Australia Wants ISPs To Protect Customers From Viruses

An anonymous reader quotes Sopho's Naked Security blog: In a column in The West Australian, Dan Tehan, Australia's cybersecurity minister, wrote: "Just as we trust banks to hold our money, just as we trust doctors with our health, in a digital age we need to be able to trust telecommunications companies to protect our information from threats." A companion news article in the same newspaper cited Tehan as arguing that "the onus is on telecommunications companies to develop products to stop their customers being infected with viruses"...

Tehan's government roles include assisting the prime minister on cybersecurity, so folks throughout Australia perked up when he said all this. However, it's not clear if there's an actual plan behind Tehan's observations -- or if there is, whether it will be backed by legal mandates... Back home in Australia, some early reactions to the possibility of any new government interference weren't kind. In iTWire, Sam Varghese said, "Dan Tehan has just provided the country with adequate reasons as to why he should not be allowed anywhere near any post that has anything to do with online security."
The West Australian also reports Australia's prime minister met telecommunications companies this week, "where he delivered the message the Government expected them to do more to shut dodgy sites and scams," saying the government will review current legislation to "remove any roadblocks that may be preventing the private sector and government from delivering such services."

Ha!

[jawtheshark]

Ha! Good luck with that!

Re: Ha!

[dougdonovan]

it sounds like ausi needs a better class of customer...how hard is it really...to keep windows and av updated.

Re:

[troublemaker_23]

Dan Tehan is one of many Australian government ministers who has no clue about technology. http://bit.ly/2pMtFlG [bit.ly]

It certainly works well in the enterprise. Privacy

[raymorris]

Certainly there are privacy issues to be discussed, and there are many questions that can be asked about what exactly should be done and how it should be done. The concept does work quite well. Especially related to botnets.

This is standard procedure in the enterprise. Its 2017, not 1997, and we're far beyond "update your AV and pretend your safe". In enterprises that care at all about security, professionals, preferably security professionals in the SOC, but at least network professionals, use professio

Re:

[dbIII]

needs to be balanced against privacy concerns in how it is implemented.

It's Australia - google "Australia" and "metadata" and you'll see that privacy of citizens is not something that the current Government cares about. One department even decided to "doxx" a critic in the newspapers with confidential information that could have resulted in a jail term for a leaker if it had been released by anyone that doesn't own a police force.
I'm not suggesting you have a bad point, merely that priorities are differen

Re:

[ArmoredDragon]

It sounds like a terrible idea. In work environments, there's a legitimate reason to limit people's access to the internet, i.e. customer data can be at risk (or in the case of where I work, patient data.) But in a home setting, it's just straight up annoying to have your ISP start blocking shit that you may not want to be blocked.

My ISP blocks incoming email and web ports because it's presumed that everyday customers running any servers on those ports are participating in a spam botnet. So that means I can

"Block everything" is stupidly simplistic

[raymorris]

> And if we did what you suggest, it would be a whole lot worse.

I'm not sure what you think I'm suggesting. What I said is in some ways the opposite of what you seem to think I said.

I said the ISP is in a position in monitor the network as a whole and respond to emerging threats, such as botnets currently active on the network or scanning the network. I said the ISP can reasonably have people in the SOC actually responding in real-time as exploits are released and threats become real. That's pretty much

Re:

[sabbede]

One of the reasons it works well in the enterprise is that it's easy to get something whitelisted - I get an email that says , "I need this, but it's blocked" and I unblock it (after checks). Is an ISP going to be as responsive? Would Aussies be able to download SysInternals, or find that PSexec is blacklisted?

Double Ha

[thundercattt]

Actually a friend of mine got their internet shut off this week because of an apparent infection. According to their ISP, they have a botnet active. They inquired what's a botnet and how to get rid of it. ISP said it was their problem to fix. My friend then replied they have unlimited data so who cares. After that call, I got a call to fix. Thanx ISP!

Re:

[HornWumpus]

What do you want them to do?

Even paving it over isn't guaranteed to work, shit infects your bios and comes back. Free tech support with a consumer ISP contract?

This is exactly what an ISP should do. They can't protect you from yourself, but they can protect the larger net from zombies. Of course the bot herders will just adapt, might stop some kiddies.

Re:

[rtb61]

You simply bad all simply modem style network devices and replace with full fire wall routers. With the ability to monitor out of normal design bounds traffic and block it off and report it back to the ISP and in turn the end user. The question is whether or not network policing activities should occur. If the individual is attacked for any other crime, the police respond and assist them, the question is then whether that same response is required for a network attack. Right now it is just free for all and

In a world...

