[Dshield] Blackworm liability with ISPs?

Laura Vance vancel at winfreeacademy.com
Fri Feb 3 23:52:30 GMT 2006

How does it sound like any of those?  Maybe you don't fully understand 
the idea.  If that's the case, then ask for clarification instead of 
saying it's an oppressive governmental organization designed to spy on 

ISP's monitor traffic loads all the time... every day.. 24/7/365.  Do 
they do anything with it?  not unless something is brought to their 
attention.  I'm saying that if their systems detect unusual traffic on 
unusual ports that has known virus payloads, quarantine the user until 
corrective action is taken.  The only difference between the suggestions 
here and the idea on the other thread is that I had an idea about how to 
track those people *and* how to clear their file when the problem is 
corrected.  Nobody else has.  The breaking point of *every* idea on this 
topic has been "the ISP will lose business because everyone will just go 
to a less secure ISP."  Well, with the solution I suggested, that 
wouldn't be a problem.  If you don't get infected, you don't get on the 
list.... simple.

If you think your ISP can't monitor your email right now, you're sadly 
mistaken.  They simply choose not to, because it's not worth their 
time... and with what I suggested, they wouldn't be any more likely than 
they are now to monitor your email.  Exactly how did you get that from 
what I posted?  Not once did I say anything about reading subscriber 
email.  I'm simply talking about traffic patterns of infected machines.  
An infected machine connecting to thousands of computers simultaneously 
with the exact same payload looks a LOT different than a user surfing 
the web... or any human-based use for that matter.

Since you haven't replied to this thread before now, and you didn't 
reply on the Possible Solution thread, I'm going to assume that you're 
just repeating what others said without understanding why they said it 
or even understanding what the difference is.  In case you actually want 
to learn, I'll explain the difference.

In a spy organization, they care about everything you say or do.  With 
this, nobody cares what you do until you mess up.  And a mess up is 
virus activity on your computer.  With the spy organization, when they 
catch you, you go away... for a long long time.  With this, if your 
computer gets infected, you could be back online later that evening if 
you know what happened and can take care of it.  The RIAA wants NOBODY 
to download music... with this, nobody cares.  With all of your 
examples, they are about oppression without provocation.  This solution 
keeps from oppressing until you already mess up.

Look at it this way.  A LOT of people on this list have advocated 
massive scale port blocking for everyone.  To me, *that* is oppressive.  
Taking away my ability to send and receive on a port simply because some 
idiot can't control his computer properly.  I have done nothing wrong, 
but my ports get blocked because others on my ISP are morons... how is 
that not oppressive?  How is that not like AOL/ATF/RIAA/KGB/Gastapo?

AOL protects its users from full Internet access.... all of its users.  
I want the Internet to be open... fully open for those of us that know 
how to manage our computers and networks.  Again, my idea is the exact 
opposite of oppresive.  In fact, it's true Internet freedom... the only 
time you get dinged is if you get infected, and even then you can clean 
it and be back online very shortly.  If you have a problem with your 
name staying in the database after you're clean, then it could easily be 
a system that your name is *removed* when you're clean.... see how easy 
that is to change it?  Personally I'd want a mark next to my name that 
said I'd been trained... that way the ISP might treat me like a human if 
I ever have to call tech support for whatever reason.

bpennell at coxhealthplans.com wrote:

>Just when I thought that thread was dead.
>Since you're referring to Blackworm in the Subject, I'm assuming you're
>condoning the monitoring of email by my ISP?
>No thanks...   
>Your solution sounds too much like AOL/ATF/RIAA/KGB/Gastapo.
>Brent Pennell
Laura Vance
Systems Engineer
Winfree Academy Charter Schools

More information about the list mailing list