On Wed, May 16, 2001 at 04:08:30PM -0700, Josh Richards wrote:
lock it down! The next several years are going to be interesting. Some ISPs are going to get bitten in the ass as their customers' networks are compromised. This has already happened in some cases but the ISPs are not yet feeling the costs from fixing the situations afterwards. Perhaps when they begin to they'll start working on being more pro-active. Or perhaps they are already feeling it..
What you're going to see, barring intervention from Big Brother in the US, is this: Over the next few years, business customers will begin demanding that their provider have insurance that covers hacker damage, both of the ISP's equipment and of customer equipment that's compromised due to compromised ISP equipment. The insurance companies that offer this will do security surveys (mostly perfunctory) to set premiums. Those ISPs that don't ensure customers are protected will pay huge premiums, which will raise their costs enough that competitors who do the right thing will be able to undercut them. Market forces will take over, and the balance will begin to shift over to ISPs filtering inbound by default, and only opening it up upon request. This will not cause increasing headaches for those of us with clue, however, because we'll know to tell the salesdroid upfront that we're firewalling, and salesdroid will know who to pass that information along to so somebody with clue on his end can give us a couple of quick questions to make sure we're running a config that the insurance company will grok.