Telewest, a major ISP in the UK, has been spanked by the SPEWS blacklist. According to this report from the BBC, Telewest was aware of the situation, and had been notifying customers that they needed to clean up their PCs, which according to Telewest has been “a time-consuming task.” SPEWS nonetheless blocked roughly 900,000 IP addresses.
This brings up two questions in my mind:
1) Do blacklists need some outside supervision regarding how they disseminate information regarding potential offenses, and how they respond?
2) Why couldn’t Telewest just disconnect the zombied machines from their network, like has been done down in Australia, and then assist their infected customers? That would have prevented knocking out all the UNINFECTED customers.
Technology is great for solving problems, but I think there is a communication gap here that needs addressing.