Microsoft: virus-infected PCs should be banned from the Internet

[nsane.forums]

Microsoft Senior Executive Scott Charney suggested on Thursday that virus-infected PCs should be quarantined from the Internet.

Speaking at the International Security Solutions Europe (ISSE) Conference in Berlin, Germany, Charney proposed a possible approach to addressing botnets and other malware that impacts consumer machines. The approach calls for sick PCs to be treated in the same way that society deals with infected humans. Charney describes the issue in a company blog post and explains that firewalls, antivirus and automatic patch updates aren't enough. "Despite our best efforts, many consumer computers are host to malware or are part of a botnet. "Bots," networks of compromised computers controlled by hackers, can provide criminals with a relatively easy means to commit identity theft and also lead to much more devastating consequences if used for an attack on critical government infrastructure or financial systems."

He goes on to explain how individuals that are not vaccinated against human viruses put others' health at risk and that there are processes governments use to track and control the spread of disease. "Simply put, we need to improve and maintain the health of consumer devices connected to the Internet in order to avoid greater societal risk. To realize this vision, there are steps that can be taken by governments, the IT industry, Internet access providers, users and others to evaluate the health of consumer devices before granting them unfettered access to the Internet or other critical resources."

The main issue that Microsoft wants to tackle is the ever growing army of robot PCs. Botnets are networks of compromised computers controlled by "bot herders" or "bot masters" that use the thousands (sometimes millions) of compromised Windows machines to distribute adware, spyware, spam emails and launch DDoS attacks. Botnets are typically installed onto end users machines by web browser vulnerabilities, worms, Trojan horses, or backdoors. A "bot master" will then control the machines by IRC commands to launch attacks or send email spam. Earlier this year Microsoft announced, that together with industry partners, it had executed a major botnet takedown of Waledac, a large and well-known "spambot". At the time the software giant said it was looking to be "even more creative and aggressive in the fight against botnets and all forms of cybercrime."

The reaction to the proposals has been met by an angry backlash from Internet commenters on Microsoft's blog. One poster lambasts Microsoft for "touting" to remove unsecure PCs from the Internet, "by that logic we need to remove every machine running Windows" said Debbie Mahler. Another asks "If Microsoft isn't competent enough to make software that is safe, how are they going to be able to make an Internet quarantine that works?". There's no doubt that the proposal is workable but the controversy of such actions, and an appropriate industry standard, seem a far way off.

View: Original Article

[Ambrocious]

Microsoft Proposes Government Licensing Internet Access

State should have power to block individual computers from connecting to world wide web, claims Charney

A new proposal by a top Microsoft executive would open the door for government licensing to access the Internet, with authorities being empowered to block individual computers from connecting to the world wide web under the pretext of preventing malware attacks.

Speaking to the ISSE 2010 computer security conference in Berlin yesterday, Scott Charney, Microsoft vice president of Trustworthy Computing, said that cybersecurity should mirror public health safety laws, with infected PC’s being “quarantined” by government decree and prevented from accessing the Internet.

“If a device is known to be a danger to the internet, the user should be notified and the device should be cleaned before it is allowed unfettered access to the internet, minimizing the risk of the infected device contaminating other devices,” Charney said.

Charney said the system would be a “global collective defense” run by corporations and government and would “track and control” people’s computers similar to how government health bodies track diseases.

Invoking the threat of malware attacks as a means of dissuading or blocking people from using the Internet is becoming a common theme – but it’s one tainted with political overtones.

At the launch of the Obama administration’s cybersecurity agenda earlier this year, Democrats attempted to claim that the independent news website The Drudge Report was serving malware, an incident Senator Jim Inhofe described as a deliberate ploy “to discourage people from using Drudge”.

Under the new proposals, not only would the government cite the threat of malware to prevent people from visiting Drudge, they would be blocked from the entire world wide web, creating a dangerous precedent by giving government the power to dictate whether people can use the Internet and effectively opening the door for a licensing system to be introduced.

Similar to how vehicle inspections are mandatory for cars in some states before they can be driven, are we entering a phase where you will have to obtain a PC health check before a government IP czar will issue you with a license, or an Internet ID card, allowing you to access the web?

