Home Business IT Security Microsoft security boss proposes websites block unhealthy PCs

Subscribe now and get the news that matters to your industry.

* Your Email Address:
* First Name:
* Last Name:
Job Function:
Australian State:
Email marketing by Interspire
weebly statistics

Following controversy surrounding his proposal for a global ISP-led quarantine of infected PCs last year, Microsoft security chief Scott Charney told the cyber security community today he has adjusted his recommendations.

The proposal now is to by-pass ISPs and let websites decide if your PC is healthy enough to do business with them. In other words, reverse engineer web browsing to make trusted transactions a two-way street.

Infected devices and those without an effective anti-virus would be turned back from transacting with websites. Banks, for example, might block account access or allow only low-value transactions until a device is 'fixed'. People ringing emergency services via VoIP would not be affected.

Before his highly anticipated keynote address at the RSA Conference in San Francisco overnight the Microsoft's Corporate VP Trustworthy Computing told ITWire exclusively that an API attached to the Windows firewall or anti-virus software could send a 'health certificate' to websites indicating its patches were up-to-date and it was not infected.

'It's prevention. We tell people to wash their hands, to vaccinate their kids. We do those things for a reason. We've given people the advice before, but sometimes telling them is not enough,' he said.

Charney's proposal is also aimed at US law makers at a time when governments around the world are grappling with cyber threats and growing cybercrime perpetrated by botnets. Millions of individual unsuspecting computers are believed to controlled by criminal gangs to execute spam, phishing and other attacks.

Howard Schmidt, cyber security coordinator at the White House, said Charney's 'self-healing, self-detection, self-solving of consequences model' had merit.

'Looking at a model that helps facilitate that is a big plus,' Schmidt said.

Charney's change of strategy comes as Australian ISPs adopted the volunteer icode (www.icode.net.au) in December. The code works along the lines he proposed last year.

Then he proposed unprotected and out-of-date PCs be quarantined from the internet by ISPs until they had been returned to an optimum state.  ISPs would then tell their customers the PCs needed fixing.

This is how the icode works in Australia with the additional requirement that ISPs tell Australian authorities if their client traffic is distributing malicious code or threatening the networks.

Charney applauded the Australian scheme but said there was opportunity to do more.

'It's still a reaction model because the ISPs wait until there is a problem. Vaccines work before there is a problem. It is important to be reactive and kudos for the Australian ISPs for doing that, but there's also an opportunity to be proactive so why don't you tell us you're passed the hygiene test?'

Symantec CEO Enrique Salem told ITWire 'everyone has to have a role'.

'The website has to absolutely have a role in it, but the user has to have some control. I also think the ISPs also have a tremendous key role because they have absolute visibility of what's on their network,' Salem said.

When pointed out that a reason for 'unhealthy' PCs is unpatched Windows vulnerabilities, Charney said the company had reduced them but achieving zero vulnerability was unrealistic.

'Absolutely reducing vulnerabilities is important. Since our adoption of the security product lifecycle our products have been reducing the number of vulnerabilities. We will not reduce vulnerability to zero. Systems are designed by people - just like we still have defects in cars.

'Secondly, as we've got more secure the attackers have moved up to application layer stacks and as we and Adobe and everyone else got more secure, they've moved up to people into social engineering.

'Even if we got it to zero, we still wouldn't solve the malware problem.'



Don't let traffic bottlenecks slow your network or business-critical apps to a grinding halt. With SolarWinds Bandwidth Analyzer Pack (BAP) you can gain unified network availability, performance, bandwidth, and traffic monitoring together in a single pane of glass.

With SolarWinds BAP, you'll be able to:

• Detect, diagnose, and resolve network performance issues

• Track response time, availability, and uptime of routers, switches, and other SNMP-enabled devices

• Monitor and analyze network bandwidth performance and traffic patterns.

• Identify bandwidth hogs and see which applications are using the most bandwidth

• Graphically display performance metrics in real time via dynamic interactive maps

Download FREE 30 Day Trial!



Where are your clients backing up to right now?

Is your DR strategy as advanced as the rest of your service portfolio?

What areas of your business could be improved if you outsourced your backups to a trusted source?

Read the industry whitepaper and discover where to turn to for managed backup