On Thu, 10 Jun 2004, Sean Donelan wrote: :Did your computer have a power switch? Did you turn it off? Or did you :continue to let it run up the bill? Yes, even the complete computer :novice can stop a computer room. Turn off your computer. If you don't :know how to fix it, take it to a repair store. : :If you leave your lights on, the electric company will send you a bill. :If you leave your faucets running, the water company will send you a bill. :If you leave your computer infected, ??? What the ISP failed to do in this case was protect their infrastructure from being abused by a worm, which would have also infected other customers from this users host. That is to say, the worm caused them an alleged $11,000 loss because they failed to do anything to prevent it, after being made aware of the situation. The ISP (I would say negligently) exposed themselves to absurd financial risk by continuing to provide service to a site which they knew to be abusing their resources. The reality of this situation is that if the bandwidth being used by the ISP was actually costing them $5000, let alone $11,000, it would have been grossly negligent from a financial perspective to allow the worm to continue consuming bandwidth. The other reality is that bandwidth is not valuable enough for the ISP to declare an $11,000 loss unless they had booked the revenue before having some evidence they would recieve it. That is, the ISP's accounting practices should be investigated if they are booking revenue that is effectively theoretical in light of the risks they knowingly accept regarding the odds of actually recieving it. The leaving lights on/faucets running simile is inaccurate, as the burden of risk was acknowledged and borne by the ISP, in not taking steps to protect their infrastructure from loss, they got burned and are sticking the blame wherever they think it will stick. Exploiting someones lack of technological sophistication to assign liability is disingenuous and possibly fraudulent. Maybe the only bandwidth simile that could be appropriate would be to a car in the 1950's, one which was unsafe at any speed. -- James Reid, CISSP