Of course, the only way companies or the government could know when your system becomes infected with malware is to have some kind of mandatory software or firewall installed on every PC which sends data to a centralized hub, greasing the skids for warrantless surveillance and other invasions of privacy.

Microsoft has been at the forefront of a bid to introduce Internet licensing as a means of controlling how people access and use the world wide web, an effort that has intensified over the course of the past year.

During this year’s Economic Summit in Davos, Craig Mundie, chief research and strategy officer for Microsoft, said that the Internet needed to be policed by means of introducing licenses similar to drivers licenses – in other words government permission to use the web.

“We need a kind of World Health Organization for the Internet,” he said, mirroring Charney’s rhetoric about controlling cyberspace in a public health context.

“If you want to drive a car you have to have a license to say that you are capable of driving a car, the car has to pass a test to say it is fit to drive and you have to have insurance.”

“Don’t be surprised if it becomes reality in the near future,” wrote ZD Net’s Doug Hanchardon the introduction of Internet licensing . “Every device connected to the Internet will have a permanent license plate and without it, the network won’t allow you to log in.”

Just days after Mundie’s call for Internet licensing, Time Magazine jumped on the bandwagon, publishing an article by Barbara Kiviat, one of Mundie’s fellow attendees at the elitist confab, in which she wrote that the Internet was too lawless and needed “the people in charge” to start policing it with licensing measures.

Shortly after Time Magazine started peddling the proposal, the New York Times soon followed suit with a blog entitled Driver’s Licenses for the Internet?, which merely parroted Kiviat’s talking points.

Of course there’s a very good reason for Time Magazine and the New York Times to be pushing for measures that would undoubtedly lead to a chilling effect on free speech which would in turn eviscerate the blogosphere.

Like the rest of the mainstream print dinosaurs, physical sales of Time Magazine have been plummeting, partly as a result of more people getting their news for free on the web from independent sources.Ad sales for the New York Times sunk by no less than 28 per cent last year with subscriptions and street sales also falling.

As we have documented, the entire cybersecurity agenda is couched in fearsome rhetoric about virus attacks, but its ultimate goal is to hand the Obama administration similar powers over the Internet to those enjoyed by Communist China, which are routinely exercised not for genuine security concerns, but to oppress political adversaries, locate dissidents, and crush free speech.

Indeed, Internet licensing was considered by the Chinese last year and rejected for being too authoritarian, concerns apparently not shared by Microsoft.

Any proposal which allows the government to get a foot in the door on dictating who can and can’t use the Internet should be vigorously opposed because such a system would be wide open for abuse and pave the way for full licensing and top down control of the world wide web.

Original Article

[HX1]

I think a ban is a bit harsh.. but I could definitely see why... AND I think that it would be a mistake because you need Internet to repair in some cases.. and to get information.. tools.. for some people..

Its a bit short sighted.. of the goal to repair to most users .. and people who are victimized as well.. Usually I have the tools I need because I know and have cleaned things before.. and I always disconnect ... if I have found something... killing systems that are active sources and found to be used maliciously.. I would say isn't a bad idea t all..

An area where you have to tippy-toe around and set something like that up correctly so as not to be killing the innocent..

[myidisbb]

another tax and another way to verify your OS is legal . no thank you. besides most infected pcs are in a certain asian nation that doesnt follow the rules anyway. so this is pointless. also how do you tell its infected? they could then use this is they detect p2p software too btw can you imagine the customer service calls to another certain asian country because of this? and frankly i am sick and tired of the nanny state. so what now? force requirement that you have a certain virus, malware firweall suite on each adn very computer? nOmabaPCCare

[unknownasphyxiated]

force requirement that you have a certain virus, malware firweall suite on each adn very computer?

already have one...Windows Defender .... :lol:

[LoKz]

Microsoft Security Essentials actually does not have allot of false positives on my side... its been good.. this is from a NOD32 and a Kaspersky VET user... but im just giving it a try.. so far so good i had it for the last month already.. :rolleyes: