Regulating Internet Pollution

Handing externalized costs is a big problem for the internet. Spam, distributed denial of services (DDOS) attacks, viruses, and their infinite variations and combinations are bad now and have the potential to get much worse. As more commerce happens online the Willie Sutton effect only gets more powerful.

ISPs are in the best position to do something about these problems, but they have very little economic incentive to do so. ISPs don't bear enough of the costs of internet pollution. If ISPs want to avoid government regulation they're going to need some kind of industry-wide self regulation. Here's my suggestion:

When you get an internet connection it should come with a firewall. This might be a little box you install at your house (like most savvy internet users already have) or, even better, a big box serving lots of users on the ISP side of the network connection. I'm sure Cisco would love to sell these big boxes. The important bit is that this firewall should default to a reasonable, secure configuration. Users would be able to connect to their ISP's SMTP and DNS, use HTTP and HTTPS anywhere, but all other traffic (expect for the bits need to make IP itself work) would be blocked. Forged IP could be filtered out here as well.

With the right defaults very few users would need to ever change the firewall settings. For those users who need more freedom, they could get access to the firewall configuration settings for an additional $1 per month. If they wanted, they could turn the firewall off completely. Just by making it a tiny bit difficult to turn off the firewall, most zombies would be cut off.

If the ISPs don't decide to stop the flow of IP pollution flowing from their networks, some zealous congressman will.