Microsoft backtracks over internet quarantine
Microsoft has revised its proposal, presented last November, to isolate infected PCs from the internet and place them in quarantine until they have been disinfected. According to Microsoft's Vice President for Trustworthy Computing, Scott Charney, the new proposal would make web service operators decide on potential restrictions based on a PC's "device health".
For instance, banks could limit the amount that can be transferred via computers which carry a potential risk. The health check is to be carried out based on such information as the details provided by the Windows Security Center, which is digitally signed by the PC's TPM chip. It is yet unclear how legitimate web pages are supposed to authenticate themselves at the PC in order to obtain the required health information. Unfortunately, the new proposal is also unlikely to prevent infected PCs from attacking other computers.
Charney's original idea was to allow IPs check a system's device health and isolate potentially infected PCs until they had been sanitised. Talking to our associates at heise Security, the head of Microsoft's Global Security Strategy, Paul Nicholas, said that due to small profit margins, IPs consider themselves in no position to provide support for potentially infected or badly maintained PCs.
Scott Charney's approach is based on the idea that there are similarities between the public health system and a computer's ecosystem. Charney says that to maintain a general state of health, measures such as the isolation of infected patients or PCs must be taken. However, Charney himself isn't completely clear about the consequences: "Increasingly around the world, access to the Internet is being viewed as a fundamental right," he said. "That's an important change in perception."
Charney sees certain analogies to the legislation on smoking: smoking in public also impacts the people in a smoker's environment. The executive added that similar principles apply to botnets. His opinion is shared by security specialist Bruce Schneier, who acknowledged Charney's first idea in an essay he wrote in November 2010. In that essay, Schneier said that it is legitimate to restrict the rights of individuals for the benefit of a society. After all, said Schneier, driving tests and MOTs aren't there to protect individuals from themselves, but to protect society from its individuals.
(Uli Ries / trk)