Microsoft Proposes Each PC Needs A Health Certificate or No Net Access Allowed

Microsoft has proposed a plan that each PC would be required to present a "health certificate" or else be considered too sick to connect to the Internet.

By Ms. Smith on Wed, 10/06/10 - 6:21pm.

Many security experts have talked about quarantining infected computers, but Microsoft has proposed a plan that each PC would be required to present a "health certificate" or else be considered too sick to connect to the Internet.

Scott Charney, Microsoft’s vice president of trustworthy computing, presented his idea of "implementing a global collective defense of Internet health much like what we see in place today in the world of public health... Just as when an individual who is not vaccinated puts others’ health at risk, computers that are not protected or have been compromised with a bot put others at risk and pose a greater threat to society. In the physical world, international, national, and local health organizations identify, track and control the spread of disease which can include, where necessary, quarantining people to avoid the infection of others."

Charney gave his speech at the International Security Solutions Europe (ISSE) Conference in Berlin, Germany, and posted his "vision" on his blog. Other countries like Australia and the Netherlands are attempting similar security models; Charney uses examples like France’s Signal Spam or Japan’s Cyber Clean Center as cyber models to keep only healthy computers online.

Comparing the proposal to a global collective defense for health is not necessarily comforting. How many older computers would be digitally quarantined for false positives? Think back a year to the H1N1 hysteria in which unvaccinated persons were a threat to everyone's good health. If a computer cannot issue a "health certificate" and is cut off the Internet, wouldn't that be similar to not allowing a sick person transportation to a doctor's office? How does the sick computer get well without the tools or "medicine" available at Dr. Net?

Should ISPs like Comcast be responsible for cyber-patrolling and sending out bot-notifications to all its customers? Krebs on Security reported that the FCC may encourage ISPs to be more proactive in cleaning up bot infected computers. How does an entity go about it, by throwing scareware warnings on startup screens or simply no Net access? Does this lead to downloading software to monitor PC health? This could very well be a disaster, as it would be way too easy to abuse. An ISP could decide a computer was sick and couldn't connect to the Net if that computer uses too much bandwidth. I've seen domains be shutdown as hosts insisted they were under DDoS attacks . . . but the reality of the situation was Slashdotting or the Digg effect. That may be close, but the intent was not malicious.

Graham Cluely, of security firm Sophos, told BBC, "Microsoft doesn't have a faultless record when it comes to security. It has improved over the years, but every month they have to release a package of updates. There may be some who would say that Microsoft shouldn't be on the internet until they get their own house in order."

Whose software gets access to your data to scan your computer for good health? Who decides who gets to play doctor and peek under the sheet? Violating privacy and civil liberties by installing a possible backdoor? Microsoft Security Essentials is not a bad product, but hello? C'mon Microsoft! Harden your OS or ban Windows from the Net since that is where botnets, viruses, trojans and malware thrive.

Microsoft plans to advocate for legislation and policies to help advance the model in a way that "advances principles supporting user control and privacy." However, unless there is a giant collective NO to more privacy and freedom violations, online regulations and cyber-patrols may inevitably open users up to more surveillance by authorities.

Charney wrote, "Privacy concerns must be carefully considered in any effort to promote Internet security by focusing on device health. In that regard, examining health is not the same as examining content; communicating health is not the same as communicating identity; and consumers can be protected in privacy-centric ways that do not adversely impact freedom of expression and freedom of association."

What do you think of Microsoft's proposal that if a computer is not well enough to be issued a health certificate, then it's no Internet access for that PC? Is this the answer to clean up botnets or an invitation to Big Brother?

Like this? Check out these other posts:

All of today's Microsoft news and blogs

FBI Spied and Lied, Misled Justice Department on Improper Surveillance of Peace Groups

EFF Warns of Untrustworthy SSL, Undetectable Surveillance

Microsoft's Davis on Privacy: Your Digital Life Data is Bankable Currency

ACLU Report: Spying on Free Speech Nearly At Cold War Level

DHS to Launch SAR Database. In Suspicion and Surveillance We Trust?

