In its effort to tackle botnets, Microsoft has offered a potential solution that would prevent botnet-infected computers from accessing the Internet. In a blog post this week, Redmond's Scott Charney described a "global collective defense" and compared his vision to modern public health in a paper titled "Collective Defense: Applying Public Health Models to the Internet" (PDF). Charney said that while traditional protection mechanisms such as firewalls, antiviruses and automatic software updates can reduce risk, they're not enough.
"Despite our best efforts, many consumer computers are host to malware or are part of a botnet," he said. He suggests that infected machines could have a "health certificate" to show whether it has security software and the latest patches. Systems lacking the proper software would be forced to update, while infected computers could be blocked from the Internet entirely.
"Just as when an individual who is not vaccinated puts others' health at risk, computers that are not protected or have been compromised with a bot put others at risk and pose a greater threat to society," Charney said. "We need to improve and maintain the health of consumer devices connected to the Internet in order to avoid greater societal risk."
Quarantining PCs may require government intervention, according to the Microsoft executive. "Voluntary behavior and market forces are the preferred means to drive action but if those means fail, then governments should ensure these concepts are advanced," he said. Such measures are unlikely to be accepted by Internet privacy advocates, however.
Analysts are already questioning the effectiveness of a quarantine-based system. Joe Stewart of SeecureWorks adequately notes that if the person behind a botnet isn't dealt with, they'll just find a way to continue operating. "Technical solutions just haven't worked," Stewart said. How effective do you think Charney's proposed solution would be?