This PC is QUARANTINED ! ‘Zombie’ code.
p2pnet view Security | P2P:- “Microsoft has a cool new way to ream out surfers”, said p2pnet yesterday, going on, “It suggests they could be taxed for ‘computer health care” as a “a new tactic in the battle against hackers’.”
A hoax? No.
Nor was the thought original.
Costly for most ISPs
Hollywood’s claim, via its Australian FACT puff unit, that Australian ISP iiNet had in effect authorised illegal downloading has been thrown out.
As the New Zealand Herald summed it up, the judge hearing the case “cast doubt on the way that the film and TV companies collected and presented evidence of infringement, recognised that questions about whether an iiNETs customers had infringed copyright or not are complex legal ones, and would be costly for most ISP to determine”, adding:
“Also he questioned whether it is fair to expect an ISP to act as judge and jury on these sort of questions, based just on allegations made by copyright owners.
“The Judge also found that iiNet’s policy of not terminating its customers’ internet connections just because it received complaints from copyright owners was reasonable. So, he said, even if iiNet had authorised the infringements (which he said they didn’t), it would still have had a full defence under the so called “safe harbour” provisions in Australia’s Copyright Act.”
‘Quarantine’ proposal
Now, under the headline iiNet trial clears way for ‘zombie’ code, Australia’s Internet Industry Association (IIA) will “press ahead with its new internet service provider security code, with plans to launch a ‘quarantine’ proposal for infected computers by around June this year” says ZDNet.com.au, going on:
“The voluntary code for internet service providers (ISPs) will attempt to address the threat of computers that have been hijacked as part of a spam or phishing operation. That is, computers that have been lured into a botnet operation that has command and control functionality.”
Microsoft Trustworthy Computing executive Scott Charney had suggested ‘sick’ computers, that’s to say PCs infected with computer viruses, should be quarantined with taxpayer’s footing the ‘medical’ bill.
“Maybe markets will make it work” via an “Internet usage tax”, PC World had him saying. One “could say it’s a public safety issue and do it with general taxation,” he opined.
‘Walled garden’ approach
Back in Australia, the IIA is thinking along similar lines, although it doesn’t appear to have addressed the issues of who’d pay the doctor.
“One measure the IIA plans to introduce in its ISP code is that a customers’ connection be ‘quarantined’ if it becomes infected, otherwise known as ‘walled garden’ approach to security”, says ZDnet.
“The technique allows the infection to be remediated in isolation from a botnet’s command centre”, says, continuing:
“But to introduce the measure, the IIA wanted clarity over whether permission to carry this out could be granted by a customer in writing, for example, in an ISP’s customer relationship agreement. The agreement would allow the ISP to use information gleaned from specific accounts for the purpose of identifying whether connected computers were zombie machines, and then take actions to resolve the issue.”
IIA boss Peter Coroneos told ZDNet.com.au the federal court ruling on the iiNet copyright case had settled the issue.”
An ‘entirely different purpose’
Hollywood’s Australian Federation Against Copyright Theft (AFACT) “had wanted iiNet to leverage usage information that it held to corroborate evidence of AFACT’s that certain internet protocol addresses were being used to infringe copyright — an entirely different purpose to what the IIA has in mind”, says the story.
But the court had ruled one of iiNet’s defences, “that privacy clauses in the Telecommunications Act would have prevented it from following AFACT’s requests to match a customer’s network activities to a specific account”, was invalid, it says, quoting Coroneos as stating:
“That was the sticking point. It was the lack of clarity around the ability to use customer information in the way that we had envisaged. But I think it can be covered by consent. In this case it’s for network management, so it’s hardly controversial.
“We wanted to ensure that it was beyond any legal doubt, so that we can encourage members to adopt it when [the code] is complete.
“There wasn’t ever going to be disconnection. It will suggest a range of options — a possible escalation process — but as we see it, the highest measure that it would entail would be a temporary quarantining of PC on the network.”
A draft is expected to be released for industry feedback by the end of March, with a view to publish the actual code by June, adds ZDNet.com.au.
..… and identi.ca
First they ignore you, then they laugh at you, then they fight you, then you win ~ Mahatma Gandhi
New Zealand Herald – Copyright infringement – inside the legal minefield, March 5, 2010
ZDNet.com.au – iiNet trial clears way for ‘zombie’ code, March 4, 2010
PC World – Microsoft’s Charney Suggests ‘Net Tax to Clean Computers, March 2, 2010
Use free p2pnet newsfeeds for your site. Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/feed
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details.
March 5th, 2010 at 10:50 am
ouch!
March 5th, 2010 at 12:37 pm
…this is so ridiculous that I don’t know whether to laugh or cry. What the hell? Anyone can see this is just a scam to get more of our hard-earned money into their pockets. Instead of propsing a tax for ‘sick computers’, how about going after the bastards that make these viruses and trojans in the first place? It’s funny that they’ll put so much money and effort into taxing their customers, yet they won’t even spend so much as a cent on making a better program with less exploits or even a suitable firewall. Oh, but they’ll give you some lame-assed security patch that doesn’t even last very long when a new virus threat comes along. I should know because my computer has been infected about 3 times last year until I got a great firewall FOR FREE. So suck it, Microsoft!
March 5th, 2010 at 1:30 pm
” how about going after the bastards that make these viruses and trojans in the first place? ”
Because some of them are under the employ of the big media corporations. If they
are found then big media would be forced to answer some very embarrassing questions.
