Home »

UK ISP News Archives

⇆ Speedtest

✎ Review ISP

✔ Compare ISP

★ Top 10 ISPs

Microsoft Tells Broadband ISPs NOT to Ban Malware Infected PCs from the Internet

Posted: 17th Feb, 2011 By: MarkJ

microsoft windows live disconnected internet

Software giant Microsoft has u-turned on last year's controversial proposal to establish a new Global Collective Defence (here), which among other things also called upon broadband ISPs to restrict internet access for customers with computers that had become infected by Malware (Viruses, Trojans etc.).

Scott Charney, MS's Corporate Vice President of Trustworthy Computing, told this year's RSA Security Conference that his "thinking [had] evolved" since then, before explaining how he now recognised the "many flaws with that model".

Microsoft's Scott Charney said:

"Last year at RSA, I said, you know, we need to think about ISP as being the CIO for the public sector, and we need to think about them scanning consumer machines, and making sure they're clean, and maybe quarantining them from the Internet.

But, in the course of the last year I thought a lot more about this, and I realized there are many flaws with that model, and it could be improved significantly. One is, consumers may not want their machines scanned, right? They have a privacy interest in their machine. They may not feel comfortable with that.

The second problem, of course, is that it puts a lot of burden on the ISPs, because they're the ones who are gaining access to the Internet. And that could be a problem.

The third problem is the notion of quarantine at all, although we do do it in health cases, the problem with quarantining on the Internet is this issue of convergence, which is my Internet PC may have VoIP, and it may be the way I access 911 for emergency services, so you see the scenario, right, I'm having a heart attack, I run to my computer, it says you need to install four patches and reboot before you can access the Internet. That's not the user experience we strive for."

At the time it didn't take a genius to work out that the affected computers would most likely be those with Microsoft Windows installed; somewhat of an own goal for the software giant. Likewise most infections do not completely destroy a computer and the affected individuals might still need their internet access to find a solution.

Instead of that Microsoft has now proposed an Internet Health Certificate for computer systems. The idea is that online banks, websites or other services could check the user's computer for this certificate and decide whether or not to give them access. For example, a user might be stopped completely or only given partial access to their bank if the anti-virus software was not up-to-date.

Charney added:

"The user can say I don't want to pass a health certificate. Now, there may be consequences for that decision, if you're pulled over and a police officer thinks you've been driving drunk, you can refuse a breathalyzer. There may be consequences for that decision, but you can do it.

As long as we're transparent and people can make choices, that's fine. So, the user remains in control. The second great thing about this model is that it's not all up to the ISP, any organization can say we want to look at a health certificate."

Naturally there's a fatal flaw. One of the first things virus authors will do is to write code that makes the computer appear secure :glee: and as a result the certificate would instantly become irrelevant.

Meanwhile Kaspersky Lab's, a popular Anti-Virus firm, yesterday called on worldwide governments and broadband ISPs to consider tough new measures that would allow ISPs, anti-virus firms or the police to "forcibly remove malicious code" from infected computers (here).

As both we and Charney have recently pointed out, some ISPs do this already but it's extremely difficult and costly to accurately identify infected computers. Likewise, even when you do, only a tiny fraction ever appears to be caught.

Search ISP News

Search ISP Listings

Search ISP Reviews

Latest UK ISP News