North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Creating a crystal clear and pure Internet

  • From: Jared Mauch
  • Date: Tue Nov 27 10:07:43 2007

On Tue, Nov 27, 2007 at 09:38:40AM -0500, Sean Donelan wrote:
> 
> 
>  Some people have compared unwanted Internet traffic to water pollution, and 
>  proposed that ISPs should be required to be like water utilities and
>  be responsible for keeping the Internet water crystal clear and pure.
> 
>  Several new projects have started around the world to achieve those goals.
> 
>  ITU anti-botnet initiative
> 
>  http://www.itu.int/ITU-D/cyb/cybersecurity/projects/botnet.html

	I'm not sure how to reconcile two things:

	1) e2e principle -- if someone starts doing some new
proto 66 thing, how do you make sure it's accessible?

	2) protection from unwanted garbage.  I don't really want all
these 404 byte udp/1434 packets anymore but the networks that
originate them don't seem to care or notice they're still infected.

	one persons unsolicated traffic is anothers debgging/research
project.

	I was at a thanksgiving party and made the following postulation:

	Within the next 2 major software releases (Microsoft OS) they're
going to by default require signed binaries.  This will be the only viable
solution to the malware threat.  Other operating systems may follow.
(This was a WAG, based on gut feeling).

	This has some interesting implications and would require Microsoft
to be a bit more small-app friendly, and there'd be a knob to twiddle if
you're a developer and don't want to check signatures, but it's one of the
few ways to resolve the issues IMHO, and cut down on the infections.  So what
if I own you via your browser, unless the malware i push to your host is
signed, it's not gonna run.  Game [closer to] over.

	- Jared

-- 
Jared Mauch  | pgp key available via finger from jared@xxxxxxxxxxxxxxx
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.