March 5th, 2010 at 3:04 pm
It’s not hard for those of us who have been conditioned to distrust providers (for the right reasons) to think there’s a “ploy” at the root of this idea. And, the “user tax” may indeed be nothing but another “forced income supplement” they decided to try including in their plan.
However, I would advise people to take this kind of proposal as a blatant clue to a user-based issue that many continue to foolishly ignore…
For years now, people have been connected. And, they’ve been told and told and told about a world (full of viruses, malware, and spammers) that doesn’t care what happens to your computer in its quest to get your credit card number or find your children. Yet, even in the face of these well-known dangers, there’s still people out there, surfing and downloading everything that catches their eye, without any real care in protecting themselves or any interest in even learning anything about the subject. In a word, they’re clueless.
The sad reality is, these users are not only a possible majority, but also instrumental in enabling the exploiters and keeping all the problems they bring to us at the ridiculously high levels they are. Some of these people actually think, for some unexplained reason, that their *provider* is supposed to take care of this stuff?!
Your provider can’t protect you, the end users, from being exploited.
As I often remind everyone, the Internet is a product of ALL its connected USERS. It’s the users contributing their transmissions, and all that contains, that results in what you get over the Big Collective Wire. It’s therefore, also the USERS’ RESPONSIBILITY to THINK OF OTHERS and run a machine that is NOT CONTRIBUTING TO THE PROBLEM.
This is not just “some guy’s opinion”.
This is reality, and the way things work. Whether knowingly or not, everytime YOU transmit something harmful to leave YOUR computer and cause someone else grief, it’s YOUR FAULT! And, in order to have transmitted such a thing, it’s because YOU failed to either protect YOURSELF (or learn enough about this stuff to prevent it) and actually made it someone else’s problem.
Maybe some of these things seem somewhat “benign”, and haven’t caused your own machine to even hiccup, but for that “someone else” that got it from you, that simply may not be the case. And, it doesn’t excuse the fact that YOU LET IT THROUGH.
It’s correct to say “someone has to take action” on the Internet health issue. But, your government or your provider can’t actually do anything about it, because it’s either YOUR traffic that’s contributing to the problem, or YOUR failure to do what you can to prevent the “intentional stuff” from spreading. All the corporates and their government cronies can do is FURTHER EXPLOIT YOU for what is really your own ignorance on this subject, and propose things like “sick taxes” or mandating that ISPs begin to MONITOR ALL TRAFFIC and “quarantine bad IPs”, or something equally as stupid.
For those this comment applies to, you’re better off protecting your own machine and educating yourself about all this, and stop enabling those that would prey on you, whether it be the ones who would steal your identity, or the ones that would suck every penny out of you while taking away all your rights and control.
It’s not just the spammers and hackers you need to worry about.
March 6th, 2010 at 6:47 am
@DA –
I think to some degree that end users cannot effectively guard against their own folly, and some responsibility for “getting sick” lies in “weak DNA” so to speak. When software is pushed to market with profit rather than quality of the finished product being the first priority, there are bound to be some problems.
I am paranoid about getting hacked, and like to know the inner workings of what the heck my pc is doing when I’m not telling it to do anything. I became so only after getting plagued with malware early on in my pc ownership, and in seeking to remedy the issue discovered how much I didn’t know about my OS. Since then I try to maintain constant vigilance and be cautious, I know exactly how many processes should be running at any time down to the point where I know pretty much when even one unknown is running in the background since I keep them down to a bare minimum, and which registry keys to look at when something seems hinkey. I don’t open strange emails, and I have no hidden files in my system or even hidden extensions. I have an entire book dedicated solely to the workings of the XP registry and run a dual boot setup in case I have to get to system files from another angle than from within Windows. I don’t allow my software to auto update, but I do regularly check manually so that everything has to run through me before installing anything. And STILL I get fubared by crap that comes from god knows where! I am receiving spam FROM MYSELF at my Gmail address and still can’t figure out how that happened!!
If they want to discuss the prevalence of sick pc’s, perhaps we should take that little chat up with the code writers at M$ and encourage them to clean up their sloppy code a bit before blaming the folks that don’t even know the difference between ‘notepad’ and ‘wordpad’…
but I do agree with the last two statements. I think we all need to raise the awareness level about who we may need to protect ourselves from.
May 12th, 2010 at 7:43 pm
Hi,
Some good points raised I think for me I have to agree with two things.
Firstly, some people do not know enough or care to know enough about their machines and the repercussions of their own ignorance, probably why my phone is always ringing with family/friends saying they have viruses etc.
Secondly, IMHO alot of the responsibility should be put on the software developers, like mcdonalds have to clean areas around their stores of litter. Putting it off on the consumer/taxpayer realy isnt/wouldnt solve the problem IMO as alot of these viruses/malware etc potentially did start from the big companies to make a point as to why you need antispy antimal antivir antianti.
If it is man made it can be re-engineered so there is no perfect solution to this issue, putting it on the tax-payers head will not solve it and will just open the door to many years of wasted money which will probably lead to your comps getting locked down for loading up to slow just as a precaution, while the CLIT (Computer Legality Interigation Team) van drives to your house under tax payers money to free you of your ITD (Internet Transmited Disease).
My personal motto with the net is treat it like a whore, i.e take precautions before poking about.
Peace out!