Aussie Gov't Decides ISPs Aren't Responsible For Infected Computers 129
c0lo writes "In a sudden outburst of common sense, the Australian senate decided that it is not the government's responsibility to force ISPs to disconnect infected computers from the Internet. Peter Coroneos, chief of the Internet Industry Association, used a car analogy that actually makes sense: 'It would be like forcing car manufacturers to take responsibility for bad drivers.'"
Re:Backing off inappropriately (Score:2, Interesting)
then you would have to let them bundle in an AV product and let all of the 3rd party security vendor's go out of business. One could even argue windows is not so much inherently defective, after all, they have a security alert telling you to have an AV, firewall and account control, and if you don't patch, well, the car company doesn't drive to your house to do repairs, you have to take the vehicle in for service when you get a note, MS sends you a note about a free patch, it's up to you to install it. Your car (to continue to analogy) might not come with winter tyres (or even tyres at all), but they sure expect you to have them when you operate the vehicle, and operating the vehicle without tyres well, sorta works, but it's not really a defect that the car doesn't work properly without them.
I think the broader issue is what to do about security and the generally bad behaviour of computers on a network. Like it or not the ISP's have become the connection between users and anything they can do harm to, so it may be that it falls to them, to in some way compel users to fix their stuff, and provide services to do so. It's that or we need licence repair shops where you can get your computer a 'repair' (security check, something along those lines) with a certificate saying it was safe as of this time. Which seems like a monumentally unnecessary challenge when your ISP probably knows if you have a virus, and can usually walk you through fixing it.
Perhaps once, soon not... (Score:2, Interesting)
> but once they know about it they have multiple ways of fixing the situation and then they are indeed fully in control.
Unfortunately, the fact is that as time goes on, there are more and more components in computers which themselves are programmable (with microcode, for example) yet not easily "format-able" like the magnetic media of a hard disk. Hiding malware in these devices is a hot topic of current research (BIOS-level rootkits, WiFi adapters hosting malware), and could easily become reality for a capable, targeted attack (look at Stuxnet, for example, but imagine what might have been if the industrial controller had been sophisticated enough to have hosted a multihost malware which could spread itself back to "cleaned-up" computers).
I have the feeling that there will be a large gap (because of fear of loss of IP or control, or DMCA-like laws trying to protect copyright) in the tools hardware manufacturers give consumers to "sanitize" possibly infected hardware, and the ability of black hats to use infected hardware to gain more permanent control over infected computers.