Microsoft researcher Scott Charney, who is also the Corporate Vice President of the company’s Trustworthy Computing Team has said that virus-infected computers that pose a risk to other PCs should be blocked from the Internet.
In a blog post he said…
Just as when an individual who is not vaccinated puts others’ health at risk, computers that are not protected or have been compromised with a bot put others at risk and pose a greater threat to society. In the physical world, international, national, and local health organizations identify, track and control the spread of disease which can include, where necessary, quarantining people to avoid the infection of others. Simply put, we need to improve and maintain the health of consumer devices connected to the Internet in order to avoid greater societal risk. To realize this vision, there are steps that can be taken by governments, the IT industry, Internet access providers, users and others to evaluate the health of consumer devices before granting them unfettered access to the Internet or other critical resources.
He’s got a point, it’s all fair and reasonable, but he’s missing the biggest part of the picture. This is that Microsoft are largely, nay, mostly responsible for the volume of infected computers on the planet to begin with. Okay, so companies like Adobe have also been targets for malware writers because of buggy and sloppily-written code in their Acrobat and Flash products, but it’s Microsoft that’s far and away the leader with insecure software.
It’s not necessarily true of their products now. Windows 7 is as secure as just about any other operating system out there, which is one of the reasons why malware writers turned their attention to Adobe, but there are still a great many other insecure Microsoft products that are not only in general usage, but that are still supported by the company.
To name but two of these I will highlight Windows XP and Internet Explorer 6. Both of these products are still supported and both are extremely insecure. IE6 for instance is commonly described as the scourge of the Internet because major businesses and corporations insist on its continued use in order to maintain compatibility with intranet systems. The same can be said of Windows XP, which business and corporations use firstly because of software compatibility, but also because it’s the only version of Windows to support IE6.
Both of these products are home to the vast bulk of malware and botnet infections and both are still supported by Microsoft.
So who is to blame for this fiasco? Some people would blame the corporations for failing to use new features, such as XP Mode in Windows 7, to provide legacy support. XP Mode itself though needs to be monitored and maintained and so presents its own security risk.
Other people would blame Microsoft, not only for providing ongoing support for products they know are woefully lacking in basic security, but also for making sure that their latest generation of software, including Internet Explorer 9 will only run on their newer, post-XP operating systems.
Suffice to say there’s blame to be laid squarely at everyone’s door, including the people who are still using Internet Explorer 6 at home. These people may or may not have had access to education and information about securing their computers (users in Europe have had a welcome helping hand in the form of the Browser Ballot screen).
Microsoft must take on board a huge chunk of the blame though and Mr Charney is quite correct in what he says, though somehow I don’t think his bosses will be giving him the employee of the month prize for a while.
There is a whole different issue about how you would block these infected computers from the Internet. Windows Server could come into play here in corporate environments, but what server admin would allow his company to invest in software that would over-rule him and his staff when it came time to decide which PCs get Internet access and which ones don’t?
Needless to say this is a minefield, and one that in my opinion must be cleared quickly by Microsoft announcing that they’re dropping support for Windows XP and especially Internet Explorer 6 (which some major websites including Facebook have already dropped support for). We at Windows 7 News would love to hear your views on this topic though (but please try not to swear), as it’s one that’s clearly set to run and run.
