The ISP Security Compromise: Allow, But Alert

from the interesting-solutions dept

Over the years, we’ve had many discussions about what role ISPs should play in the computer security of their customers. On the one side, if ISPs are too stringent (blocking things at the network level, for instance), users get upset that their ISPs are disallowing things that should be allowed. Many users just want bandwidth, and get worried when their ISPs take a more active role. On the other side of things, ISPs who are too free with security issues risk allowing themselves to become a huge target for spammers and others. So far, ISPs have pretty much taken an all or nothing approach. If they notice that someone is causing problems, they tend to cut them off completely, leading to an expensive service call. However, there was one presenter at DEMO that had an interesting idea to deal with this. It was a proxy system that would take data from client side security apps and then alert a user through their browser. So, for example, if the ISP noticed the user was acting as a spam-spewing zombie or had some spyware, the next time the user opened his or her browser, the ISP could present a message explaining the problem and how to solve it. It’s much more efficient than simply cutting the person off. Of course, if such solutions became popular, it seems like only a matter of time before phisher moved on to spoofing the browser-based error messages.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “The ISP Security Compromise: Allow, But Alert”

Subscribe: RSS Leave a comment
Anonymous Coward says:

No Subject Given

The simple solution is to always tell the customer to contact the ISP support line on the pop up screen. Easy enough for tier one support to then walk them to real cleansing sites. Will not stop all of course, but reminders that “ISP ABC” does not send you to links added to billing statements would also help some. Just my opinion.

Anonymous Coward says:

Monitor and allow limited email from infected user

Perhaps one the ISP can control SMAP infections is have a weekly limit of email from each user. Then if this is exceeded – advise the user.t this number is exceeded then tell the user so the user can clear up the situation.

Another step would be to only allow the user a web based Email while infected – with a limit of the
number of outgoing emails. This would limit the outgoing SPAM while letting the user still communicate – the web based eamil might be text only.


Anonymous Coward says:

Cisco kind of already does this:

Cisco kind of has technology like this. It is called Cisco Clean Access.
We have it implemented at the University of California, Irvine. While it doesn’t tell them what virus they have, it enforces network rules such as mandatory windows updates, they must have an anti virus. Not sure I would want an ISP doing this to me, but i’m sure it could be modified

Raul Vaughn (user link) says:

Security Messaging Clarification

Nice write up. A couple of clarifications for your readers.
1. Front Porch uses a non-proxy method to deliver security notifications based on output from IDS/IPS. Proxy’s have lots of problems delivering content. We know, we used a proxy approach for a number of years.
2. Security Messages are branded by service provider, enterprise, university and are served from a secure server. Phishers are not likely to duplicate this approach.


Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...