TapWalled garden

This idea being promoted by MAAWG looks like it could be an effective way of limiting spam at source, and, as the members are high powered, it could actually get implemented.

The problem is that a large proportion of spam and associated phishing, viruses and other attacks are sent, not from huge malicious systems in a far off place, but many thousands of small home systems each adding their little bit to the flood and under common malicious control. They were infected by a previous attack and then join in themselves—these are called zombie systems and are collectively known as a bot-net.

The principle of this proposal is for ISP’s to identify customers on their own networks who are infected. Nothing new there except that they currently don’t do it because of the administrative overhead it would trigger. The difference is that once identified, the customer would have all their internet traffic automatically routed to a sanitised area called the Walled Garden within the local domain and that all browser requests result in a link to an internal site which provides education and disinfection tools. Until the customer systems are cleaned no traffic is permitted out onto the wider internet. Think of it as a quarantine with a pharmacy on hand for self treatment. The reasoning is that the majority of customers with infected systems are unaware of it and wouldn’t know what to do if they were told. This way they don’t have a choice.

There will still be some admin overhead—in calls to the help desk—and it would need to start easy to minimise false positive alarms, but it is probably the only way to force these infected zombie systems off the network.

As I said, there are some heavyweight people on this working group, AOL, AT&T, France Telecom (Orange) but not my ISP. But when(if?) the momentum gets under way, no ISP is going to be able to ignore it and stay in business.

Comments are closed.

^ Top