1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Microsoft Exec Discusses Quarantine of Infected PC's

Discussion in 'Tech Talk - Gadgets, Gizmos and Technology' started by LarryFlowers, Mar 3, 2010.

  1. Mar 3, 2010 #1 of 15

    LarryFlowers New Member

    Sep 22, 2006
    Scott Charney, Microsoft's corporate vice president of Trustworthy Computing made an interesting proposal at the RSA Security Conference.

    You can read the details at http://news.cnet.com/8301-27080_3-10462649-245.html?tag=newsEditorsPicksArea.0

    Basically, he is suggesting that infected PC's be treated the same way that one would treat an individual with an infectious disease.. isolate them until cured.

    There may be some personal freedom issues here, but the comparison may be valid.

    The "internet" has become a very public place.. can we afford to have infected individuals (pc's) wandering around loose to wreak their particular brand of havoc?

    Should we force individuals to maintain a certain level of PC health in order to interact with everyone else in much the same way we would isolate a human with an infectious disease?

    My first reaction to this was negative, but the more I thought about it, the more I warmed to the idea.

    What do you think?
  2. Mar 3, 2010 #2 of 15

    SayWhat? Know Nothing

    Jun 6, 2009
    How would they know? IPs can be spoofed. Are MAC addresses transmitted?
  3. Mar 3, 2010 #3 of 15

    HIPAR Icon

    May 15, 2005
    May I suggest that Mr Charney start his crusade by insisting Windows be 'Trustworthy'.

    --- CHAS
  4. Mar 3, 2010 #4 of 15

    LarryFlowers New Member

    Sep 22, 2006
    Not sure that any OS with millions of lines of code can ever be totally trustworthy, though it certainly should be the goal.

    Today however, there are so many different attack vectors, the end user has to take responsibility, and I do not think that is too much to ask.

    If a user is unwilling to keep his OS up to date, easily accomplished these days, and unwilling to at least use one of the many high quality free antimalware apps... shouldn't they suffer the consequence?

    Look, I am a geek and an IT professional. I test software. My knowledge level should be considered at least moderately high... but in the end I do nothing extraordinary to protect my system.

    I use the free Microsoft Security Essentials. I use the free version of Malwarebytes. I use the Windows firewall. My systems are all set to download and install all OS priority updates at 3AM and I leave my PC's on 24/7.

    Nothing I am doing is extraordinary. I have never picked up a bug of any kind and I do frequently deliberately expose my system.

    About the only "extraordinary" (if you can call it that) thing I do or rather don't do, is I never ever download anything from sources I am not sure of. If you download from so called pirate sites you deserve whatever happens.
  5. Mar 3, 2010 #5 of 15
    Marlin Guy

    Marlin Guy Hall Of Fame

    Apr 8, 2009
    Ditto and +1000!

    Microslop wants to change the Internet to compensate for its lack of security.
    "Infection" is subjective, just like pornography or profanity.
    Who gets to decide what qualifies a PC to be quarantined?

    Slippery, slippery slope that I care not to slide down.

    MS needs to take a lesson from Toyota and fix their problems.
    Yes, that means starting from scratch, instead of continuing to build on Windows 3.1.
  6. Mar 3, 2010 #6 of 15

    LarryFlowers New Member

    Sep 22, 2006
    A PC is infected when it is controlled by someone other than the user and is being used to spread infection or generate spam or DOD attacks.

    Can't get much simpler than that.

    Show me a single OS 100% secure... there will always be people out there who are smart enough to find a way to break an OS. Maybe if we caught a few of them and gave them life sentences, things would be better.
  7. Mar 3, 2010 #7 of 15
    Marlin Guy

    Marlin Guy Hall Of Fame

    Apr 8, 2009
    No, it can't get much simpler than that.

    Unfortunately, it's not that simple at all.

    I would consider any software installed without full knowledge and consent of the user to be an infection.

    Infections can hijack DNS to obstruct access to certain sites, or redirect them to malicious sites or content.
    They may just install toolbars and log search requests.

    There is a streak of grey a mile wide in the term "infections".
    Who's to say that a computer seeding torrents or other shared content isn't "infected".
  8. Mar 3, 2010 #8 of 15

    wilbur_the_goose Hall Of Fame

    Aug 16, 2006
    the guy from MS is correct. The majority of harm comes from those computers that are not kept up to date. I promise that there are thousands of Win95 PCs out there that are at risk.

