| |||||||||||||
ITU getting serious about botnetsITU getting serious about botnetsPosted Nov 29, 2007 2:51 UTC (Thu) by brouhaha (subscriber, #1698)Parent article: ITU getting serious about botnets
The ITU is now an agency of the United Nations, which puts it in the right place to assist with botnet mitigation.This seems a very dubious proposition at best. It's far from clear that the United Nations is the right place for anything. While the ideals behind the United Nations are perhaps laudable, the practice leaves a lot to be desired.
(Log in to post comments)
ITU getting serious about botnets Posted Nov 29, 2007 7:31 UTC (Thu) by dune73 (subscriber, #17225) [Link] >This seems a very dubious proposition at best. It's far from clear that the >United Nations is the right place for anything. While the ideals behind the >United Nations are perhaps laudable, the practice leaves a lot to be desired. In an ideal world, where all humans are angels like you are, there would not be a need for an organisation like the UN. But as the population on this planet consists of many ordinary people like myself, it is good to have such an institution. I still believe the ideals are laudable. Of course, there is a certain gap between the ideal and the practise. But that is known in many organisation. Even in the 2-person comittee governing the washing up in my household. ;) But we rather want to talk about botnets and not politics, don't we?
ITU getting serious about botnets Posted Nov 29, 2007 13:26 UTC (Thu) by copsewood (subscriber, #199) [Link] So if not the ITU under UN auspices, who do you propose should do this work?
ITU getting serious about botnets Posted Nov 29, 2007 20:20 UTC (Thu) by brouhaha (subscriber, #1698) [Link] It's not a foregone conclusion that it needs to be any governmental organization.
ITU getting serious about botnets Posted Nov 29, 2007 14:07 UTC (Thu) by kleptog (subscriber, #1183) [Link] There are lots of institutions that are part of the UN that many people might not immediately recognise as such like the WHO (got rid of smallpox and polio), the ITU, The World Bank, the IMF and many others. Like it or not, it's about the only way to get anything done in this world without being tied to a country or region. It's a framework which we have that mostly works with not much in the way of alternatives, so lets use it and fix the problems as they arise.
ITU getting serious about botnets Posted Nov 29, 2007 20:26 UTC (Thu) by brouhaha (subscriber, #1698) [Link] Poor choice of examples. The IMF and World Bank have not solved any problems and have in fact caused much worse problems than they've tried to solve; aid from the IMF and World Bank is almost always tied to requirements of policy changes that prove disastrous in the long run, and cuase the countries receiving the aid to need even more aid later.The benefit of the ITU is questionable at best. I've worked for a company involved in ITU matters, so I've seen the sausage factory in operation. I don't know enough about the history of the WHO, so I'll give them the benefit of the doubt. In general, expecting the UN to solve problems is not a good bet. It's more likely to exacerbate problems and create new problems.
ITU getting serious about botnets Posted Nov 29, 2007 14:11 UTC (Thu) by job (guest, #670) [Link] What an uninformed comment. We have working international standards on everything from air traffic to document exchange (it was OASIS that specified ODF from the start, remember?) through working groups provided by the UN. I don't know what you specifically refer to, but arenas for cooperation is virtually a requirement in the modern globalized world.
ITU getting serious about botnets Posted Nov 29, 2007 20:30 UTC (Thu) by brouhaha (subscriber, #1698) [Link] On the contrary, I'm fairly well-informed about the working of the ITU and other standards bodies operating under the UN umbrella, and it's clear that non-UN standards bodies like the IETF do a far better job.The fact that a few good things have come out of the UN is not sufficient to demonstrate that it is a net positive, nor that it is the best place to promote new initiatives such as anti-botnet measures.
ITU getting serious about botnets Posted Dec 13, 2007 13:43 UTC (Thu) by job (guest, #670) [Link] The IETF works very differently because they do engineering and not political work. I'm not sure IETF would do any better than ITU or similar organizations when doing things like spectrum allocations, they are just as susceptible to policial deadlocks. But my guess is as good as yours, we just don't have any data points that compares the two. So I stand by my opinion that the original comment was in haste, uninformed, or both. A much better comparison would be the ITU and IANA, but the latter is still a bit young for it to be completely fair.
ITU getting serious about botnets Posted Nov 29, 2007 14:44 UTC (Thu) by jschrod (subscriber, #1646) [Link] Wow, can you be even more childish in your knee-jerk reaction? I don't think so. Well, the UN, it's like democracy: "Democracy is the worst form of government except for all those others that have been tried.", as Winston Churchill said. Likewise, the UN is the worst form of inter-state cooperation on a global level, except for all those others that have been tried. Joachim
ITU getting serious about botnets Posted Nov 29, 2007 20:33 UTC (Thu) by brouhaha (subscriber, #1698) [Link] You haven't refuted my statement at all. I wasn't making the case that the UN was a bad form of government. I was pointing out that there's no reason that ANY government, national or international, needs to be involved in this.Just because there's a problem, even a fairly serious one, doesn't automatically make government the best solution.
