Australia Wants ISPs To Protect Customers From Viruses (sophos.com) 104
An anonymous reader quotes Sopho's Naked Security blog:
In a column in The West Australian, Dan Tehan, Australia's cybersecurity minister, wrote: "Just as we trust banks to hold our money, just as we trust doctors with our health, in a digital age we need to be able to trust telecommunications companies to protect our information from threats." A companion news article in the same newspaper cited Tehan as arguing that "the onus is on telecommunications companies to develop products to stop their customers being infected with viruses"...
Tehan's government roles include assisting the prime minister on cybersecurity, so folks throughout Australia perked up when he said all this. However, it's not clear if there's an actual plan behind Tehan's observations -- or if there is, whether it will be backed by legal mandates... Back home in Australia, some early reactions to the possibility of any new government interference weren't kind. In iTWire, Sam Varghese said, "Dan Tehan has just provided the country with adequate reasons as to why he should not be allowed anywhere near any post that has anything to do with online security."
The West Australian also reports Australia's prime minister met telecommunications companies this week, "where he delivered the message the Government expected them to do more to shut dodgy sites and scams," saying the government will review current legislation to "remove any roadblocks that may be preventing the private sector and government from delivering such services."
Tehan's government roles include assisting the prime minister on cybersecurity, so folks throughout Australia perked up when he said all this. However, it's not clear if there's an actual plan behind Tehan's observations -- or if there is, whether it will be backed by legal mandates... Back home in Australia, some early reactions to the possibility of any new government interference weren't kind. In iTWire, Sam Varghese said, "Dan Tehan has just provided the country with adequate reasons as to why he should not be allowed anywhere near any post that has anything to do with online security."
The West Australian also reports Australia's prime minister met telecommunications companies this week, "where he delivered the message the Government expected them to do more to shut dodgy sites and scams," saying the government will review current legislation to "remove any roadblocks that may be preventing the private sector and government from delivering such services."
Ha! (Score:1)
Re: Ha! (Score:1)
Re: (Score:1)
It certainly works well in the enterprise. Privacy (Score:2)
Certainly there are privacy issues to be discussed, and there are many questions that can be asked about what exactly should be done and how it should be done. The concept does work quite well. Especially related to botnets.
This is standard procedure in the enterprise. Its 2017, not 1997, and we're far beyond "update your AV and pretend your safe". In enterprises that care at all about security, professionals, preferably security professionals in the SOC, but at least network professionals, use professio
Re: (Score:2)
It's Australia - google "Australia" and "metadata" and you'll see that privacy of citizens is not something that the current Government cares about. One department even decided to "doxx" a critic in the newspapers with confidential information that could have resulted in a jail term for a leaker if it had been released by anyone that doesn't own a police force.
I'm not suggesting you have a bad point, merely that priorities are differen
Re: (Score:2)
It sounds like a terrible idea. In work environments, there's a legitimate reason to limit people's access to the internet, i.e. customer data can be at risk (or in the case of where I work, patient data.) But in a home setting, it's just straight up annoying to have your ISP start blocking shit that you may not want to be blocked.
My ISP blocks incoming email and web ports because it's presumed that everyday customers running any servers on those ports are participating in a spam botnet. So that means I can
"Block everything" is stupidly simplistic (Score:2)
> And if we did what you suggest, it would be a whole lot worse.
I'm not sure what you think I'm suggesting. What I said is in some ways the opposite of what you seem to think I said.
I said the ISP is in a position in monitor the network as a whole and respond to emerging threats, such as botnets currently active on the network or scanning the network. I said the ISP can reasonably have people in the SOC actually responding in real-time as exploits are released and threats become real. That's pretty much
Re: (Score:2)
Double Ha (Score:2)
Re: (Score:3)
What do you want them to do?
Even paving it over isn't guaranteed to work, shit infects your bios and comes back. Free tech support with a consumer ISP contract?
This is exactly what an ISP should do. They can't protect you from yourself, but they can protect the larger net from zombies. Of course the bot herders will just adapt, might stop some kiddies.
Re: (Score:2)
You simply bad all simply modem style network devices and replace with full fire wall routers. With the ability to monitor out of normal design bounds traffic and block it off and report it back to the ISP and in turn the end user. The question is whether or not network policing activities should occur. If the individual is attacked for any other crime, the police respond and assist them, the question is then whether that same response is required for a network attack. Right now it is just free for all and
In a world... (Score:3, Interesting)
Deep packet inspection is good for you! (Score:1)
Nobody wants (tech) savvy citizens: They might question the course of events.
Re:In a world... (Score:5, Insightful)
Hows an isp going to detect a virus without inspecting the content of your incoming data?
Should we want an isp to snoop on everything we do online?
Virus protection now thats just an excuse.
Re: (Score:2)
And if ISPs all started doing this then viruses would simply use bog-standard encryption.
Re: (Score:2)
Hows an isp going to detect a virus without inspecting the content of your incoming data?
You can analyse the data stream without ever analysing data. Unusual traffic does not mean they are reading the details of every bit. Sure virus writers can hide and obfuscate that traffic, but right now they have no reason to, so they don't. It's a rare botnet that ends up doing something like hiding a command and control server in Tor, and even then they don't encrypt or hide the final payload. They just pretend to be the worlds fastest finger hitting F5 repeatedly on a site in a way no medical condition
Re: (Score:2)
Installers helpfully open ports for you and even setup port forwarding (insert alphabet soup acronym).
Apparently, on consumer routers, no credentials are required, it is logged. Completely idiot proof...
Re: (Score:2)
Yeah, and let's study how cars work and fix them ourselves. Include TV, smart watches and phones, washers and dryers.
How stupid of consumers to expect the goddam vendor to do shit.
