** Reply to message from Drew Weaver <drew.weaver@thenap.com> on Mon, 19 Apr 2004 13:42:53 -0400
-- Jeff said --
Patches either need to be of a size that a dialup user doesn't have to be dialed in for 24 hours to download and install them. Or .iso's should be available for ISP's to download, turn into CD's and distribute as appropriate. Wouldn't that be nice for a dialup user - getting Windows Update on a CD-ROM from their ISP?
To which I reply:
It is somewhat unreasonable to think that ISPs should be responsible for the security of its users' systems on a systematic basis.
Responsible? No. Able to assist in maintaining that security (and thus that of the ISP's network)? Yes.
Another reason the idea of a 'CD with updates' most likely wouldn't be effective is because by the time the ISP produced the CD, the user got the CD, and installed it, the patches would most likely not be the most recent available.
I can burn a CD from ISO in about 5 minutes - how about you? I'm talking about XP users who haven't even updated as far as SP1. Win98 users who have never run an update in their life... Win2k users are usually the most patched up that I've seen - because that went into mostly business environments. This would at least get them up to the level of the playing field, where the routine updates are not as much of a hassle. Sure, you'll get the little old ladies and gentlemen who will drop by every month for their service pack fix, but that's just customer service.
Also, do you realize how much the 'average technical school graduate type' makes just from acquaintances who complain that their computers are slow, by simply removing whatever "flavor of the month backdoor spam proxy virus"
Ah, now you are talking about why I happily promote Ad-Aware and Spybot.
I bet a good number of 'tech service calls' that companies such as PC On Call and people who service residences get could've been avoided by patching in a reasonable time period.
And your problem with the local ISP having this stuff available for their users is?
However, awhile ago we tried an idea of sending out E-Mail alerts to our customers whenever a critical update of "Remote execution" or worse was released. We found that most of our users were annoyed by this, a different time we used a network sniffing tool to find a few dozen handfuls of your average home Dial-Up users who were infected with various malicious agents (I.e. Nimda, et cetera) and we actually contacted those users, to let them know and again we were met with more hostility.
You definitely don't have our customers then. Our usually appreciate being told that their systems are screwed up.
From this interesting pattern I would surmise that users want their ISPs to be hands-off unless the problem that they're causing is effecting them directly. End users on the Internet see their connectivity as a right, and not a privilege. I remember when I was 13 (that was only 11 years ago)
Some of ours are like that. Most seem to realize their limitations and are happy to know that at some level we are looking out for them. BTW, for me 13 was many more years ago than that... RTM wasn't even in college yet, I imagine.
and I signed up for my Freenet account at the Columbus Public Library (I believe it was, ? still is? Through OSU), they really made me feel like it was a privilege to be using the Internet, and I honored that.
Dial-up, or using their systems at the library? And you weren't paying for the privilege, at least not directly.
Its just difficult to explain from a professional level what the effects these peoples' behavior (or lack there of) is having on the rest of the community. Think of it like people who drive monster SUV's, they can afford the gas, and the insurance so they don't believe that the harm that these beasts do to our environment matter, because again its their god given right to drive them.
That's a whole 'nuther horse to kill there. -- Jeff Shultz Network Technician Willamette Valley Internet