[Dshield] My Dream ISP

M Cook dshieldlists at versateam.com
Mon Jan 16 15:56:56 GMT 2006

Johannes B. Ullrich wrote:

> If VoIP is supposed to provide "life line" 911 access, the ISP may be
> barred from blocking the connection "no matter what". An if VoIP traffic
> is not easily filtered, they may have no ability to block the user.

Well, the other side of that is, enough zombies on the ISP's network and 
it makes the network inaccessible anyway, or potentially so for the 
"life line" use.

I tend to take a fairly radical approach: there are certain problems on 
the Internet that are like cancer, and they need to be cut out. Botnets 
and zombies meet that criteria. In a human cancer, you don't lightly cut 
out a cancerous eye or tongue. If you are talking about a residential 
customer that is harboring a zombie service and claims to need VOIP to 
keep going, disconnecting them or severely restricting their access may 
not be too great a price to pay.

For electrical utilities, there are supposed to be registries of people 
at home who depend on electrical appliances for breathing or whatever, 
so in the case of power outages they can get priority service (and yes, 
they are supposed to have backup batteries or generators or whatever 
too). The same could work for VOIP emergency or other critical 
Internet-based services. It might cost a bit more, or perhaps the extra 
cost could come from a government accessibility fund. But critical 
services shouldn't be on the low-tier, "best effort" tcp/ip service anyway.

If a household wants their VOIP to be their only phone or needs to have 
a reliable TCP/IP connection for medical telemetry or some other 
critical usage, they might need to sign up for a higher quality service 
or have a couple of options or be placed on a registry. Or if they ask 
for priority repair service from the ISP and it is discovered that the 
problem comes from their not keeping their AV or OS current (as they 
agreed to do in their service contract) then they would need to bear the 
cost of having the things fixed. Our phone companies do that all the 
time: if a service problem is outside the home (that is, on their 
network) they fix it; if the source of the problem is inside the 
subscriber premises, whether it be incompatible equipment or rodents 
nibbling the wire, the phone company may fix it but they do send the 
subscriber a bill, critical service or not.

I guess part of the problem is the economic model. If we assume a 
"public utility universal access priority service" role for the ISP, 
there may be some additional requirements put on them than if they are 
just these guys selling a service. I would push for economic models that 
do put the costs off on consumers, while giving the ISPs self-serving 
business incentives to provide services we're talking about. I'd prefer 
to find "free market" ways of getting the ISPs to take more or quicker 
action to keep the zombies off their net. But if the only business 
models ISPs come up with say that they should ignore crime syndicates 
stealing bandwidth from their customers, they may just find themselves 
looking at government regulations that are more appropriate for a public 
utility than a free market ISP -- and probably regulations that make 
even less sense than some of the ideas tossed around here ... into which 
category I put my own rant, of course. ;-)

More information about the list mailing list