North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Schneier: ISPs should bear security burden

  • From: Iljitsch van Beijnum
  • Date: Thu Apr 28 10:09:25 2005

On 28-apr-2005, at 15:53, Adi Linden wrote:

Hey, if you've got customes willing to shell out for that, then more
power to you. However, I'm not (and won't be) one of those customers.
I'm willing to take responsibility for protecting my systems and choosing
what traffic I do and don't want. I don't want someone else doing it
for me.

Hmmm... when you're driving on a public street there is certain safety
equipment you are required to have and use. You're paying more for your
vehicle because of seatbelts, airbags and all the other things that are
supposed to lessen the impact of an accident. Even if you're an expert
driver, you don't have the privilege of not paying for these features.
And how exactly does that translate to the online world?

Despite the safety and environmental regulations and the fact that you have to have a driver's license and insurance (at least here in NL), there is no requirement that your locks are industrial strength. Or that your car can be locked at all, for that matter.

The fact that a compromised computer doesn't really hurt you all that much in the real world is exactly the reason why so many users don't care about security. When driving a car they at least have to be drunk to reach that level of carelessness.