Microsoft idea ...Health Certificates for Computers WTF?
Posted: Thu Oct 07, 2010 6:31 am
My Comment:
What they are saying is that sick computers should not get on the internet. While that sounds good. Note that this proposal is from Microsoft with "health certificates" as an idea to "prove" the computer is "worthy" to use the internet". I see a back door proposal to ban computers from the internet unless they are approved by Microsoft. So If one is running Linux, no anti-virus is normally needed and since it is not Windows ...how would a "health certificate" be issued to a Linux or Apple computer since it is not run by Microsoft? More importantly, would this proposal be a back door to registering computers on the internet? Or keeping non Microsoft computers off the internet? Read into this and make your own conclusions, I hope this idea is shot down before some idiot decides to make this into a proposal for law. I hope the EFF is on top of this.
____________________________________________________________________________
Sick PCs should be banned from the net says Microsoft
hands on laptop Botnets can contain millions of machines
http://www.bbc.co.uk/news/technology-11483008
Virus-infected computers that pose a risk to other PCs should be blocked from the net, a senior researcher at software giant Microsoft suggests. The proposal is based on lessons from public health, said Scott Charney of the firm's Trustworthy Computing team. It is designed to tackle botnets - networks of infected computers under the control of cybercriminals. Putting machines in temporary quarantine would stop the spread of a virus and allow it to be cleaned.
His proposal, presented at the International Security Solutions Europe (ISSE) Conference in Berlin, Germany, is for all computers to have a "health certificate" to prove that it is uninfected before it connects to the net. "Although the conditions to be checked may change over time, current experience suggests that such health checks should ensure that software patches are applied, a firewall is installed and configured correctly, an antivirus program with current signatures is running, and the machine is not currently infected with known malware," he wrote in the accompanying paper.
If the health certificate indicates a problem the computer could be prompted to download a missing patch or update its anti-virus settings.
Microsoft said that to make its plan work it would need four steps, including defining a health computer, creating a trusted system for health certificates and finding a way for ISPs to process and act on them.
Relevant legal frameworks would also be needed, it said. But Mr Cluley questioned whether Microsoft was best placed to recommend such security measures. "Microsoft doesn't have a faultless record when it comes to security," he said."It has improved over the years, but every month they have to release a package of updates. "There may be some who would say that Microsoft shouldn't be on the internet until they get their own house in order."
What they are saying is that sick computers should not get on the internet. While that sounds good. Note that this proposal is from Microsoft with "health certificates" as an idea to "prove" the computer is "worthy" to use the internet". I see a back door proposal to ban computers from the internet unless they are approved by Microsoft. So If one is running Linux, no anti-virus is normally needed and since it is not Windows ...how would a "health certificate" be issued to a Linux or Apple computer since it is not run by Microsoft? More importantly, would this proposal be a back door to registering computers on the internet? Or keeping non Microsoft computers off the internet? Read into this and make your own conclusions, I hope this idea is shot down before some idiot decides to make this into a proposal for law. I hope the EFF is on top of this.
____________________________________________________________________________
Sick PCs should be banned from the net says Microsoft
hands on laptop Botnets can contain millions of machines
http://www.bbc.co.uk/news/technology-11483008
Virus-infected computers that pose a risk to other PCs should be blocked from the net, a senior researcher at software giant Microsoft suggests. The proposal is based on lessons from public health, said Scott Charney of the firm's Trustworthy Computing team. It is designed to tackle botnets - networks of infected computers under the control of cybercriminals. Putting machines in temporary quarantine would stop the spread of a virus and allow it to be cleaned.
His proposal, presented at the International Security Solutions Europe (ISSE) Conference in Berlin, Germany, is for all computers to have a "health certificate" to prove that it is uninfected before it connects to the net. "Although the conditions to be checked may change over time, current experience suggests that such health checks should ensure that software patches are applied, a firewall is installed and configured correctly, an antivirus program with current signatures is running, and the machine is not currently infected with known malware," he wrote in the accompanying paper.
If the health certificate indicates a problem the computer could be prompted to download a missing patch or update its anti-virus settings.
Microsoft said that to make its plan work it would need four steps, including defining a health computer, creating a trusted system for health certificates and finding a way for ISPs to process and act on them.
Relevant legal frameworks would also be needed, it said. But Mr Cluley questioned whether Microsoft was best placed to recommend such security measures. "Microsoft doesn't have a faultless record when it comes to security," he said."It has improved over the years, but every month they have to release a package of updates. "There may be some who would say that Microsoft shouldn't be on the internet until they get their own house in order."