Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Australia The Internet Networking Security

Australia Wants ISPs To Protect Customers From Viruses (sophos.com) 104

An anonymous reader quotes Sopho's Naked Security blog: In a column in The West Australian, Dan Tehan, Australia's cybersecurity minister, wrote: "Just as we trust banks to hold our money, just as we trust doctors with our health, in a digital age we need to be able to trust telecommunications companies to protect our information from threats." A companion news article in the same newspaper cited Tehan as arguing that "the onus is on telecommunications companies to develop products to stop their customers being infected with viruses"...

Tehan's government roles include assisting the prime minister on cybersecurity, so folks throughout Australia perked up when he said all this. However, it's not clear if there's an actual plan behind Tehan's observations -- or if there is, whether it will be backed by legal mandates... Back home in Australia, some early reactions to the possibility of any new government interference weren't kind. In iTWire, Sam Varghese said, "Dan Tehan has just provided the country with adequate reasons as to why he should not be allowed anywhere near any post that has anything to do with online security."

The West Australian also reports Australia's prime minister met telecommunications companies this week, "where he delivered the message the Government expected them to do more to shut dodgy sites and scams," saying the government will review current legislation to "remove any roadblocks that may be preventing the private sector and government from delivering such services."
This discussion has been archived. No new comments can be posted.

Australia Wants ISPs To Protect Customers From Viruses

Comments Filter:
  • Ha! Good luck with that!
  • Actually a friend of mine got their internet shut off this week because of an apparent infection. According to their ISP, they have a botnet active. They inquired what's a botnet and how to get rid of it. ISP said it was their problem to fix. My friend then replied they have unlimited data so who cares. After that call, I got a call to fix. Thanx ISP!
    • What do you want them to do?

      Even paving it over isn't guaranteed to work, shit infects your bios and comes back. Free tech support with a consumer ISP contract?

      This is exactly what an ISP should do. They can't protect you from yourself, but they can protect the larger net from zombies. Of course the bot herders will just adapt, might stop some kiddies.

      • by rtb61 ( 674572 )

        You simply bad all simply modem style network devices and replace with full fire wall routers. With the ability to monitor out of normal design bounds traffic and block it off and report it back to the ISP and in turn the end user. The question is whether or not network policing activities should occur. If the individual is attacked for any other crime, the police respond and assist them, the question is then whether that same response is required for a network attack. Right now it is just free for all and

  • In a world... (Score:3, Interesting)

    by freeze128 ( 544774 ) on Sunday April 30, 2017 @12:44PM (#54329383)
    In a world where ISPs filter viruses for you, every user EXPECTS the ISP to do the protecting, and takes no precautions themselves. This leads to lazy netizens who cry foul at ever little thing. Instead, I say protect yourself. Run a firewall. Don't open ports unless you KNOW WHAT THE HELL YOU'RE DOING!
    • by Anonymous Coward

      Nobody wants (tech) savvy citizens: They might question the course of events.

    • Re:In a world... (Score:5, Insightful)

      by blackest_k ( 761565 ) on Sunday April 30, 2017 @01:22PM (#54329563) Homepage Journal

      Hows an isp going to detect a virus without inspecting the content of your incoming data?
      Should we want an isp to snoop on everything we do online?

      Virus protection now thats just an excuse.

      • by MrL0G1C ( 867445 )

        And if ISPs all started doing this then viruses would simply use bog-standard encryption.

      • Hows an isp going to detect a virus without inspecting the content of your incoming data?

        You can analyse the data stream without ever analysing data. Unusual traffic does not mean they are reading the details of every bit. Sure virus writers can hide and obfuscate that traffic, but right now they have no reason to, so they don't. It's a rare botnet that ends up doing something like hiding a command and control server in Tor, and even then they don't encrypt or hide the final payload. They just pretend to be the worlds fastest finger hitting F5 repeatedly on a site in a way no medical condition

    • Installers helpfully open ports for you and even setup port forwarding (insert alphabet soup acronym).

      Apparently, on consumer routers, no credentials are required, it is logged. Completely idiot proof...

    • Yeah, and let's study how cars work and fix them ourselves. Include TV, smart watches and phones, washers and dryers.

      How stupid of consumers to expect the goddam vendor to do shit.

    • In a world where ISPs filter viruses for you,

      NO! The article makes it clear: He said the plan did not amount to web filtering . and he claimed previous efforts to do so had been “ill-advised”.

      While ISPs cannot filter your downloads, there is plenty that can and should be done at the network level, such as detecting outgoing spam and DOS attacks from infected users.

  • Another analogy (Score:5, Insightful)

    by Artem Tashkinov ( 764309 ) on Sunday April 30, 2017 @12:49PM (#54329413) Homepage
    It's akin to asking doctors to protect you from STDs. Technically they can. Practically you wouldn't want that. A doctor in your bedroom. Overseeing every intercourse you have.
    • Re:Another analogy (Score:4, Interesting)

      by sunderland56 ( 621843 ) on Sunday April 30, 2017 @12:58PM (#54329459)

      It's akin to asking the telephone company to protect you from scams. Nice in theory, but impossible to do in practice.

    • Practically you wouldn't want that. A doctor in your bedroom. Overseeing every intercourse you have.

      That would depend if the doctor in question is: 1) female (for me), 2) good looking (IMO), and 3) involved in the activity.

    • While surely not all, a good number of ISPs already provide anti-virus and anti-malware detection. If you use an ISP for email, chances are pretty high that the back end is running anti-spam rules which looks for attachments and strips where a "bad" MD5 sum is found. "bad" meaning it matches malware/virused attachments. They don't need to read the contents, just look for the checksum.

