Sure, ISPs may not currently be accountable for the poor security at the end of their "pipes", and this is problematic for many of the reasons described by Ross Anderson (see "Why Information Security is Hard -- An Economic Perspective" http://www.cl.cam.ac.uk/ftp/users/rja14/econ.pdf). If the financial damage of DDoS attacks continues to escalate, you can rest assured that the powers that be will be looking for someone to bear the liability. And because you can't squeeze blood from a turnip, let alone the 1,000s of users being used to launch these attackes, legislation will target the fatted calf: The Broadband ISPs. ISP support of firewalls is not only the responsible thing to do, it's inevitable as well.

I'll be watching all of the action as it unfolds,from a bunker well behind my own personal firewall.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/287/8986#8986