Microsoft pitches PC isolation ward to defeat botnets
But it's unlikely Charney's ideas will curtail botnets or even pass muster with users, said Joe Stewart, director of malware analysis at Atlanta-based SecureWorks, and a well-known botnet expert.
"If you don't address the human behind the botnet, you'll fail," Stewart said.
"Technical solutions just haven't worked," Stewart said, referring to Charney's health certificate concept. Criminals are simply too adaptable, too clever to be long stymied by any technology-based defense, whether certificates -- which even Charney acknowledged would have to be counterfeit-proof -- or antivirus software, firewalls and patches.
"Plenty of people get infected by a bot who have all the patches, who have a firewall, who have antivirus," Stewart said. "They don't even know they've been infected." How, then, would one explain to them that they can't get on the Internet? he asked.
Instead, more resources should be dedicated to other initiatives. "First, we need much better global communication and collaboration" between researchers and law enforcement, he said, as well as an enforceable way to hold ISPs accountable for hosting botnets' command-and-control servers, no matter where they're located.
"And we need more what I call 'offense in depth,'" Stewart added, explaining the strategy as one where researchers and law enforcement agencies hound a botnet until its gang of controllers is driven out of business or arrested.
Stewart has proposed that before. Last April he laid out an anti-botnet approach in which teams of paid security researchers, similar to a police department's major crimes unit, would stalk and disrupt specific criminal gangs or botnets.
Even if Charney's technology-based proposal worked, Stewart was skeptical that people would buy into the idea.
"I just don't see how you could make it happen with the current paradigm of computing," said Stewart. People are accustomed to the idea that they can do what they want with their personal computer -- put any software on the machine, jump on the Internet at a moment's notice -- and a radical departure from that will have a tough time finding supporters.
The only way to block botnets from getting on PCs is if the PC industry adopted a closed ecosystem, similar to Apple's App Store, said Stewart, where only certain applications are allowed to be installed.
"But everything would have to be fundamentally redesigned," he said. "I don't think people have reached the point yet with botnets where they would agree to that. Maybe in 20 years. But for now we're locked into this mentality that we can do anything we want."
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is email@example.com.
Read more about Security in Computerworld's Security Topic Center.
- SIP Migration: Addressing CIOs' Concerns Recent data from IDG Research shows that many IT executives are counting on SIP to help them meet employee efficiency and customer experience...
- SBIC: Transforming Information Security This report combines perspectives on technologies with experience in strategy to help security teams navigate complex decisions regarding technology deployments while maximizing investments.
- InfoTech: Cloud File Sharing Organizations are increasingly turning to cloud file sharing solutions to meet end-user's needs for a lightweight and effective collaboration tool. In this report,...
- Rethinking Backup and Recovery As enterprises continue to transform their data centers, and virtualization plays an increasing role in their IT infrastructures, the way data is backed...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Top 4 Digital Signage Fails Join RMG Networks for a look at four of the most common reasons digital signage fails in corporate businesses. Learn about strategies to... All Privacy White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!