Showing posts with label bots. Show all posts
Showing posts with label bots. Show all posts

06 October 2010

Dr Microsoft: Time to Be Struck Off

A Microsoft researcher offers an interesting medical metaphor:

Just as when an individual who is not vaccinated puts others’ health at risk, computers that are not protected or have been compromised with a bot put others at risk and pose a greater threat to society. In the physical world, international, national, and local health organizations identify, track and control the spread of disease which can include, where necessary, quarantining people to avoid the infection of others. Simply put, we need to improve and maintain the health of consumer devices connected to the Internet in order to avoid greater societal risk. To realize this vision, there are steps that can be taken by governments, the IT industry, Internet access providers, users and others to evaluate the health of consumer devices before granting them unfettered access to the Internet or other critical resources.

So, we're talking about computers "compromised with a bot": now, which ones might they be? Oh look, that would be almost exclusively Windows users. And why would that be? Because no matter how diligent users are in installing endless security updates to the Swiss cheese-like applications known as Windows, Internet Explorer and Microsoft Office, there are always more critical bugs that pop out of the proverbial digital woodwork to lay them open to attack and subversion.

So, where does that leave us when it comes to "improving" and "maintaining" the "health of consumer devices connected to the Internet"? Well, it means that by Microsoft's own logic, the solution is for everyone to junk a system that is still insecure, despite promise after promise after promise that this just was some minor technical detail that Microsoft would fix in the next release.

For Windows has manifestly not been fixed; moreover, Windows will *not* be fixed, because it's just not a priority; Windows may even be *unfixable*. The only sane solution is for people to move to inherently safer (although certainly not perfect or impregnable) alternatives like GNU/Linux.

For a researcher at Microsoft to attempt to avoid this inevitable conclusion by pushing the blame for this endless series of security lapses onto end users this way, and to suggest they, rather than Microsoft, should be thrown into the outer darkness. is beyond pathetic. (Via @rlancefield.)

Follow me @glynmoody on Twitter or identi.ca.

26 January 2007

There is no War on...Botnets

After the War on Drugs, and the War on Terror, now, it seems, we are to have a War on Botnets:

Mr Toure said that whatever the solution, the fight against botnets was a "war" that could only be won if all parties - regulators, governments, telecoms firms, computer users and hardware and software makers - worked together.

But it is a truth universally acknowledged, that as soon as you declare "war" on some amorphous entity like "drugs" or "terror" or "botnets", you've already lost, because you shift from the practical to the rhetorical.

This is all about security theatre: talking tough instead of acting intelligently. Sorting out botnets does not require a "war": it's simply a matter of telling Windows users the truth about their bug-infested system, getting them to use a firewall and anti-virus software and - maybe, one day - getting them to understand that downloading or opening unknown software is hugely risky.