[tristan9]

Thing is, don’t care.

The problem is that ISPs whose customers are originating the attacks from don’t give a shit.

If we have to give up 1% of legitimate traffic to thwart 90% of attacks, it is a good deal.

If you and other customers complain to your ISP (or switch), eventually they’ll do something about it.

We can’t seriously keep on accepting that « thousands of compromised devices » is a fine reality for a « small botnet ».

These devices should be quarantined.

[InSteady]

Sounds like a really great way to potentially destroy someone's career if they aren't terribly competent and you are. Infect some component in their home network that they don't even know is smart-enabled, and keep breaching their new devices, adding them to an active and conspicuous botnet. The only recourse for average Joe is to find expert help, which isn't really in abundant supply if you are a semi-sophisticated malicious actor.

I don't even want to think about the ramifications for small and medium sized businesses. Realistically, how much would it cost to be able to completely destroy a local competitor by paying someone to orchestrate a few events in succession.

[DanielBMarkham]

This is an odd argument. The net is currently broken in many ways. One of the many ways is fake negative reviews. They easily destroy small businesses.

As I understand your argument, because the net has solid endpoints we can identify and isolate, we should ignore that fact. Instead we should create more and more complex systems to work around bad actors?

Bad actor takes control of grandma's computer. We should do all sorts of things except stop talking to grandma's computer? The thing, I would suspect, that most people would expect?

Businesses suffer from too much transparency. Got that part. They buy things that don't work and sometimes hurt people, even if they don't intend to do this. So far, so good. Where is the part where new businesses models are supposed to exist because some people made bad choices and the current models don't work? Why don't we just publicize the bad choices and let things work themselves out?

Sorry. Missing it.

[dist-epoch]

Amazon definitely cares if they lose 1% of sales.

Guess who has more votes, you or Amazon.

[tristan9]

I’m aware. Doesn’t make it sting less being in the receiving end of attacks all the time and seeing everyone collectively shrug.

[Prickle]

Ok, that is somewhat fair.

My personal want / solution would simply be "everything gets an IPV6, and IPV4 gets deprecated. Everything using IPV4 gets an algorithm slapped on top to covert it into IPV6.

Dynamic ips become a thing of the past.

But I realize that is significantly easier said than done. (Makes Minecraft servers easier to setup though)