Access your Pro+ Content below.
Microsoft security proposal is noble, but no way
This article is part of the November 2010 issue of Information Security magazine
Imagine all the money we'd have if we indeed did get a dollar everytime we heard X? For instance, I wish I had a buck for every time I heard cybersecurity compared to a public health model. Or how about this one: I wish I had a nickel every time I heard someone propose some kind of operator's license for Internet usage. Talk about Christmas shopping made easy. Microsoft is the latest to draw a parallel between cybersecurity and human health. Silly comparison aside, at its core, Microsoft's proposal to quarantine and deny infected consumer PC Internet access until their issues are remediated is a noble attempt to quell the botnet problem. Consumer PCs, I dare say, make up close to 90 percent of all large botnets. Why? Because people, no matter how much you plead with them not to do so, will click on attachments promising naked pictures of Megan Fox. People will fall for scams about their no-longer active PayPal accounts -- even if they've never signed up for a PayPal account. People, consumers in this case, are not Windows ...
Access this Pro+ Content for Free!
Features in this issue
Slew of McAfee product initiatives pique interest of customers but industry analysts say the security giant needs to sharpen its focus.
Moving IT operations to the cloud requires careful due diligence to maintain compliance with HIPAA, GLBA and other regulations.
The economy is dragging down pay for information security professionals but not dampening their dedication.
Re-architect your provisioning system into a first line of defense for access management.
Columns in this issue
To cure the botnet plague, Microsoft wants to quarantine infected consumer PCs until they're remediated.
Application security reviews miss a critical vulnerability by not ensuring functional security.
Security experts Bruce Schneier and Marcus Ranum debate the impact of a software monoculture on computer security.