dslreports logo
 story category
FCC Announces Voluntary CyberSecurity Program
Urges ISPs to Follow Comcast's Lead on Botnets DNS Security

Last month FCC boss Julius Genachowski gave a speech in which he urged ISPs to beef up their security practices, citing Comcast and CenturyLink as two companies that did things right in regards to handling botnets and other menaces. Yesterday Genachowski took things one step further by announcing a new voluntary Cybersecurity program that urges ISPs to shore up security measures versus botnets, attacks on the Domain Name System (DNS), and Internet route hijacking.

To be clear, the FCC is recommending ISPs adopt programs most of them have already adopted. Comcast for example has been at the forefront of DNSSec upgrades and walled garden botnet alert systems since 2009. There have, as you might expect, been some stragglers on this front who don't want to spend the necessary funds to expand their network security efforts. AT&T, for example, recently stated they had no interest in seriously beefing up their anti-botnet measures.

According to the FCC's program fact sheet, the program is absolutely voluntary -- meaning that if ISPs aren't doing a good job now shoring up network security, this will change nothing. What it does is deliver a few quick political brownie points to the FCC, who in recent years has perfected these kind of "show pony" efforts (like our national broadband plan) that say a lot but accomplish little. It also tries to pre-empt Cybersecurity laws pending in Congress. That may or may not be a good thing, depending on the proposed law and the level of technical insight of the author (in Congress, usually very low).

The effort may at the very least provide a framework (though most of it was established without the FCC's help) for less competent ISPs to follow if they're seriously willing to invest the funds, though it's unlikely the politicians at the FCC can offer network insight most operators don't already possess. According to the agency, Time Warner Cable, Sprint, CenturyLink, Comcast, AT&T, Verizon, T-Mobile and Cox have all signed off on the program.
view:
topics flat nest 

thomas2011
@comcast.net

thomas2011

Anon

give me the option of a completely unfiltered connection

this may be fine for the mainstream to get machines virus free(if it really works)

but please we should also have an option of a completely open unfiltered/untouched IP connection for those people who can keep their own network or machines malware free.

FFH5
Premium Member
join:2002-03-03
Tavistock NJ

FFH5

Premium Member

Re: give me the option of a completely unfiltered connection

said by thomas2011 :

this may be fine for the mainstream to get machines virus free(if it really works)

but please we should also have an option of a completely open unfiltered/untouched IP connection for those people who can keep their own network or machines malware free.

And who certifies you know what you are doing and are malware free? The ISP should take your word for that?

S_engineer
Premium Member
join:2007-05-16
Chicago, IL

S_engineer

Premium Member

Re: give me the option of a completely unfiltered connection

Maybe that certification can come from the same people that verify that the ISPs data usage meter works and has accurate readings!
ConstantineM
join:2011-09-02
San Jose, CA

ConstantineM to FFH5

Member

to FFH5
What about a captcha?
fldiver
Premium Member
join:1999-12-27
Jacksonville, FL

fldiver to FFH5

Premium Member

to FFH5
That's a really dangerous question to ask of people on this site. Most people on DSL reports are extremely educated in the areas of security and many are probably in the field..
jcremin
join:2009-12-22
Siren, WI

jcremin to thomas2011

Member

to thomas2011
That's like saying I should be able to pay a bit more for my driver's license in order to not be pulled over for speeding. I think that "business class" connections should get special treatment (personal phone call, plenty of warning time, and anything else possible to fix the problem before interrupting any service), but residential connections typically don't need the same level of service. There should still be some sort of warning, rather than simply cutting off service.
ConstantineM
join:2011-09-02
San Jose, CA

ConstantineM

Member

malware: business or residential?

You got it all wrong. Business connections are the ones where most of this shit happens. I'm still receiving spam on my custom-generated email address that was only used to communicate with Vonage customer service. Same incident happened with another email address that was used to contact the sales department of a medium-sized hosting company.

At home, people have Macs and iPads. 'nuff said.
ConstantineM

ConstantineM to thomas2011

Member

to thomas2011
I agree — there should definitely be a way to opt-out easily. The vast majority of the population who knows nothing about computers would not opt out, and they're usually the ones that require such protection anyways.

For example, it does make sense if outgoing smtp port 25 is blocked by default, especially on residential connections; however, it should equally be possible to easily unblock it on request. Which is what currently happens with AT&T, and is a good practice, IMHO. (Although, to be fair, it seemingly does take some persistence to get someone on the line who can make the change, I've had no success trying to unblock it through online chat, but some second-tier tech support did it without a problem, even offering to setup rDNS.)

FFH5
Premium Member
join:2002-03-03
Tavistock NJ

1 edit

FFH5

Premium Member

FCC just blowing smoke

If the FCC wanted to really make waves, they would take out TV ads telling people to drop AT&T internet and move to Comcast or CenturyLink because AT&T is unsafe to use for internet access. That would get AT&T's attention and create a lot of notice. Of course, AT&T would sue the FCC. But I'd bet they would actually start to do something about botnets on their system.

TheHelpful1
Premium Member
join:2002-01-11
Upper Marlboro, MD

TheHelpful1

Premium Member

Blind leading the lemmings...

Follow comcast's lead? You mean the company that pushed out network upgrades that would have made it impossible to comply with an act that they were pushing to make law (SOPA)?

ISurfTooMuch
join:2007-04-23
Tuscaloosa, AL

ISurfTooMuch

Member

Re: Blind leading the lemmings...

I wouldn't chalk that up to stupidity but probably more to different parts of the company pulling in different directions. If you were to ask and be able to get honest answers, I'd be willing to bet that things like DNSSEC were being pushed by the folks running the Internet division, and upper management, who is more oriented toward TV, likely simply nodded and went along, even though they probably didn't really understand it. OTOH, SOPA was probably being pushed by corporate because, as you know, Comcast either owns or is in bed with lots of TV programmers, but I'll bet that the Internet folks there hated the idea.