to stop blocking my ports, they did for a few days.
well, keep telling them what you want.
Be well, folks.
[ link to this | view in chronology ]