On Fri, 11 Jun 2004, David Schwartz wrote:
generated by a worm. The ISP had an obligation to stop this traffic with filters or customer disconnection. They may or may not have complied with their obligation. Either way, it's hard to see why the customer should pay for traffic the ISP did not or should not have delivered.
ISP's deliver properly addressed packets to their destination (the return address sometimes isn't checked). Do ISP's have obligation to stop certain packets, based on what? What does your contract say? Did you pay the ISP to provide filters? Did you include a phrase that said the ISP had to give you 30 days notice and reasonable time to cure the breach before the ISP could terminate your service? Did the contract say the ISP would block traffic generated by worms? As people regularly point out, the Internet is a dangerous place. Is it as dangerous as going to a baseball game? BOSTON, Massachusetts (AP) -- A woman who was seriously injured by a foul ball at Fenway Park has no grounds to sue because she assumed a risk by attending the baseball game, a state appeals court ruled. The Red Sox "had no duty to warn the plaintiff of the obvious danger of a foul ball being hit into the stands," the court said Wednesday in blocking Jane Costa's personal injury lawsuit from going to trial. It would be much easier if evil doers followed RFC3514. Determining "intent" from the bits is difficult. If you call a customer up and ask Did you know your computer is generating a lot of network traffic and your bill will be very large; the customer says Ok. What should you do? Assume the customer is an idiot, and even though they said Ok, you should cut off their Internet connection anyway. If your child borrows your credit card, and makes lots of unathorized charges, you may not have to pay more than $50; but the bank can go after your son or daughter for the money. Most parents end up paying, even if they didn't authorize their children to use the credit card. If the bank sends you an ATM or debit card statement, and you fail to report unauthorized transfers on the statement after 60 days you may be responsible for unlimited loss. You can lose a lot of money if you think its other people's responsibility to protect you. You are responsible for reviewing the statement and informing the bank of unauthorized activity; not the bank. Why do so many people ignore their ISP when told about problems with their computer? My computer can't be infected, I have a firewall. Paul Vixie proposed that people should be required to use personal Co-Lo so the co-lo provider has collateral to seize when the customer fails to keep the computer secure. Would customers complain if ISPs started seizing their computers instead of sending them large bills? Should ISP's charge customers cleanup fees to encourage them to keep their computers secure? $10 or $100 or $1,000 per incident? Should it be like points on your Internet driver's license? For the first incident you have to attend 8-hour traffic school, for the second incident in 12 months you have points put on your record and your insurance rates go up. Too many points, and your Internet privileges are revoked.