Seth Dillingham announced an upgrade to the Conversant code that would speed things up, and he wasn’t kidding. For a number of reasons, this site’s home page is one of the slowest on any of my sites. Before the change, this page would sometimes take 6 to 7 seconds to load. After the change, it loads almost instantaneously over my broadband connection. Not bad considering all of the dynamic things going on behind the scenes.
Wired has a story about broadband providers simply cutting off access to users whose systems become infected with Code Red or Nmida. Wired mentions that Speakeasy and DSL Inc. simply yank access to users whose systems are infected with such viruses/worms.
This is a big problem, but an even bigger problem is that most broadband providers a) do almost nothing to educate their users about the security problems associated with broadband service, and b) actually forbid users from using the best security methods to ward off infestations and attacks.
I’ve been through the process both with DSL and cable and neither provider even so much as hinted that I might want to think about any sort of software or hardware solution to prevent attacks on the computer(s) hooked up to my broadband connection. Both providers had information on firewall software buried deep in their web sites, but I assume they were afraid providing any security information might turn off potential customers.
Since I am very concerned about security, I run a small NAT router. The problem is that this is in direct violation of my agreement with the cable company which strictly forbids using any sort of router.
That restriction is added because they don’t want people using the cable access to run web, ftp, and game servers. The problem with servers is a legitimate concern — the first week the students cam back to the university here, my cable connection was almost nonexistent because the bandwidth was being used by students setting up bandwidth-munching servers.
But it’s stupid to simply ban routers because of this. Routers, after all, don’t make it difficult to find the people abusing the system. Talking with a tech support guy about the problem, he said they could identify neighborhood-sized areas where the traffic was thought he roof and then run port scans to determine who was violating the terms of service.
The ban on routers, then, simply makes the average home users system less secure, while really doing very little to fight the bandwidth hogs. Rather than fighting routers, broadband providers should be encouraging people to buy them as an important part of general network security.
Earlier this week the cable guy showed up and installed a nice shiny new 1.5mb broadband hookup at my house. Everything went without a hitch, including configuring a Linksys router/hub to share the connection over my LAN. Next stop: adding a 802.11b wireless setup so I can have high speed access while loafing on the couch.
Wired’s Farhad Manjoo has an article about the potential problems created by always-on broadband connections, Broadband Could be Hackland.
I was surprised after all of the literature they sent me along with the numerous times I called technical support, that no one at Ameritech even raised the possibility that extra security precautions might be in order when using a DSL connection. I was already aware of such problems, but you’d think even a small “buy a firewall program for extra security” note might be in order.
On the other hand, maybe they have the same contempt for their consumers as Excite@Home’s Richard Holden does. Holden says the security problems with broadband have been blown out of proportion (which may be somewhat true) and, as Wired paraphrases, “Holden added that only if people are using their computers to store sensitive information will extra security software be necessary.”
What world is this guy living? Everybody I know who owns a computer has sensitive data on it, even the folks who aren’t power users. Several people I know use their computer to prepare their tax returns; others use Quicken and other financial packages to keep track of their money.
As far as I’m concerned my e-mail is very sensitive data in that I wouldn’t want some cracker gaining access to it. I know even casual computer users who use email to communicate relatively sensitive information. Of course firewalls don’t guarantee nobody will get access to your data, but you always want to put as many impediments as feasibly possible in the way of those with malicious intent.
The blaise attitude among broadband providers toward security is very puzzling.
The good folks at Slashdot are up in arms over this CNNfn story that claims AT&T “is considering a plan to charge Internet retailers a commission each time a customer buys something through the telecom’s broadband network, an industry analyst said Monday. AT&T would also collect a fee from retailers each time a customer accesses their site through its network.”
The article, and a similar one at Yahoo are a bit unclear on exactly what AT&T is proposing to do. The way the articles are written, they strongly imply that AT&T is going to charge back any online merchant who sells something to an AT&T broadband customer. On the other hand, AT&T could just be talking about selling web merchants special positioning on its high speed network and charging back just those merchants.
I strongly suspect the latter, since I think the former is probably technically unfeasible, and one of the AT&T spokesman compares the new plan to PocketNet, a system whereby AT&T sends spam ads to people who use their wireless phones.