Comment by mzajc
4 days ago
The ISPs simply don't care, I think. I have several million unique botnet IPs hitting my server, and I'm not sure how I could let the ISPs or users know they're infected - I contacted those that originated from my country, but 3 out of 4 of them ignored my mail to the abuse contact. I imagine the situation is several magnitudes worse for people with more prominent domains.
We need regulation requiring ISPs to care. In the US they will severely reduce your speeds (if not outright cancel your account) over repeated DMCA complaints so why can't they do the same for reported botnet activity?
I guess logistically they'd need a way to assess if the problem had been resolved though. It would be pretty challenging to validate reports and then follow up on them in an automated manner. There's not going to be much budget for this after all. Still you'd think it could be done for the largest (and thus well understood) botnets.
DMCA complaints are generally something the user chose to do. Most users aren't choosing to participate in botnets. I'm not sure it's appropriate to punish users like this for something that isn't their fault and that they likely won't know how to fix.
When my house catches on fire I probably don't have the tools to put it out, but I am obligated to call the fire department before it burns down the neighborhood.
1 reply →
Why not? It wouldn't be acceptable in any other context - like running a lawn mower that spits oil onto your neighbor's lawn.
DMCA requests lead to legal consequences for ISP's in extreme cases. Botnets meanwhile there's no "lobby groups" that are directly impacted enough to 'care' at a financial level
I agree it does require regulation. There would be better odds for regulations in the US if you could show that regulating ISPs can help funnel taxpayer money to billionaires and their grifting cronies. The US has a history with ISPs, they were given fat subsidies to build out their networks and then they did not do that.
ISPs do care. They typically have a standard procedure where they will contact the customer if they receive structural complaints, indicating an actual botnet infection. It's also very typical to not receive a response to abuse complaints, even though they do log it.