Eye on Microsoft: Another Call to Ban Zombie PCs from the Internet

Dr. Roy Schestowitz

2009-08-26 14:05:59 UTC
Modified: 2009-08-26 14:05:59 UTC

Summary: Links from the news on the issue of security

● Opinion: Botnets must die

We already know Microsoft can't fix Windows' security problems. Every month brings yet another Patch Tuesday full of fixes for major vulnerabilities, yet Microsoft never catches up with Windows' security holes. It never will. Windows started out without network security, and every fix since Windows for Workgroups has been one patch on top of another, right through to Windows 7.

We also know education won't do the job. Anyone with a higher-than-room-temperature IQ already has security software and keeps up to date with patches. Let's be kind and assume that 90% of the Windows-using population does this. That leaves, what, about 100 million Windows PCs in the world available for botnet deployment?

Yuck! I don't like those odds!

No, the only solution is for ISPs to start checking Windows PCs in at the Internet gate, and if they don't pass a minimum security check, we don't allow them in. If an ISP doesn't join up with this posse, cut it off from the rest of the Internet. This really is a case where if you're not part of the solution, you're part of the problem.

● Dangers of the Microsoft Monoculture

Every once in a while, someone might point out that reporters have to actively avoid mentioning Microsoft Windows when discussing computer problems; but largely – at least ever since Dan Greer lost his job for pointing out the danger of a Microsoft Monoculture - there is virtually no mention that Microsoft products lie at the root of virtually all security and computer-related problems today.

● Pink Floyd worm spreads on 'Chinese Facebook'

The techniques applied by the worm are similar to those of the Mikeyy worms that spread rapidly across microblogging site Twitter earlier this year and an Orkut worm in 2008. Orkut isn't popular in the US or Europe, but the Google-owned social networking site is big in Brazil and up and coming in India.

● Software [In]security: Attack Categories and History Prediction

Comments

Charles Oliver

2009-08-26 16:52:27

Yes because what we want is ISPs to increase their monitoring of internet usage to the level of knowing what OS you are using.

On a practical level, I don't see how this would work. How many connections to the net are via a router. The router is probably running linux. Any browser in use doesn't tell you how up to date a windows client is. So you're left with ISPs requiring the installation some bit of software they can monitor your PC with. Where does that leave Linux users? AOL from the 90s, is where.

Anything that prevents open access to all, whether it be lock-in to vendor file formats, extending HTML with things like flash or silverlight, or preventing access to the net dependent on your ISPs verification that you are running a secure OS has to be a bad thing.

twitter

2009-08-27 04:32:43

Yes, M$ often uses the problems they create to their advantage, but we don't have to let that happen. ISPs can require Windows users to install software and leave others alone. No one else seems to have a problem, so this is not unreasonable. ISPs already try to get users to install malware and spyware. It would be nice if that malware served a useful purpose. ISPs can also watch for abusive traffic, things that break RFCs and are clearly malicious. They already have this ability at the modem level and have demonstrated their ability to interfere with P2P, for example. The power to cut people off the net has to be carefully regulated. As things are, ISPs claim a right to cut you off for any reason. It would be better to make laws to protect the net. People who pollute it should be cut off, fined or jailed the same way we fine people who litter, speed and do other obnoxious things. ISPs that don't get their act together should be sued by everyone else.

Eye on Microsoft: Another Call to Ban Zombie PCs from the Internet

Comments

Recent Techrights' Posts