Microsoft's security chief suggests 'Net tax to clean computers
IDG News Service - How will we ever get a leg up on hackers who are infecting computers worldwide? Microsoft's security chief laid out several suggestions today, including a possible Internet usage tax to pay for the inspection and quarantine of machines.
Most hacked PCs run Microsoft's Windows operating system, and the company has invested millions in trying to fight the problem.
Microsoft recently used the court system to shut down the Waledac botnet, introducing a new tactic in the battle against hackers. Speaking at the RSA security conference in San Francisco, Microsoft Corporate Vice President for Trustworthy Computing Scott Charney said that the technology industry needs to think about more "social solutions."
That means fighting the bad guys at several levels, he said. "Just like we do defense in depth in IT, we have to do defense in depth in [hacking] response."
"I actually think the health care model ... might be an interesting way to think about the problem," Charney said. With diseases, there are education programs, but there are also social programs to check people for disease and quarantine the sick.
This model could work to fight computer viruses, too, he said. When a computer user allows malware to run on his computer, "you're not just accepting it for yourself, you're contaminating everyone around you," he said.
The idea that Internet service providers might somehow step up in the fight against malware is not new. The problem, however, is cost.
Customer calls already eat into service provider profits. Adding quarantine and malware-fixing costs to that would be prohibitive, said Danny McPherson, chief research officer with Arbor Networks, via instant message. "They have no incentive to do anything today."
So who would foot the bill? "Maybe markets will make it work," Charney said. But an Internet usage tax might be the way to go. "You could say it's a public safety issue and do it with general taxation," he said.
According to Microsoft, there are 3.8 million infected botnet computers worldwide, 1 million of which are in the U.S. They are used to steal sensitive information and send spam and were a launching point for 190,000 distributed denial-of-service attacks in 2008.
- Security execs express surprise over CISO's firing following RSA talk
- Security industry faces attacks it cannot stop
- Pennsylvania fires CISO over RSA talk
- Google attacks, Web 2.0 fuel FUD at RSA
- Analysis: Does the storm over cloud security mean opportunity?
- Microsoft's tax-for-hacks 'horrible' idea, say security experts
- FBI Director: Hackers have corrupted valuable data
- CISOs rain on cloud-computing parade at RSA
- FBI embeds cyber-investigators in Ukraine, Estonia
- Tweet this: Social network security is risky business
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- The Critical Role of Support in Your Enterprise Mobility Management Strategy Most business leaders underestimate the importance of tech support when they choose an EMM solution. Here's what to put on your checklist.
- Live Webcast Best Practices for the Hyperconverged Enterprise Network To the Age of Constant Connectivity and Information overload
- Live Webcast Unmasking the Differences between Consumer and Enterprise File Sync & Share The consumerization of IT combined with the rapid pace of the modern mobile workplace is forcing enterprise IT teams to evaluate file sync...
- Live Webcast Government Agency Webifies Outdated COBOL Applications Let this CTO tell you how his agency converted 1980s-era green screens into an e-filing portal for the 100,000 cases handled each year...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,...
- Getting Ready for BlackBerry Enterprise Service 10.2 Find out how BlackBerry® Enterprise Service 10 helps organizations address the full spectrum of EMM challenges, while balancing the needs of both the... All Applications White Papers | Webcasts