I figured this may make for an interesting debate. I have to think about it a bit before I know how I feel for sure.
->
The Issue In Question <-
This idea, put simply, is to monitor the Internet for new viruses, worms, or trojans. They may be network-based or email-borne. Based on TruSecure's proven Ballistic Threat Model, these new attacks will be assessed to determine if they will represent a significant wide-spread threat. Each year there are approximately 10-20 such attacks. The attack will be profiled, and a method determined, so Internet Service Providers (ISPs) can accurately (99.99%) identify it, and given to them. From that point forward, ISPs will be expected to drop the attack traffic from their networks. When fines are levied from that point depends on the method of attack
Yet another from
/. .
I think it sounds good, but it's pretty much a utopia. It will never come true.
The way I see it is not that people are ignorant (although some are, and they really don't care about the security of their computer) the problem is that many people don't know how to do it.
When a person is buying a computer for home use, they should go to a two hours course for free or for a small fee (sponsored by the big companies out there who make shitty software with security holes in it such as MicroSoft), and learn how to : update and patch their system, install an antivirus and update it and install a firewall.
What I'm saying I guess is : first teach them than go after them if they don't want to learn or they are to stupid to do it right. You can't just go to a person and tell her he or she has to pay 100.000 $ because some agency detected that an successful attack has been made from her computer against some target. Remember not every person knows as much about computer as some people around here. Some don't even have the smallest idea about computer security. Why ? because they never really had to learn about something like this.
A solution to this problem, IMHO would be instead of teaching every user in the world about security, how about for a fee when the ISP detects hostile traffic from a certain computer, they disconnect the computer, and a guy (working for the ISP) who actually knows about computer security goes and fix the computer.
Since we can't force this on everyone, I mean there is no point for someone who protects his computer to pay money for a service he doesn't use, you only pay the fee when the repair guy has to come and fix your computer, because you were lazy and didn't do it.
There are many sides to this story. But I think that to start going after the users, without trying to teach them first, or offering them a service, it's not a solution.
I've got a good idea. If anybody's sick, carrying some virus or something, and they inadvertently pass it on to someone else, tack on a fine to their next medical bill.
im with perg. That way I can start a collection company specializing in medical debt. Perg we can be rich!!!