quote: You really can't expect isps to shut people down just because they're too stupid to keep their machines secure.
Uhhh....yes, you most certainly can. I am an abuse administrator at an ISP in Alaska, and that is *exactly* what I do when I run across users that can't/won't secure their computers. In general, however, after contacting the user a few times to advise them that they have a problem and that they need to fix it or risk losing their accounts--and giving a few helpful pointers to get them on their way--my users eventually either get their computer locked down or replace it with a new one. While some of them will eventually get the new computer infected, etc.
a number of them learn a bit about basic security (firewall, anti-virus, anti-spyware, patching the OS, etc.), and cause no more problems.
I *really* wish ISP's could/would communicate better with PC repair shops, however. I can't tell you how many customers I have contacted where there has absolutely, positively been a problem on the customer's machine (typically, malware installed by a trojan for relaying UCE elsewhere), but the PC shop ran a quick A/V, called the computer clean, charged the customer $150 and told them they found nothing...at which point the customer calls in screaming at me because they just spent $150 on a computer that "had nothing wrong with it." And then they get *REALLY* upset when I suspend them again because they are still relaying spam... (Hint for PC repair shop employees: nmap and ethereal are your friends!)