Home Business IT Security Microsoft security boss proposes websites block unhealthy PCs


JUser: :_load: Unable to load user with ID: 3149

Microsoft security boss proposes websites block unhealthy PCs

  • 16 February 2011
  • Written by 
  • Published in Security

Following controversy surrounding his proposal for a global ISP-led quarantine of infected PCs last year, Microsoft security chief Scott Charney told the cyber security community today he has adjusted his recommendations.

The proposal now is to by-pass ISPs and let websites decide if your PC is healthy enough to do business with them. In other words, reverse engineer web browsing to make trusted transactions a two-way street.

Infected devices and those without an effective anti-virus would be turned back from transacting with websites. Banks, for example, might block account access or allow only low-value transactions until a device is 'fixed'. People ringing emergency services via VoIP would not be affected.

Before his highly anticipated keynote address at the RSA Conference in San Francisco overnight the Microsoft's Corporate VP Trustworthy Computing told ITWire exclusively that an API attached to the Windows firewall or anti-virus software could send a 'health certificate' to websites indicating its patches were up-to-date and it was not infected.

'It's prevention. We tell people to wash their hands, to vaccinate their kids. We do those things for a reason. We've given people the advice before, but sometimes telling them is not enough,' he said.

Charney's proposal is also aimed at US law makers at a time when governments around the world are grappling with cyber threats and growing cybercrime perpetrated by botnets. Millions of individual unsuspecting computers are believed to controlled by criminal gangs to execute spam, phishing and other attacks.

Howard Schmidt, cyber security coordinator at the White House, said Charney's 'self-healing, self-detection, self-solving of consequences model' had merit.

'Looking at a model that helps facilitate that is a big plus,' Schmidt said.

Charney's change of strategy comes as Australian ISPs adopted the volunteer icode (www.icode.net.au) in December. The code works along the lines he proposed last year.

Then he proposed unprotected and out-of-date PCs be quarantined from the internet by ISPs until they had been returned to an optimum state.  ISPs would then tell their customers the PCs needed fixing.

This is how the icode works in Australia with the additional requirement that ISPs tell Australian authorities if their client traffic is distributing malicious code or threatening the networks.

Charney applauded the Australian scheme but said there was opportunity to do more.

'It's still a reaction model because the ISPs wait until there is a problem. Vaccines work before there is a problem. It is important to be reactive and kudos for the Australian ISPs for doing that, but there's also an opportunity to be proactive so why don't you tell us you're passed the hygiene test?'

Symantec CEO Enrique Salem told ITWire 'everyone has to have a role'.

'The website has to absolutely have a role in it, but the user has to have some control. I also think the ISPs also have a tremendous key role because they have absolute visibility of what's on their network,' Salem said.

When pointed out that a reason for 'unhealthy' PCs is unpatched Windows vulnerabilities, Charney said the company had reduced them but achieving zero vulnerability was unrealistic.

'Absolutely reducing vulnerabilities is important. Since our adoption of the security product lifecycle our products have been reducing the number of vulnerabilities. We will not reduce vulnerability to zero. Systems are designed by people - just like we still have defects in cars.

'Secondly, as we've got more secure the attackers have moved up to application layer stacks and as we and Adobe and everyone else got more secure, they've moved up to people into social engineering.

'Even if we got it to zero, we still wouldn't solve the malware problem.'



Did you know: Key business communication services may not work on the NBN?

Would your office survive without a phone, fax or email?

Avoid disruption and despair for your business.

Learn the NBN tricks and traps with your FREE 10-page NBN Business Survival Guide

The NBN Business Survival Guide answers your key questions:

· When can I get NBN?
· Will my business phones work?
· Will fax & EFTPOS be affected?
· How much will NBN cost?
· When should I start preparing?