Security Market Segment LS
×

Warning

JUser: :_load: Unable to load user with ID: 3149
Wednesday, 16 February 2011 07:38

Microsoft security boss proposes websites block unhealthy PCs

By

Following controversy surrounding his proposal for a global ISP-led quarantine of infected PCs last year, Microsoft security chief Scott Charney told the cyber security community today he has adjusted his recommendations.


The proposal now is to by-pass ISPs and let websites decide if your PC is healthy enough to do business with them. In other words, reverse engineer web browsing to make trusted transactions a two-way street.

Infected devices and those without an effective anti-virus would be turned back from transacting with websites. Banks, for example, might block account access or allow only low-value transactions until a device is 'fixed'. People ringing emergency services via VoIP would not be affected.

Before his highly anticipated keynote address at the RSA Conference in San Francisco overnight the Microsoft's Corporate VP Trustworthy Computing told ITWire exclusively that an API attached to the Windows firewall or anti-virus software could send a 'health certificate' to websites indicating its patches were up-to-date and it was not infected.

'It's prevention. We tell people to wash their hands, to vaccinate their kids. We do those things for a reason. We've given people the advice before, but sometimes telling them is not enough,' he said.

Charney's proposal is also aimed at US law makers at a time when governments around the world are grappling with cyber threats and growing cybercrime perpetrated by botnets. Millions of individual unsuspecting computers are believed to controlled by criminal gangs to execute spam, phishing and other attacks.

Howard Schmidt, cyber security coordinator at the White House, said Charney's 'self-healing, self-detection, self-solving of consequences model' had merit.

'Looking at a model that helps facilitate that is a big plus,' Schmidt said.

Charney's change of strategy comes as Australian ISPs adopted the volunteer icode (www.icode.net.au) in December. The code works along the lines he proposed last year.

Then he proposed unprotected and out-of-date PCs be quarantined from the internet by ISPs until they had been returned to an optimum state.  ISPs would then tell their customers the PCs needed fixing.

This is how the icode works in Australia with the additional requirement that ISPs tell Australian authorities if their client traffic is distributing malicious code or threatening the networks.

Charney applauded the Australian scheme but said there was opportunity to do more.

'It's still a reaction model because the ISPs wait until there is a problem. Vaccines work before there is a problem. It is important to be reactive and kudos for the Australian ISPs for doing that, but there's also an opportunity to be proactive so why don't you tell us you're passed the hygiene test?'

Symantec CEO Enrique Salem told ITWire 'everyone has to have a role'.

'The website has to absolutely have a role in it, but the user has to have some control. I also think the ISPs also have a tremendous key role because they have absolute visibility of what's on their network,' Salem said.

When pointed out that a reason for 'unhealthy' PCs is unpatched Windows vulnerabilities, Charney said the company had reduced them but achieving zero vulnerability was unrealistic.

'Absolutely reducing vulnerabilities is important. Since our adoption of the security product lifecycle our products have been reducing the number of vulnerabilities. We will not reduce vulnerability to zero. Systems are designed by people - just like we still have defects in cars.

'Secondly, as we've got more secure the attackers have moved up to application layer stacks and as we and Adobe and everyone else got more secure, they've moved up to people into social engineering.

'Even if we got it to zero, we still wouldn't solve the malware problem.'

 


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments