[Dshield] Blackworm liability with ISPs?

Johannes B. Ullrich jullrich at sans.org
Thu Feb 2 12:53:00 GMT 2006

I do agree with Alan's remark that ISPs should face some responsibility
for notifying infected users.

Without any liability like this, an ISP is actually stupid to do
anything if a user is infected. After all, it will only cost money,
force them to raise rates, and in the end the customers will leave to
the cheaper, non-responsible competition. Even if you are "security
conscious", it is hard to figure out what your ISP is doing behind the
scenes and difficult to pick a responsible ISP.

If we would have an established minimum effort an ISP has to provide,
the playing field would be more leveled for a responsible ISP.

That said, it is very much a matter of everybody involved doing their
part. ISPs are just one part of the chain. Users need to respond to
these notifications (or better: not click on the virus in the first
place) and software has to become better in protecting the user.

But right now, everybody is pushing the responsibility to the weakest
link: The user who pays for all of it and is not expected to know
anything in the first place (or do people actually want an Internet
drivers license?)

Johannes Ullrich                        jullrich at sans.org
Chief Research Officer                     (617) 639 5000
PGP Key: https://secure.dshield.org/PGPKEYS

"We use [isc.sans.org] every day to keep on top of
 security at our bank" Matt, Network Administrator.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://www.dshield.org/pipermail/list/attachments/20060202/cbec247f/signature.bin

More information about the list mailing list