So, one of the big stories floating around the mainstream media today is on the denial of service attacks waged upon U.S. and South Korean websites in recent days. It’s not the first time it’s happened, nor is it the first time that such attacks have been mentioned in the media. Maybe it’s true that this is one of the first times the feds have been so open about government network security concerns. However, I think it’s far more likely that it’s a slow news day, now that average American news consumers have been burned out with reports from Iran, speculation on the motivation for Palin’s resignation, and 24/7 coverage of Jacko’s passing…and something had to be done to drum up ratings.
Regardless of the reason that this is such big news…I got to thinking.
A few months ago, the interwebs were all aflutter with calls for network neutrality, because of the threat of traffic shaping, and of big online media providers negotiating with commercial keepers of the ’net’s backbones for preferential bandwidth allocations. The RIAA and MPAA have at various times in the past pushed for filtering of suspected infringing content. Various countries impose some measure of filtering to “protect” their citizens from certain content and services (admittedly with mixed records of success).
You would think that, by now, someone would have sought to impose some manner of filtering, preventing the routing of botnet traffic through the backbones.
I wonder if the feds could draft a law to incent the keepers of the backbones to block botnet-spawned denial-of-service attacks and spam floods. Perhaps such entities could be held civilly liable for transmitting such traffic (but restricting the right to sue to the Department of Justice unless a high damage hurdle is met, to limit a flood of lawsuits), perhaps granting those companies the right of subrogation against bot-contaminated PC’s.
The challenges would be, of course:
- The difficulty in drafting appropriate legislative language to be able to describe botnet traffic;
- The technological challenges in accurately identifying such traffic, and of adapting identification logic as botnet traffic changes; and
- Legislators and bureaucrats from resisting the temptation to expand the traffic ban to include other controversial traffic (BitTorrent, adult-themed material, etc.)
I would be extremely leery of setting a precedent for restricting certain types of network traffic. It’s too easy to see the door being opened to one heckuva slippery slope. However, I also hate the congestion and harm caused by botnets.
At least within the U.S., the freedom of speech is one of the freedoms we hold most dear. Yet we do accept some constraints on that right — “freedom of speech” doesn’t convey a right to harass, to willfully make untrue statements for one’s own profit, or to shout “fire" in a crowded theater. Along those lines, could network neutrality be construed to not include unrestricted throughput of traffic intended to harm or harass?
