At 12:15 PM -0700 6/13/04, Randy Bush wrote:
tell us, john, when you were at xo and gt&e, how much did you educate your users as to to the perils of running open; how much education and notification did you give them about applying security patches; ...?
Reasonable question.... business customers were indeed asked at installation what they were connecting for mail and web servers, told that a firewall was a good idea and pointing at both online and reference books that could get. I don't know what consumer DSL got, but I imagine it was a lot less. In the pre-GTE-I (i.e. BBN) days, we actually went on-site to help customers with their mail relay and local routing configurations. For consumer connections, this just doesn't scale. The consumer is going to acknowledge/clickthru/sign whatever disclaimer you put in front of them in order to get their high speed access. And as much as ISPs might want to fix the problem, they're not going to require a networking quiz before taking the order.
how is the user going know the brokenness you net vigilantes propose to impose from the brokenness the other miscreants impose?
Nicely put. How about: if their mail and web access works, then its the fault of the net vigilantes and filtered Internet service. If their machine is running 100% on the CPU and rebooting at random after just a few minutes online, then it's those other miscreants... /John