[freeze128]

In a world where ISPs filter viruses for you, every user EXPECTS the ISP to do the protecting, and takes no precautions themselves. This leads to lazy netizens who cry foul at ever little thing. Instead, I say protect yourself. Run a firewall. Don't open ports unless you KNOW WHAT THE HELL YOU'RE DOING!

Deep packet inspection is good for you!

[Anonymous Coward]

Nobody wants (tech) savvy citizens: They might question the course of events.

Re:In a world...

[blackest_k]

Hows an isp going to detect a virus without inspecting the content of your incoming data?
Should we want an isp to snoop on everything we do online?

Virus protection now thats just an excuse.

Re:

[MrL0G1C]

And if ISPs all started doing this then viruses would simply use bog-standard encryption.

Re:

[thegarbz]

Hows an isp going to detect a virus without inspecting the content of your incoming data?

You can analyse the data stream without ever analysing data. Unusual traffic does not mean they are reading the details of every bit. Sure virus writers can hide and obfuscate that traffic, but right now they have no reason to, so they don't. It's a rare botnet that ends up doing something like hiding a command and control server in Tor, and even then they don't encrypt or hide the final payload. They just pretend to be the worlds fastest finger hitting F5 repeatedly on a site in a way no medical condition

Re:

[HornWumpus]

Installers helpfully open ports for you and even setup port forwarding (insert alphabet soup acronym).

Apparently, on consumer routers, no credentials are required, it is logged. Completely idiot proof...

Re:

[CaptainDork]

Yeah, and let's study how cars work and fix them ourselves. Include TV, smart watches and phones, washers and dryers.

How stupid of consumers to expect the goddam vendor to do shit.

Headline and summary are bullshit as usual

[quenda]

In a world where ISPs filter viruses for you,

NO! The article makes it clear: He said the plan did not amount to web filtering . and he claimed previous efforts to do so had been “ill-advised”.

While ISPs cannot filter your downloads, there is plenty that can and should be done at the network level, such as detecting outgoing spam and DOS attacks from infected users.

Another analogy

[Artem S. Tashkinov]

It's akin to asking doctors to protect you from STDs. Technically they can. Practically you wouldn't want that. A doctor in your bedroom. Overseeing every intercourse you have.

Re:Another analogy

[sunderland56]

It's akin to asking the telephone company to protect you from scams. Nice in theory, but impossible to do in practice.

Re:

[thegarbz]

Practically you wouldn't want that. A doctor in your bedroom. Overseeing every intercourse you have.

That would depend if the doctor in question is: 1) female (for me), 2) good looking (IMO), and 3) involved in the activity.

Huh? They already do!

[s.petry]

While surely not all, a good number of ISPs already provide anti-virus and anti-malware detection. If you use an ISP for email, chances are pretty high that the back end is running anti-spam rules which looks for attachments and strips where a "bad" MD5 sum is found. "bad" meaning it matches malware/virused attachments. They don't need to read the contents, just look for the checksum.

As a privacy advocate I'm not too uncomfortable with ISPs scanning like this, as anything I would be worried about would b

Re:

[AmiMoJo]

It's more like vaccination.

ISPs usually block port 25, because it gets abused too much. You can't run a web server from it what, residential/dynamic IP ranges are mostly blocked by other servers.

Doesn't seem unreasonable to block things like IoT malware if it can be done without disrupting other stuff. People with a clue won't be affected because they use VPNs anyway.

Re:

[Gravis Zero]

Practically you wouldn't want that. A doctor in your bedroom. Overseeing every intercourse you have.

Are you kidding? This is the internet, some people would pay for such a service. ;)

Re:

[sabbede]

Maybe I like an audience.

'Trust', indeed

[Anonymous Coward]

I don't 'trust' my bank to hold my money. I audit my accounts with them every month to be sure they don't make a 'mistake'.
I don't 'trust' doctors; I do my own research, especially when they tell me something that I don't think is in my best interests, or that just plain doesn't make sense.
I don't 'trust' my government, I question what it's doing all the time, and will speak up if I see something unjust, or just plain dumb, being dumb -- because *I* am not dumb.
I sure as hell don't trust my ISP, or any ISP for that matter, to 'keep me and my computer safe'. ISPs invade our privacy constantly in the name of higher profits for themselves, and because the government wants to collect data on it's citizenry and generally snoop into people's lives.
It is not, and should not, be the business of ISPs to do this thing. Their role should be to provide connectivity to the Internet for it's customers, and that is ALL they should be in business to do, not to 'censor' anything, 'filter' anything, or anything like that. Just give us a reliable connection and leave it at that!

