Do We Really Want Our ISPs To Protect Us All The Time?

from the what-if-they-protect-us-too-well dept

There’s been an ongoing debate about whether or not protection against things like spam and malware belong at the network level or on the desktop. There are strong arguments for both. At the network level, obviously, it takes the responsibility off of the end-user (who is often the weakest link in all of this) and also makes sure that everything is up-to-date. In fact, many end-users are trying to get out from under the responsibility of safe computing by saying they’d prefer it if their ISPs protected them from spyware. However, in just relying on your ISP, it leads to all sorts of other problems. First off, in an age of laptops and wireless connections, your regular ISP isn’t always how you connect to the internet. So totally relying on your ISP can create other problems when going off network. A second problem is that the user can’t get around blocks if they’re incorrect. For example, I’m currently on a different ISP than usual, and I just tried to send an email to a colleague, but it was rejected because this ISP says it had characteristics of a spam message. In other words, I’m mostly stuck (there are some ways around it, but it’s somewhat involved). The ISP’s attempt to “protect” means that I can’t actually do my work any more.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Do We Really Want Our ISPs To Protect Us All The Time?”

Subscribe: RSS Leave a comment
William C Bonner (profile) says:

Re: Re: ISP Protection and port scanning.

I don’t really want the ISP Protecting me at all. I would like the ability to enter filters at the other end of my dsl link though. That would save me the bandwidth issues over my link, which is probably the most limited part of the internet I’m connected to.

I want any issues related to port blocking be issues that I caused, and not something I have no control over.

Daniel says:

Protection, my rights and knowledge

ISPs protect me, this way they can block my 80, 23, 22, 8080, 25, and so on ports at their router, so they can sell me a service I could run myself.

On the other hand, I have the right to know what’s happening to my connection, and spam is easily filtered, shouldn’t bother anyone anymore. So what if I get 50+ spam messages a day? They all get caught by gmail or any other junk filter nowadays.

The fact is that some people really NEED protection, some people only surf knowing how to open the browser and click links, while me and others care about routers, switches, filters, virus, spyware, protection and security, most people still are “lambs” at the net. So, maybe a profile for users? Initiate, Intermediate, Advanced?! Yeah, yeah, too much work, no ISP will provide that.

Dave (user link) says:

Re: Protection, my rights and knowledge

the easy solution would be to have a tier based ISP system for n00bs intermediate and expert ranked in stars for technicallity 1=low 5=high

n00bs would get a company that protect and block anything and everything that is potentially harmful.

Intermediate is the hard one of the group to maintain these i supose would block only spyware malware and bloatware.

Expert (which i am hoping alot of you are) wouldnt block anything thus leaving it down to the user

Carl Crawley (user link) says:

Look at the otherside of the coin

I’ve just picked this thread up and read a lot of the comments with interest.
My company actually run and maintain a relatively small ISP on the Isle of Wight, UK (12,000 customers) and we come up against this question a hell of a lot.
I can see the arguments for both sides to be honest – you’ve got the ‘tech-savvy’ user who simply wants un-adulterated un-protected Internet access and you’ve got the ‘n00b’ who doesn’t know one end of a keyboard from the other and needs hand-holding through every step of the way.
We actually implement a zero tolerance on our network. We have a number of systems in place, such as RBL’s, Bayesian Spam Filters (which simply tag spam with a ***SPAM*** header) and virus filters which pick up between 1,000 and 1,500 viri per day.
To be honest, the above systems have given us some very good publicity with only 2 complaints in the last 4 years from two ‘noobs’ who wanted to know ‘who was reading their email and deciding it was spam’…. once explained, they went on their merry way.
However, when we get a complaint about a virus infected machine on our network or a trojan on the network, we simply disconnect their service and notify them (requesting they install an AV and disinfect their system)… we operate a three strikes and out rule. Basically, you get reported three different times for spamming/virus/trojan/port scanning etc – and we permanently discontinue service. With only 1 occurance of that ever, we’re pretty pleased with it.
The benefit of doing it this way is that we significantly reduce the amount of email spam that hits our systems (with a negligable amount of false positives / negatives getting through) and tech-savvy users who know what they’re doing (hopefully!) simply get the added benefit of a cleaner network without the worry of being port-scanned etc…
It’s an interesting debate, thats for sure – but I think it’s safe to say that if all ISP’s took responsibility for this stuff, then the problem wouldn’t be half as bad as it currently is.


Don't block anything!

I run a small computer company, in a rural environment. I use port scanners to check clients security. I run a lab where I download and test viruses, including spyware and malware. This helps me and my staff know the truth about these things, and helps us develop our own in house solutions so that we aren’t telling customers that they have to wait unitl X security and antivirus company comes up with a solution. We use various VPNs and remote desktop services, and servers with different port communications to facilitate remote services and servicing. An ISP who blocks anything would really cause some problems. Even if they had packages establised for businesses like mine, there could still be down time if the ISP sets the account up wrong, or takes its time to set up our permissions after the new security policies are put into place.

Pete Austin says:


Mike, I’m sure you’ve already got around the problem but (1) send the text of the email in a zipped attachment, and (2) change ISPs.

Carl, Yours is a good policy so long as you (1) tell people to exactly what you’re doing and (2) deal with reported problems very quickly. It can be hard enough to set up e.g. conferencing software without an ISP blocking random things and e.g virus scanners do produce false positives.

My team has twice threatened legal action because files were being blocked (nothing to do with any company mentioned above). In the first case we were working on a very short deadline and a supplier kept claiming they’d sent an upgrade with bug fixes but nothing arrived. We were sure they were lying (hence the threat), but we found out much later that emails containing the install set were being repeatedly filtered and binned without either the sender or reciever being notified. The second case is too recent to discuss in a public forum.

idknow says:

parental isp psycosis

It’s actually amazing that there is wide-spread agreement regarding “STATIC” ISP “no choice” protectionism.

I am forever telling my that I dont use MicroSoft products on my computer; do not block ports to my computer; I dont need your help protecting my computer – it’s my property and I’ll do what I want tto and with it.

Do they listen? They didnt even tell me what they did, nor did they mention a drop in service fees over a year ago! I’ve been over-paying $16/month since they lowered the prices in 2004! And now it’s the day before 2006

The bill is due and I’m awaiting a copy of the ledger of account activity before paying them for the month.

When we last spoke, I told them that the bill payment would be delayed until I get the ledger

As for “protectionism”, I want, and they should offer both opt-in and opt-out choices. why?

Because users (respectfully) dont know what’s going but, for those I refer to as gurus, do.

I’ve told them to stop blocking my ports, they did for a few days.

well, keep telling them what you want.

Be well, folks.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...