We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Microsoft wants botnet-infected PCs banned from the web

Proposals won't fly with users

Microsoft's security chief has unveiled proposals that will see some botnet-infected computers blockedfrom connecting to the internet.

According to Joe Stewart, director of malware analysis at SecureWorks, it's unlikely Charney's ideas will curtail botnets or even pass muster with users.

"If you don't address the human behind the botnet, you'll fail," Stewart said.

"Technical solutions just haven't worked," Stewart said, referring to Charney's health certificate concept. Criminals are simply too adaptable, too clever to be long stymied by any technology-based defence, whether certificates - which even Charney acknowledged would have to be counterfeit-proof - or antivirus software, firewalls and patches.

"Plenty of people get infected by a bot who have all the patches, who have a firewall, who have antivirus," Stewart said. "They don't even know they've been infected." How, then, would one explain to them that they can't get on the internet? he asked.

Instead, more resources should be dedicated to other initiatives. "First, we need much better global communication and collaboration" between researchers and law enforcement, he said, as well as an enforceable way to hold ISPs accountable for hosting botnets' command-and-control servers, no matter where they're located.

"And we need more what I call 'offence in depth,'" Stewart added, explaining the strategy as one where researchers and law enforcement agencies hound a botnet until its gang of controllers is driven out of business or arrested.

Stewart has proposed that before. Last April he laid out an anti-botnet approach in which teams of paid security researchers, similar to a police department's major crimes unit, would stalk and disrupt specific criminal gangs or botnets.

Even if Charney's technology-based proposal worked, Stewart was skeptical that people would buy into the idea.

"I just don't see how you could make it happen with the current paradigm of computing," said Stewart. People are accustomed to the idea that they can do what they want with their personal computer - put any software on the machine, jump on the internet at a moment's notice - and a radical departure from that will have a tough time finding supporters.

The only way to block botnets from getting on PCs is if the PC industry adopted a closed ecosystem, similar to Apple's App Store, said Stewart, where only certain applications are allowed to be installed.

"But everything would have to be fundamentally redesigned," he said. "I don't think people have reached the point yet with botnets where they would agree to that. Maybe in 20 years. But for now we're locked into this mentality that we can do anything we want."

See also: How to secure a new PC


IDG UK Sites

Very best Black Friday 2014 tech deals UK: Latest bargains on phones, tablets, laptops and more...

IDG UK Sites

Tech trends 2015: 3D printing grows up

IDG UK Sites

10 mind-blowing Oculus Rift experiments that reveal VR's practical potential

IDG UK Sites

Black Friday 2014 UK: Apple deals, Amazon deals & other Black Friday tech offers