      As a privacy advocate I'm not too uncomfortable with ISPs scanning like this, as anything I would be worried about would b

    • by AmiMoJo ( 196126 )

      It's more like vaccination.

      ISPs usually block port 25, because it gets abused too much. You can't run a web server from it what, residential/dynamic IP ranges are mostly blocked by other servers.

      Doesn't seem unreasonable to block things like IoT malware if it can be done without disrupting other stuff. People with a clue won't be affected because they use VPNs anyway.

    • Practically you wouldn't want that. A doctor in your bedroom. Overseeing every intercourse you have.

      Are you kidding? This is the internet, some people would pay for such a service. ;)

    • Maybe I like an audience.
  • 'Trust', indeed (Score:5, Insightful)

    by Anonymous Coward on Sunday April 30, 2017 @12:52PM (#54329431)
    I don't 'trust' my bank to hold my money. I audit my accounts with them every month to be sure they don't make a 'mistake'.
    I don't 'trust' doctors; I do my own research, especially when they tell me something that I don't think is in my best interests, or that just plain doesn't make sense.
    I don't 'trust' my government, I question what it's doing all the time, and will speak up if I see something unjust, or just plain dumb, being dumb -- because *I* am not dumb.
    I sure as hell don't trust my ISP, or any ISP for that matter, to 'keep me and my computer safe'. ISPs invade our privacy constantly in the name of higher profits for themselves, and because the government wants to collect data on it's citizenry and generally snoop into people's lives.
    It is not, and should not, be the business of ISPs to do this thing. Their role should be to provide connectivity to the Internet for it's customers, and that is ALL they should be in business to do, not to 'censor' anything, 'filter' anything, or anything like that. Just give us a reliable connection and leave it at that!
    • Do you trust the company that produces aluminium foil?

      I'm especially interested in this not trusting a doctor when their advice isn't in your best interest. If it isn't in your interest why did you go to the doctor in the first place? Who else's interest do they have in mind? Don't worry though, David Wolfe has your best interests at heart. He genuinely cares about you, and he needs to as well if you're behind on your vaccinations.

  • if every file had to be scanned for viruses prior to being downloaded/uploaded, that sort of system would make a 56k dialup look fast
  • to build better and more secure operating systems? thats where the problem really is, if the operating systems and their applications used to access the internet were secure then the problem would be solved, asking the ISPs to do this would slow the internet speeds down to a really slow crawl
  • Whether this is supposed to refer to the landmass (unlikely) or the political entity, one particular subset of the idiot-fucks that presume it's their business to force their opinions and values onto millions of other people does not constitute 'Australia'. And why would anyone care about what these notoriously technologically inept parasites opine about this subject?
  • Some ISPs already provide anti-viruses to the customer for an extra fee, like mine does. The only catch it is only windows compatible. I got the feature removed since they were charging me for something I couldn't use.

    As for detecting viruses in an encrypted transport layer, at the ISP, then good luck with that.

  • And once again... (Score:4, Informative)

    by Chris Mattern ( 191822 ) on Sunday April 30, 2017 @03:01PM (#54330009)

    ...Australia's government shows that they don't really get this whole "technology" thing...

    • by quenda ( 644621 )

      ...Australia's government shows that they don't really get this whole "technology" thing...

      Once again, a Slashdot user shows they cannot read past the inaccurate summary.
      While Dan Tehan is a pol-sci major, our current prime minister made his millions in the ISP business and sold out just before the dot-com bubble burst.
      This is not about web or email filtering.

    • The irony of this is the current prime minister used to be the CEO of one of the largest ISPs in the country. Irony so thick you can cut it.

    • by mjwx ( 966435 )

      ...Australia's government shows that they don't really get this whole "technology" thing...

      Australia's current government is what happens when you elect a Conservative based on a fear campaign of the other guy. This is the kind of bollocks the US now has to look forward to.

  • Not only is this an impossible guarantee or a means to charge customers more money for (Godfather voice) "protection," but it just provides a red herring to monitor more than just metadata.
  • It is odd that the Australian government is calling on ISPs to take action against computer malware, when most of the effective actions are in the government's hands. Computer malware is a complex issue. There is no single fix. Instead, we need to systematically value and build up security. Probably, the most important changes that we could implement with our ISPs is to require them to properly handle abuse reports.
    • * ISPs need to properly assess, then quickly forward valid abuse reports to the owners
  • My first internet connection started in Japan in 1994. 100 Mbs fiber since 2000 and never had a virus, never had a data cap, never paid more than about US$ 60/month (now US$ 35/mo.), never had a browser hijack, never had malware, never had to reset a modem, never had less than 3 companies to choose from and only had service go out once and that was because of a massive earthquake 6 years ago.

    Came back to the US and I'm loaded up with hijacks and malware every time I turn on my PC. Have to reset the modem e

  • Look, I'm all for sticking it to clueless politicians, and the original column doesn't commit to any policy of substance, but nevertheless I think the "companion news article" is interpreting it... very creatively.

    The original column:
    https://www.pressreader.com/au... [pressreader.com] (pressreader is paywalled but allows a certain number of free uses per time period)

    I'm annoyed with the current climate of politicians just ignoring the facts and choosing to believe whatever they want, and I'm annoyed by the proliferation of c

  • it's not clear if there's an actual plan behind Tehan's observations

    In other words, there is no news?

  • "where he delivered the message the Government expected them to do more to shut dodgy sites and scams,"

    (A month goes by)

    "I didn't mean shut off access to government sites! >:-( "

Each new user of a new system uncovers a new class of bugs. -- Kernighan

Working...