09.15.09
Infected Windows PCs May be Banned From the Internet in Australia
Summary: Rogue information vehicles possibly to be quarantined if new policy is passed
ONE MONTH ago it seemed like wishful thinking, but Australia carried the various proposals forward and it may soon disconnect Windows PCs that become a nuisance to everyone else on the network, thus setting an important precedence for other nations to follow. Will they actually use take-downs for the benefit of people rather than Big Media moguls (like HADOPI)? That would be surprising. From IT News:
ISPs asked to cut off malware-infected PCs
The Internet Industry Association (IIA) has drafted a new code of conduct that suggests Internet Service Providers (ISPs) contact, and in some cases disconnect, customers that have malware-infected computers.
The drafted code, which will not be mandatory, suggested ISPs take a four-step approach to protecting customers.
- Identification of compromised computers
- Contact affected customer
- Provision of information and advice to fix the compromised system; and
- A reporting function for alerting about serious scale threats, such as those, that may threaten national security.
Microsoft meanwhile admits (by actions) that AutoRun was a design mistake. The Windows operating system ought to have behaved more like GNU/Linux, which had security in mind from the get-go.
Microsoft has finally removed a function from earlier versions of its Windows operating system that has been widely abused by miscreants to surreptitiously install malware on users’ computers.
In other security news this week:
• New York Times tricked into serving scareware ad
Scammers tricked the New York Times’ Digital Advertising department into placing a malicious ad for fake antivirus software on the NYTimes.com Web site over the weekend, the company confirmed Monday.
The newspaper had warned of the scam advertisement Sunday, after receiving about 100 e-mails from concerned readers.
• What to Do If You Saw an ‘Antivirus’ Pop-Up Ad
A screen shot of the pop-up window that appears as if it is scanning for viruses.
• Three out of four administrators don’t trust anti-virus software
In a recent study, a total of 226 administrators, CIOs and security specialists were asked what they thought of signature and blacklist-based solutions. Three out of four administrators consider signature-based enterprise anti-virus protection unreliable. For zero day attacks in particular, two thirds of the administrators surveyed did not believe that standard anti-virus products helped to prevent attacks.
Yes, that’s how bad it is. When speaking about “anti-virus software”, Windows is more or less implied (or UNIX/Linux servers that merely serve files that may affect Windows clients). █
“Our products just aren’t engineered for security.”
–Brian Valentine, Microsoft executive
