Ban virus-infected PCs from the net – Microsoft

6 Oct 2010

PCs infected by viruses that could be a risk to others should be banned from the internet, a senior researcher at Microsoft has suggested.

Scott Charney said the proposal is based on lessons from public health by putting machines into a temporary quarantine.

That way, it would prevent the spread of a virus and allow it to be cleaned.

“Just as when an individual who is not vaccinated puts others’ health at risk, computers that are not protected or have been compromised with a bot put others at risk and pose a greater threat to society,” Charney said in a blog post.

“In the physical world, international, national, and local health organisations identify, track and control the spread of disease which can include, where necessary, quarantining people to avoid the infection of others.”

The proposal, presented at the International Security Solutions Europe Conference in Germany, is designed to stop computers becoming a part of botnets.

This involves computers being unwillingly recruited into networks when they become infected with a virus. The viruses can be distributed through email attachments and as software downloads acting as legitimate programs.

Cyber criminals use these networks to use the computers for various means, such as spamming or mounting denial of service (DDoS) attacks against other websites.

Computer health certificate

This proposal also wants computers to have a “health certificate” to prove that it has no virus before going online.

If the problem is more serious or if the user refuses to produce a health certificate, he suggests other remedies such as “throttling the bandwidth of the potentially infected device, might be appropriate.”

He does acknowledge the issue could be troublesome in emergency scenarios, as such Charney suggests that infected computers could be able to engage with certain online activities in such an event.

Graham Cluely of security firm Sophos sees the challenge of this is “what the poor old user does.”

“They can’t get on the net to download fixes,” Cluely told BBC News.

Cluely also questioned whether Microsoft was the best company to recommend these measures.

Microsoft doesn’t have a faultless record when it comes to security,” he said.

“It has improved over the years, but every month they have to release a package of updates.

“There may be some who would say that Microsoft shouldn’t be on the internet until they get their own house in order,” Cluely said.