ITU getting serious about botnets Posted Nov 30, 2007 1:17 UTC (Fri) by jschrod (subscriber, #1646) [Link] Your strawman doesn't help.First, you did not made the point that this is not a topic for a governmental organization. You merely stated that the UN is not the right place for anything (your emphasis, not mine). And IMNSHO that is a pure political statement about the UN itself and not about the relevance or the appropriateness of the ITU for this specific issue. Second, as the article noted, an essential part of the ITU work is about legal advice, how one can introduce or structure laws to help fight botnets. And changing laws is very clearly the realm of governments, they are the only ones who can do it. Thus advice about a coordinated legal approach against a supranational threat to our IT security belongs into the realm of inter-governmental political organizations like the UN and its subsidiary organizations. This is not merely about technical counter-measurements which seems to be the only thing that you might think about. (You're mentioning the IETF as a better organization indicates this.) In two of three tiers of the toolkit, this is about non-technical approachs that tries to take on a larger picture of the botnet problem, beyond the technical aspects. You ignore these two tiers to be able to propagate your opinion that the UN is not good for »anything«, and to express that with emphasis. And you really want that I take your comment as a serious contribution? All in all, your f'up answers are yet another data point why I would like to get a KILL file feature in LWN's comment facility. *PLONK*, as I would like to be able to say.
ITU getting serious about botnets Posted Nov 30, 2007 1:44 UTC (Fri) by brouhaha (subscriber, #1698) [Link] The ITU most certainly does NOT give legal advice. That should be perfectly clear to anyone that's ever actually dealt with the ITU.It is far from clear that it is necessary or helpful for anyone to give countries legal advice on dealing with botnets. However, if it were necessary, there is still no obvious reason that the ITU (or any other part of the UN) is particularly well-suited for that function. It is not the case that advice on changing laws must come from a governmental organization or the UN; in fact the vast majority of such advice that legislators receive is NOT from such sources.
ITU getting serious about botnets Posted Nov 30, 2007 8:17 UTC (Fri) by nix (subscriber, #2304) [Link] So the EU Commission (the source of the majority of the more boring-yet-necessary new laws in most of Europe, even eurosceptic parts like the UK) is not a governmental organization? Fascinating. Your extreme US-centricism is plainly obvious from your claim that legislators are universes complete unto themselves that receive advice from no other governmental bodies. I'd be very scared of legislators that worked that way: who else are they ignoring? (It's odd: to a first approximation, the only people you can find against the UN as a whole are a bunch of nasty dictatorships and... parts of the US, the country which *founded* it.) The UN and the EU had the same design intent: to eliminate war on different scales (worldwide large-scale versus European), to try to stop any repetition of WWII. Both are doing lots of different things these days as well, but branching out from `stop large-scale wars' to `stop large-scale supranational threats' doesn't seem like all *that* much mission creep to me. This sort of thing is what these organizations are *for*, and being legal bodies they will use legal weapons to do it. (Yes, they suck at it and they're inefficient. Point me at any human organization that isn't. They might get something done, anyway. The EU should get involved, though, because unlike the UN it actually *can* get its constituent governments to pass laws.)
ITU getting serious about botnets Posted Nov 30, 2007 17:02 UTC (Fri) by brouhaha (subscriber, #1698) [Link] So the EU Commission (the source of the majority of the more boring-yet-necessary new laws in most of Europe, even eurosceptic parts like the UK) is not a governmental organization? Fascinating.I don't see how you derived that from what I said. Your extreme US-centricism is plainly obvious from your claim that legislators are universes complete unto themselves that receive advice from no other governmental bodies.What I said was that the vast majority of advice on changing laws doesn't come from supranational governments or organizations. In the US, most of the input into new laws or amendments at the federal level comes from other parts of the US government (e.g., the executive branch), states, and corporations. Do EU countries really work that much differently? I thought only a small portion of the laws of individual EU countries was forced upon them by the EU. Or, if you don't like the phrase "forced upon", I could say "given to".
ITU getting serious about botnets Posted Nov 30, 2007 23:03 UTC (Fri) by nix (subscriber, #2304) [Link] The figure for UK laws which consist of implementation of EU directives is around 50%, IIRC, and rising.
ITU getting serious about botnets Posted Dec 7, 2007 3:51 UTC (Fri) by okeydoke (guest, #46751) [Link] Hi. I wrote the botnet mitigation toolkit. You might want to read it leaving normal assumptions about ITU standards processes out of this .. this is an ITU-D effort (read: development and "capacity building"). There are lots of people from the network operator community (NANOG / IETF / IAB regulars, as well as large ISPs) who have agreed to help out in the technical part - in fact, the toolkit cites several RFCs, as well as data from an IAB workshop. In this context, what you have is a UN agency that is putting money and resources into a project that tries to get several different groups that are already working on botnet related issues (from a technical, as well as from policy and social work perspectives) to coordinate, work together etc. And it also tries to field test a whole lot of concepts and best practices that were mostly developed in US and canadian ISPs, in what may well be a rather different operating environment. [Yes, most of it wont change but there will be a few things that need to change, and work differently..] regards srs
ITU getting serious about botnets Posted Nov 30, 2007 3:56 UTC (Fri) by smoogen (subscriber, #97) [Link] I was pointing out that there's no reason that ANY government, national or international, needs to be involved in this. ==== Well to take the strawman further, any organization that makes decisions that people follow or feel compelled to follow is a government. The IETF is a government in that it decides standards where people should use the internet. Its enforcement is by usually public opinion, buying power of companies that will only get something RFC compliant, or other things. Governments occur all the time..
|
|||||||||||||