I just don't think that sending port scans to random internet addresses is a big violation of privacy, or undue conduct for a government to participate in. Having your connection details public is the price you pay for connecting to the internet. If you don't like it, than run a private network and firewall the ports on your gateway - the default behavior of all consumer routers.
Quite simply, you will absolutely get portscanned if you have a port open to the public internet today. Try it. No doubt CIA has access to at least some of those botnets. We need policy protections that face the reality of the world we live in today, and harden devices that would like to communicate over the internet in an automated fashion. That includes punishments for operating massive, systemic botnets, but also some auditing of critical infrastructure that is publicly accessible.
For all their problems, certificate authorities have largely let us figure this stuff out on the internet browser side, and I would argue that has had a positive effect on privacy and security. Now it is time to do something similar for devices that connect to the internet in an automated way.
For all it's
I agree on the subject, but I think we can leave port scans out of the discussion because they are not an issue as you suggest and still apply everything I am saying to other issues.
There would still be upside of potentially addressing the scan spam as well, though
Quite simply, you will absolutely get portscanned if you have a port open to the public internet today. Try it. No doubt CIA has access to at least some of those botnets. We need policy protections that face the reality of the world we live in today, and harden devices that would like to communicate over the internet in an automated fashion. That includes punishments for operating massive, systemic botnets, but also some auditing of critical infrastructure that is publicly accessible.
For all their problems, certificate authorities have largely let us figure this stuff out on the internet browser side, and I would argue that has had a positive effect on privacy and security. Now it is time to do something similar for devices that connect to the internet in an automated way. For all it's