Re:

[thegarbz]

Do you trust the company that produces aluminium foil?

I'm especially interested in this not trusting a doctor when their advice isn't in your best interest. If it isn't in your interest why did you go to the doctor in the first place? Who else's interest do they have in mind? Don't worry though, David Wolfe has your best interests at heart. He genuinely cares about you, and he needs to as well if you're behind on your vaccinations.

Re:

[sabbede]

What about false positives? Or tools like Metasploit?

that would be the end of broadbad speed

[FudRucker]

if every file had to be scanned for viruses prior to being downloaded/uploaded, that sort of system would make a 56k dialup look fast

why dont Australia demand Apple & Microsoft

[FudRucker]

to build better and more secure operating systems? thats where the problem really is, if the operating systems and their applications used to access the internet were secure then the problem would be solved, asking the ISPs to do this would slow the internet speeds down to a really slow crawl

Re:

[FudRucker]

i am waiting for it to be the year of the linux desktop, then i will fearmonger using linux

Australia? Hardly...

[BozoForPresident]

Whether this is supposed to refer to the landmass (unlikely) or the political entity, one particular subset of the idiot-fucks that presume it's their business to force their opinions and values onto millions of other people does not constitute 'Australia'. And why would anyone care about what these notoriously technologically inept parasites opine about this subject?

In transport vs on the computer!?

[Midnight Thunder]

Some ISPs already provide anti-viruses to the customer for an extra fee, like mine does. The only catch it is only windows compatible. I got the feature removed since they were charging me for something I couldn't use.

As for detecting viruses in an encrypted transport layer, at the ISP, then good luck with that.

Re:

[AHuxley]

Every file, image, video clip gets a checksum to help find virus like activity and block it at the ISP level.
If a file shows up many months later in some investigation, most ISP accounts that downloaded the same file can be listed.
Time to get a good VPN.

And once again...

[Chris Mattern]

...Australia's government shows that they don't really get this whole "technology" thing...

Re:

[quenda]

...Australia's government shows that they don't really get this whole "technology" thing...

Once again, a Slashdot user shows they cannot read past the inaccurate summary.
While Dan Tehan is a pol-sci major, our current prime minister made his millions in the ISP business and sold out just before the dot-com bubble burst.
This is not about web or email filtering.

Re:

[thegarbz]

The irony of this is the current prime minister used to be the CEO of one of the largest ISPs in the country. Irony so thick you can cut it.

Re:

[mjwx]

...Australia's government shows that they don't really get this whole "technology" thing...

Australia's current government is what happens when you elect a Conservative based on a fear campaign of the other guy. This is the kind of bollocks the US now has to look forward to.

Any government not utilizing scare tactics?

[TheOuterLinux]

Not only is this an impossible guarantee or a means to charge customers more money for (Godfather voice) "protection," but it just provides a red herring to monitor more than just metadata.

The Gov can do more than ISP to combat malware.

[dweller_below]

It is odd that the Australian government is calling on ISPs to take action against computer malware, when most of the effective actions are in the government's hands. Computer malware is a complex issue. There is no single fix. Instead, we need to systematically value and build up security. Probably, the most important changes that we could implement with our ISPs is to require them to properly handle abuse reports.

• * ISPs need to properly assess, then quickly forward valid abuse reports to the owners

Big differnce

[fullback]

My first internet connection started in Japan in 1994. 100 Mbs fiber since 2000 and never had a virus, never had a data cap, never paid more than about US$ 60/month (now US$ 35/mo.), never had a browser hijack, never had malware, never had to reset a modem, never had less than 3 companies to choose from and only had service go out once and that was because of a massive earthquake 6 years ago.

Came back to the US and I'm loaded up with hijacks and malware every time I turn on my PC. Have to reset the modem e

I suggest people actually read the original piece

[rakslice]

Look, I'm all for sticking it to clueless politicians, and the original column doesn't commit to any policy of substance, but nevertheless I think the "companion news article" is interpreting it... very creatively.

The original column:
https://www.pressreader.com/au... [pressreader.com] (pressreader is paywalled but allows a certain number of free uses per time period)

I'm annoyed with the current climate of politicians just ignoring the facts and choosing to believe whatever they want, and I'm annoyed by the proliferation of c

No news?

[manu0601]

it's not clear if there's an actual plan behind Tehan's observations

In other words, there is no news?

Good luck gettin' your money back

[Impy the Impiuos Imp]

"where he delivered the message the Government expected them to do more to shut dodgy sites and scams,"

(A month goes by)

"I didn't mean shut off access to government sites! >:-( "