Joe Wilcox suggests today that hackers are actually Microsoft competitors, and they should be obliterated like Microsoft obliterated Netscape oh-so-many years ago.
Interesting way of looking at it.
In his article, he suggests that Microsoft should work with ISPs to identify malware infested computers and block them from the Internet. His argument in a sense compares the situation to the way we deal with criminals in real life. We don't (usually) allow them to roam free and keep committing crimes, we separate them form the rest of society. So why shouldn't we do the same thing for malware-infested computers wreaking havoc on the net?
There are a couple ways this could happen:
- After several unsuccessful attempts to clean a computer, Windows Defender could automatically shut off Windows Firewall and force the user to take the computer in for repair.
- Same as #1, only Defender sends a message to the ISP to shut off the Internet connection to the subscriber.
- Force developers writing apps to have their programs go through some kind of certification process, at the end of which the program would be issued a keycode that allowed it to access the Internet. Then, the ISP could filter out keyed and non-keyed communication by having the app key add authorization date to each IP packet.
The problem with #1 is that Windows Firewall is programmable, and it would be easy for the malware to intercept/override this call. #2 is a bit extreme, and #3 might be too difficult to implement.
So, would people actually put up with these kinds of measures? It seems to me like the only thing this does is punish the victims, since most users don't know their computer has been zombie-fied.
Now, it does seem to make sense that the ISP could block certain TYPES of traffic based on the infection state. For example, most botnets are used to send out hoards of spam. In that scenario, Defender could send reports to the ISP, and if the problem can't be cleaned, then the ISP could block SMTP traffic for that subscriber.
So, dear readers, should Microsoft start punishing the few to protect the many?