Microsoft moots botnet tax; bloggers point and laugh #RSAC

Microsoft's Scott Charney made a very public plea at the RSA Conference for governments to tax internet users. But oh dear, it seems his ideas weren't exactly well received in the blogosphere. In IT Blogwatch, bloggers make veep voodoo dolls, then break out the pins.

By Richi Jennings. March 4, 2010.

Your humble blogwatcher selected these bloggy morsels for your enjoyment. Not to mention Extreme Makeover, Weiner Edition...
Robert Mullins mulls Microsoft's meeting mouthpiece:

Scott Charney, corporate vice president of Microsoft's Trustworthy Computing Group ... [said] it's not enough to build defenses against cybercriminals, the good guys have to put the bad guys out of business ... in a keynote address Tuesday morning at the RSA Conference 2010 in San Francisco. ... While focusing on security and privacy fundamentals like threat mitigation remains necessary, the industry needs to be more aggressive in blunting the efforts of cybercriminals.
Microsoft's ... along with other industry, academic and legal communities, obtained a restraining order against the operators of the Waledec botnet. ... Battling botnets was just one of several themes in Charney's address, in which he promoted Microsoft's "End to End Trust" vision of secure Internet computing for both on-premise and cloud-based enterprise IT.

Dan Goodin waxes metaphorical:

Charney ... is floating the idea of creating mandatory quarantines for computers with malware infections that pose a risk to internet users. ... The informal proposal ... was short on specifics, such as who would be responsible for monitoring and isolating malware-riddled machines. But he ... compared such a move to laws that have gone into effect over the past 20 years banning cigarette smoking in public.
Charney is the latest to champion the idea that infected PC users should be put in their own rubber room. ... The logistics of such a plan remain woefully unformed. While many say ISPs should monitor subscribers for infections, there's considerable disagreement about how providers should carry out and pay for such a system.

Nick Farrell pokes out his tongue:

Of course, users removing Microsoft software from their PCs, which hosts 99 per cent of known malware including botnets, would also solve the problem, but naturally Charney didn't mention that.
One of the problems he sees is that users are a little edgy about allowing ISPs into their systems because they are worried that they will be enforcers for the music and film industries. He said that violating copyrights was not a public health issue and so ISPs would have to limit it to the true purpose.

But Adrian Kingsley-Hughes shouts, "No!":

Let’s also not forget that Microsoft has gone out of its way to create a monoculture where one OS dominates, through legal and illegal methods. So the idea that we should now all pay to solve a problem that Microsoft not only wanted to create, but made billions of dollars in the process is frankly ... ridiculous.
So, what needs to be done? Well, here are a few things that would help:
  • OEMs should pre-load free antivirus software onto new PCs rather than trial crapware
  • Other hardware vendors ... could also offer free antivirus software
  • Microsoft Security Essentials should be offered to all PCs ...
  • Microsoft needs to make keeping Windows Update switched on by all more compelling …
  • Banks ... need to be more insistent that customers ... are protecting their PCs.

As does Sebastian Rupley:

Clearly, Microsoft is getting more creative in battling the spread of malware, but let’s not forget that there is self-interest in such creativity, because Microsoft’s own Windows operating system and other tools are the largest targets in the worlds of botnets and malware baddies.
Charney did suggest numerous creative strategies to fight malware going beyond general taxation, including public education programs and public service announcements. But these suggestions, too, raise questions as to who is going to pay the bills at the end of the day. Hopefully, taxpayers at large won’t get stuck with them.

Don Tennant, late of this parish, is equally scathing:

Microsoft’s “Trustworthy Computing” shtick has gone so far over the oxymoronic top that it’s just no longer possible to give the company the benefit of the doubt. ... Really, Scott? ... Did you really think we’d all look at each other with nods of agreement, impressed by the brilliance of your epiphany? Didn’t you realize that revelation might just backfire on you?
It’s unfathomable that a company with Microsoft’s resources can be so clueless and out of touch. ... If Microsoft expects to be taken seriously as an enabler of “trustworthy computing,” it needs to do a lot more than this to demonstrate trustworthiness. Taxing users who find the software they bought is non-secure is like taxing Toyota owners for finding they have faulty gas pedals.

So what's your take?
Get involved: leave a comment.

And finally...

Richi Jennings, your humble blogwatcher
  Richi Jennings is an independent analyst/consultant, specializing in blogging, email, and security. A cross-functional IT geek since 1985, he is also an analyst at Ferris Research. You can follow him as @richi on Twitter, or richij on FriendFeed, pretend to be richij's friend on Facebook, or just use good old email:

Don't miss out on IT Blogwatch:

Copyright © 2010 IDG Communications, Inc.

Shop Tech Products at Amazon