[Dshield] Possible solution for ISP (was DShield's public goals)
vancel at winfreeacademy.com
Thu Jan 12 17:19:23 GMT 2006
Ed Truitt wrote:
>This database of 'bad' users sounds a LOT like the TSA's "no fly" list -- and there is some concern about how that is working out (more than concern if you have to undergo a cavity search every time you fly, because you happen to share a name with some maybe-terrorist.). The maintainability problems of this proposed list appear to be similar - who vets the names? How does one ever get off the list?
>-E D Truitt
I mentioned these in the initial suggestion.
First concern is that this one doesn't try to pre-determine if someone
is bad. The TSA tries to determine evil-doers before they do evil.
This suggestion only flags people that have already gotten infected.
Only after either the ISP notices it, or if someone reports that user to
the ISP. It doesn't punish someone for what they *might* do, only for
what they just did.
Second concern is who keeps track of it. All ISP's would enter the
names as they get blocked. It's just a central computer running a
system that ISPs simply log into to add or check names (or some other
uniquely identifiable information). The ISP adds names as they get
infected/blocked, and the ISP can unflag them when they have met the
criteria for removal. Every ISP would have the same ability to do this,
because the list would be available to all ISPs. It could maybe even
track which ISPs users have used... track user migration from ISP to ISP
so the ISP's know what to do to attract more customers... but that's not
the focus of this particular system.
Third concern about how do they get off the list. If you are flagged as
bad or blocked (however the term will be), you take your computer to an
authorized place (or maybe even geeks on call could do it). There would
be specific companies that are authorized to certify that a computer has
been cleaned and an attempt has been made to educate the owner. The
owner then sends this via fax (or postal service) to the ISP, or the
company that repaired it faxes it to the ISP and viola, the user is back
Something that would be good is if once someone has been educated, it
goes on their record as a good mark, and then everyone will know that
Joe Blow has passed training on how to keep his computer safe, so he may
get preferential treatment at future ISPs... but that's getting ahead of
Winfree Academy Charter Schools
More information about the list