Facial recognition: Identifying faces in a crowd in real-time

Microsoft's Live@edu email not encrypted on cloud servers

Cyber-Warfare: U.S. Military Hackers and Spies Prepare to Knock the World Offline

Follow me on Twitter @PrivacyFanatic

Tags

Go there...
http://www.networkworld.com/community/blog/microsoft-proposes-each-pc-needs-health-certi

Well, I for one, am a little worried about this trend into thinking this way. For all of the reasons mentioned in this article. And also because I see this as another way for MS to try and Shut Down all Free and Open Source Linux Operating Systems. Along with the Freedom and Emerging Technology Advances in Software that We Linux users are enjoying Now and Will the Future!:O Why? You ask... Because of what I see with all of the Resistance to making their Web and Media Content work in Linux. That and the Buddy System they seem to have going with Adobe's Flash and Sun's Java Jre to some extent as well. This is the only Real Pain in the Side of Linux Users now... And one major hurdle for new Linux users, who may just turn back or not even try Linux because of having to manually install and Update or having no support at all for this Media on the Web. When they find out what a pain it is to get and keep their Systems Compatible with this Media, by adhering to their "Minimum System Requirements". And this is where I see the PC Vaccination Program Targeting Linux... Because already, this Media is something that most Web users want and may even need, because of the Way Web Sites are Set-up these days and it is Held Back from Linux users in many ways. It hasn't stopped me though... I have been running Linux for over 5 years now as my main Operating Systems and never want to turn back! But, I do enjoy learning and tweaking my Systems and most people don't. I know that something needs to be done to Protect us all from all of this Malware, Viruses, Trojans, Rootkits and Worms Constantly Attacking our Computers. And I know that allot of People around the World are Clueless about Viruses and Computer Security and wont take the time to learn. But, giving this kind of Power to anyone other than the Owner of the Computer and more importantly... Their own Personal Data on that Computer wold be Very, Very Dangerous for the Security of Everyone in Many Ways. More So, than it is now, I Believe. I think that if Microsoft and the Other Big Software Companies would use some of their Charity Donations to Support Free and Open Source AntiVirus and Security Firewall Software making it even more Freely available and Easy to Use. Along with Computer Security Education Programs... We could all be allot Safer Online and allot Sooner. A Whole Lot Sooner than if they keep on trying to fight Freedom in Computing and Open Source Software. This would also help to Raise the Very Tarnished Images of these Companies and Gain Some Trust for these Companies with their Customers... I have managed to keep my my Linux Systems much safer than the previous 7 years of running Windows Systems, because of the Free and Open Source Operating Systems and Software Available now. But, I had to do allot of Learning. With only 2 suspected infections of my Linux Systems over the past 5 years. Much better than when I ran Windows OS's, where Virus infections became so common, that I lost count over the my 7 years with Windows XP OS's. My Win XP System is down right now and won't even Boot due to my letting Microsoft Security Software "Clean" that System. I had my Win XP machine set up to where I could watch Videos on the Net on my TV and I just bought a new HD TV Tuner, so I could Record my favorite TV Shows on the Computer. But I crashed it by deleting some files that a Microsoft Online Virus Scanner said were Root Kit's!:O No other Virus scanner reported that anything was there at all. I did several Boot Time Scans on it with Avast and a couple more Virus Scanners. I can't remember which ones now, but probably ClamAV and Comodo and maybe another Online Scanner too. But I wanted to be safe... What a mistake! Trusting MS!:O I've already Restored the OS with the install CD twice. Which I have done many times in the Past with other Infections and Quite Successfully. But it still wont even show the Desktop. Just sets there black after it gives 2 errors saying that services and lsass.exe can't be found:( They are there though. I have already Restored the Registry several times to different backups that I keep. And even Manually Edited the Registry according to Microsoft's instructions on their web site for recovering from the Sassor Rootkit Virus. But these errors still Persist!:O Now I will have to spend more time figuring that out... I wouldn't even mess with XP, but I like the games on that system and my new HD TV Tuner doesn't have any Linux Drivers written for it... It was a Bargain Deal and I should have known better than to buy one that didn't say it was Linux Compatible!:o I figured I would be able to find a Linux Driver, but I didn't check ahead to time... But, Don't hold your Breath, MS! I wont be "upgrading" to Win 7 or any other Windows OS... any time soon!

Don