Headline and summary are bullshit as usual (Score:2)
In a world where ISPs filter viruses for you,
NO! The article makes it clear: He said the plan did not amount to web filtering . and he claimed previous efforts to do so had been “ill-advised”.
While ISPs cannot filter your downloads, there is plenty that can and should be done at the network level, such as detecting outgoing spam and DOS attacks from infected users.
Another analogy (Score:5, Insightful)
Re:Another analogy (Score:4, Interesting)
It's akin to asking the telephone company to protect you from scams. Nice in theory, but impossible to do in practice.
Re: (Score:3)
Practically you wouldn't want that. A doctor in your bedroom. Overseeing every intercourse you have.
That would depend if the doctor in question is: 1) female (for me), 2) good looking (IMO), and 3) involved in the activity.
Huh? They already do! (Score:2)
While surely not all, a good number of ISPs already provide anti-virus and anti-malware detection. If you use an ISP for email, chances are pretty high that the back end is running anti-spam rules which looks for attachments and strips where a "bad" MD5 sum is found. "bad" meaning it matches malware/virused attachments. They don't need to read the contents, just look for the checksum.
As a privacy advocate I'm not too uncomfortable with ISPs scanning like this, as anything I would be worried about would b
Re: (Score:2)
It's more like vaccination.
ISPs usually block port 25, because it gets abused too much. You can't run a web server from it what, residential/dynamic IP ranges are mostly blocked by other servers.
Doesn't seem unreasonable to block things like IoT malware if it can be done without disrupting other stuff. People with a clue won't be affected because they use VPNs anyway.
Re: (Score:2)
Practically you wouldn't want that. A doctor in your bedroom. Overseeing every intercourse you have.
Are you kidding? This is the internet, some people would pay for such a service. ;)
Re: (Score:2)
'Trust', indeed (Score:5, Insightful)
I don't 'trust' doctors; I do my own research, especially when they tell me something that I don't think is in my best interests, or that just plain doesn't make sense.
I don't 'trust' my government, I question what it's doing all the time, and will speak up if I see something unjust, or just plain dumb, being dumb -- because *I* am not dumb.
I sure as hell don't trust my ISP, or any ISP for that matter, to 'keep me and my computer safe'. ISPs invade our privacy constantly in the name of higher profits for themselves, and because the government wants to collect data on it's citizenry and generally snoop into people's lives.
It is not, and should not, be the business of ISPs to do this thing. Their role should be to provide connectivity to the Internet for it's customers, and that is ALL they should be in business to do, not to 'censor' anything, 'filter' anything, or anything like that. Just give us a reliable connection and leave it at that!
Re: (Score:2)
Do you trust the company that produces aluminium foil?
I'm especially interested in this not trusting a doctor when their advice isn't in your best interest. If it isn't in your interest why did you go to the doctor in the first place? Who else's interest do they have in mind? Don't worry though, David Wolfe has your best interests at heart. He genuinely cares about you, and he needs to as well if you're behind on your vaccinations.
Re: (Score:2)
that would be the end of broadbad speed (Score:2)
why dont Australia demand Apple & Microsoft (Score:2)
Re: (Score:2)
Australia? Hardly... (Score:1)
In transport vs on the computer!? (Score:2)
Some ISPs already provide anti-viruses to the customer for an extra fee, like mine does. The only catch it is only windows compatible. I got the feature removed since they were charging me for something I couldn't use.
As for detecting viruses in an encrypted transport layer, at the ISP, then good luck with that.
Re: (Score:2)
If a file shows up many months later in some investigation, most ISP accounts that downloaded the same file can be listed.
Time to get a good VPN.
And once again... (Score:4, Informative)
...Australia's government shows that they don't really get this whole "technology" thing...
Re: (Score:2)
...Australia's government shows that they don't really get this whole "technology" thing...
Once again, a Slashdot user shows they cannot read past the inaccurate summary.
While Dan Tehan is a pol-sci major, our current prime minister made his millions in the ISP business and sold out just before the dot-com bubble burst.
This is not about web or email filtering.
Re: (Score:2)
The irony of this is the current prime minister used to be the CEO of one of the largest ISPs in the country. Irony so thick you can cut it.
Re: (Score:2)
...Australia's government shows that they don't really get this whole "technology" thing...
Australia's current government is what happens when you elect a Conservative based on a fear campaign of the other guy. This is the kind of bollocks the US now has to look forward to.
Any government not utilizing scare tactics? (Score:2)
The Gov can do more than ISP to combat malware. (Score:2)
Big differnce (Score:2)
My first internet connection started in Japan in 1994. 100 Mbs fiber since 2000 and never had a virus, never had a data cap, never paid more than about US$ 60/month (now US$ 35/mo.), never had a browser hijack, never had malware, never had to reset a modem, never had less than 3 companies to choose from and only had service go out once and that was because of a massive earthquake 6 years ago.
Came back to the US and I'm loaded up with hijacks and malware every time I turn on my PC. Have to reset the modem e
I suggest people actually read the original piece (Score:2)
Look, I'm all for sticking it to clueless politicians, and the original column doesn't commit to any policy of substance, but nevertheless I think the "companion news article" is interpreting it... very creatively.
The original column:
https://www.pressreader.com/au... [pressreader.com] (pressreader is paywalled but allows a certain number of free uses per time period)
I'm annoyed with the current climate of politicians just ignoring the facts and choosing to believe whatever they want, and I'm annoyed by the proliferation of c
No news? (Score:2)
it's not clear if there's an actual plan behind Tehan's observations
In other words, there is no news?
Good luck gettin' your money back (Score:2)
"where he delivered the message the Government expected them to do more to shut dodgy sites and scams,"
(A month goes by)
"I didn't mean shut off access to government sites! >:-( "