    While Macs are certainly not attacked as often (because their numbers are relatively small as a percentage), an unpatched Mac is a risk to everybody else on the net.

    To me, it's like auto pollution. 95% of auto pollution (CO, NOx) is caused by 2% of cars on the road. Get those 2% off the road and you've gone a LONG way to solving our air quality problems.
  9. Mar 4, 2010 #9 of 15

    kfcrosby Godfather

    Dec 17, 2006
    Memphis, TN
    I can see both sides of this as I am sure many of you can. However the problem exists and using the analogy of the Internet as a public place, what would you reaction be if a person was diagnosed with a highly infectious disease?

    You can't force someone to get inoculated for a disease, but public safety demands that they be put into quarantine until the disease is under control.

    To me, same issue....
  10. kevinwmsn

    kevinwmsn Hall Of Fame

    Aug 19, 2006
    I don't have any problems if they shutdown infected pcs. Infected pcs will eat up the internet bandwidth. We have shutdown infected pcs at work before, we don't do this every time though.
  11. Marlin Guy

    Marlin Guy Hall Of Fame

    Apr 8, 2009
    The common cold is a highly infectious disease.
    Therein lies the flaw of this logic.
    Again, it is subjective. Who decides what's a threat and what actions are warranted?

    Education and prevention are the best approach, but it's not the place of government to enforce their will upon the careless, because "carelessness" is itself subjective.

    While we may now think we have a good idea of what falls on either side of the line between software and malware, and our intentions are noble, there's no guarantee that the next Internet Czar will be as level headed or apolitical.

    Power granted is one step away from power abused.

    See "Patriot Act".
  12. wingrider01

    wingrider01 Hall Of Fame

    Sep 9, 2005
    What you "claim" can be pointed at ever OS that is on the market. Primary visibilty and attack preference is the number of available targets and the "hey look at what I did factor".

    The only 100 percent secure OS is one where the device and no external input available outside of the operator, and they need to be watched also.
  13. Marlin Guy

    Marlin Guy Hall Of Fame

    Apr 8, 2009
    And there is your solution.
    It's coming, and I'm not going to fight it.
    Firmware OS's are the future.
    Computers need to become appliances. Turn them on and they work.
    If they're acting up, replace them.

    That addresses the root cause of the problem, instead of trying to put a band-aid on an axe wound.
    Secure the operating systems - problem solved.

    There is nothing that a configurable OS can do that could not be hard-coded into firmware ROM these days.

    The days of us being able to change our screen savers and backgrounds are numbered, as they should be.
  14. HIPAR

    HIPAR Icon

    May 15, 2005
    Patchable kernels, ActiveX automation, free access to the registry .. Windows hackers delight. I spent a good part of a day identifying and removing the Tdss rootkit that was diverting my browser calls. It shut down my virus detection software and hid itself from the task list. A nightmare!

    The kind of op system that allows this just isn't needed for the computing masses who just want to access the web, check email or edit photos. I don't need it. I'm not an IT professional.

    Correct .. boot a bare bones system from ROM or CD. This might not prevent spread of an infection that was 'invited' into a running system but it sure would prevent the infection from restarting on the next boot.

    --- CHAS
  15. Marlin Guy

    Marlin Guy Hall Of Fame

    Apr 8, 2009
    The system doesn't even have to be bare bones.
    Look at what you can do with ROM-based Linux in DVR's, media boxes, etc.
    Look at PSP, X-box, and others.
    Look at smart phones.

    There will still be a limited market for those who prefer to tinker and twiddle with every little aspect of their systems, but the masses are headed in the other direction, and most are happy to be doing so.

    Consider how much is being spent on IT support for screwed up systems these days, and it's easy to see two opposing factions at work here.

    On the one hand, the shrinking IT services and computer security industries are pushing to keep those fragile OS's in play. It is their livelihood, and it's well worth their efforts to try and preserve it.

    On the other hand, consumer demand is begging for ROM-based systems that lock out viruses and guard against bumbling users.
    As the boomers slip away to rest homes, they are being replaced by a generation of new consumers that like to buy things and have them up and running quickly and reliably.
    They don't care how it works or why it works.
    They just want it to work.

    Imagine a car with dashboard controls that allow each novice driver to change critical settings like timing, fuel/oxygen ratio, gearing, camber, cast, etc.
    That's a lot of broken down messed up cars, isn't it?

    A ridiculous notion to be sure.

Share This Page