HideTechdirt is off for the long weekend! We'll be back with our regular posts tomorrow.
HideTechdirt is off for the long weekend! We'll be back with our regular posts tomorrow.

Lawyer Says ISPs Should Be Legally Liable For Denial Of Service Attacks

from the bad,-bad-ideas dept

For some reason, there are always people who figure that when there's a situation where someone is harmed, you should blame the easiest, or most accessible party, rather than those actually responsible. You see it in things like the lawsuits against YouTube, rather than the person responsible for uploading infringing material. The latest is that a lawyer in the UK is proposing that ISPs should be responsible for denial of service attacks, and that it should be their responsibility to stop them. How? Well, they should just inspect all of the packets to determine whether they're legit or not. Of course, this should set off all different kinds of alarm bells. First, even if you know what the packets are, that doesn't mean you'll be able to spot (or stop) a denial of service attack. What's to say if it's a real attack or you suddenly get a lot of attention from elsewhere on the web driving a lot of traffic? Second, asking ISPs to inspect each and every packet should scare off lots of people who don't want their ISPs inspecting the specific types of traffic on the network, and who find it as a foot in the doorway to ISPs charging different amounts for different kinds of traffic. Finally, as with the network neutrality issue, the more ISPs inspect the traffic, the higher the likelihood that everyone just starts encrypting their traffic to make it so the ISPs can't tell what's traveling across the network. So, really, all this does is add more costs for the ISPs, slow down network traffic and do nothing to stop actual denial of service attacks. But, at least it makes it easier for the lawyers to be able to point to who they can sue.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Rich Kulawiec, 10 Nov 2006 @ 7:19am

    This is not entirely unreasonable

    Back in .arpa days, this is *exactly* how the network was run: every admin was responsible for the packets leaving their network. Too many abusive packets? Your connection gets plugged back in after you fix the problem and explain what you've done to prevent a repeat.

    Making this happen isn't difficult for any intelligent, responsible, competent admin. After all: if others can see the packets ENTERING their network(s), then surely you can see them LEAVING yours -- if only you bother to look.

    And arguably, this is much, MUCH easier now than it was years ago. The tools available for the job are free/open-source, and easily deployed on cheap, commodity hardware. And it's just not that hard to spot the truly egregious problems -- in other words, I'm not expecting admins to spot one isolated ssh attempt....but *thousands* from the same IP, that's a no-brainer. Or huge spam runs -- easily spotted by looking at netflows on routers. And so on.

    And I know that everyone gets nailed from time to time. Goes with the territory. So I don't expect anybody to have a spotless track record -- just to be paying attention, stop most things before they get to an issue, and respond rapidly to external reports of things that they missed.

    I'm not necessarily in favor of enforcing competent network administration via litigation. But I'm certainly in favor of quarantining networks with {systemic, long-term, repeated} issues because there's no reason why the entire rest of the Internet should have to put up with that kind of nonsense. The people running those networks may be cheap, lazy, stupid or possibly on-the-take (spammers and others are known to make payoffs), but I don't really care which it is: the bottom line is that they
    are simply *not good enough* to be allowed the privilege of being on the same Internet with the rest of us.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it

Email This

This feature is only available to registered users. Register or sign in to use it.