--On Monday, June 14, 2004 17:57 -0500 Adi Linden <adil@adis.on.ca> wrote:
It's not crap. Infected machines are no more the fault of the internet than junkmail in your mailbox is the fault of the post office. There's literally no difference to the model. The post office delivers mail that is addressed to you. They don't care if it's junk mail or not. They deliver it.
So what about little envelopes with white powder? Does the post office still have an obligation to deliver it or should they be concerned about the welfare of their customers? Perhaps they should insist that customers are properly vaccinated....
That depends... Is it an envelope covered in suspicious white powder, or, is it a well sealed envelope that happens to contain a plastic baggy of white powder? If it's the former, then, there is obvious reason, and, this would be equivalent to a malformed IP datagram, which most (all) ISPs will drop. If it's the latter, then, the post office has no legitimate way to know that the envelope contains white powder, nor, does it know what the white powder is. Also, the primary reason/responsibility the post office has in not delivering the white powder on the outside of the envelope is to protect postal employees. Secondarily, the mail may come into contact with other than it's intended target. The post office does not, in my opinion, have an obligation to protect you from mail properly addressed to you.
Point I am making is that the post office is not responsible and/or liable for the content of the packages they deliver. However, if they deliver packages that are obviously visibly dangerous to the recipient they have an obligation to investigate and not deliver the package.
Actually, there is some debate about that. However, there are also strong boundaries on that. The obligation you speak of applies to things that endanger human life. If you send a diskette mailer to someone with the label "Diskette inside contains live computer virus", I bet the post office will probably deliver it. That's every bit as harmful as the packets you're complaining about the ISPs delivering.
Most residential ISPs get paid the same whether the customer spews abuse or not. Their costs go up some when they get abuse complaints and when abuse starts using more bandwidth, so, for the most part, most residential ISPs have no incentive to support abuse, but, not enough incentive to pay to staff an abuse department sufficiently to be truly responsive. Further, most abuse departments don't get enough support from management when the sales and marketing departments come whining about how much revenue that abusing customer produces each month. This is one of the unfortunate realities of a free-market economy. It doesn't always tie profit to doing the right thing, and, it favors short-term thinking over long-term planning.
Who do you suppose pays for the abuse department staff? Those are operational costs passed on to all customers. If increasing abuse results in increasing staff, hopefully eventually, these cost will most likely be passed on to all customer. It would be nice to see per incident billing so only offenders and repeat offenders pay. I doubt that'll happen (just a gut feeling, no other justification).
Right... that's why I support the "abuser pays" model of charging cleanup fees for users that get infected. That's what I'd like to see too. Arguing for ISPs to filter customers arbitrarily, distracts from this. Owen