Should Unsafe Users Be Quarantined?
It's illegal to drive an unsafe motor vehicle on public highways. The reason is obvious: a broken-down car poses a danger not only to its driver (and passengers) but also to everyone else it passes on the road. Why shouldn't the same rationale apply to unsafe computers (and their users) on the information highway?
Quarantine Unsafe Users?
Spam, viruses, spyware, and other malware are rampant on the Internet. There are servers dedicated to spewing this trash all over the world. Governments and ISPs are constantly pursuing and shutting down gangs of cybercriminals who operate them. But for every online crook, there are thousands of unwitting accomplices.
Millions of computers online are infected with self-replicating viruses. The malware attaches copies of itself to all emails sent out from an infected machine. Botnets - networks of infected computers controlled surreptitiously by a criminal enterprise - launch spam, denial-of-service attacks, and more havoc without the computer owners' knowledge.
But shouldn't you know that your computer is infected and poses a hazard to everyone else on the Internet? Don't you have a responsibility to keep your computer reasonably secure from infection? Should your Internet access be cut off if you are found to be communicating through an unsafe computer? Some people say "yes."
In October, 2010, Microsoft corporate VP Scott Charney wrote, "Just as when an individual who is not vaccinated puts others' health at risk, computers that are not protected or have been compromised with a bot put others at risk and pose a greater threat to society." Microsoft called for the quarantine of infected computers until they were cleared and issued a "certificate of health."
Australia's Internet Industry Association drafted a code of conduct for ISPs in 2009. Among other things, it included a provision urging ISPs to cut off the Internet access of customers whose computers were found to be infected with malware or otherwise posing a threat to other Internet users.
How Would Quarantining Work?
Before "quarantining" an infected computer, the ISP would have to notify the account owner that a problem existed, and provide information that would help the customer fix the problem. This is just like a warning from a police officer that your taillight is out and you need to get it fixed.
Note that "quarantine" is different from being cut off from the Internet entirely. An ISP could limit an infected customer's Internet access to a server that provides information and tools that would help cure the infection.
There are qualms about cutting off Internet access to stop the flood of malware. Consider a business with hundreds of computers networked behind a router. If one computer is infected, should the entire network be kicked offline? ISPs can generally trace malware traffic to a router, but don't have the ability to investigate every single computer that the router serves.
Then there is reluctance to "blame the victim" whose computer has been taken over by a botnet or infected by a virus. But victims of biological infectious diseases are routinely quarantined until they are cured, in the interest of public health.
The U.S. government is considering Microsoft's proposal and the Australian model, along with others. First, owners of infected computers would be given a chance to cure their infections. Then, an ISP would be authorized - perhaps required - to quarantine the user's computer(s).
As I said earlier, in most cases the user hasn't a clue that their computer is spewing malware or being used in a denial of service attack. But that doesn't make them any less dangerous. An ISP can certainly detect this in a user's outbound traffic stream. So I don't think it's unreasonable for them to put up a big STOP sign on someone's screen if they know it's happening. In the vast majority of cases, the user could download a free malware scanner, zap the bad stuff, and be back online in 15 minutes.
It would deal a serious blow to the criminal elements on the Internet, and it could dramatically reduce the amount of spam, which currently accounts for 90% of ALL email traffic. Yes, there might be some collateral damage. But I think it's an idea whose time has come.
What do YOU think about the idea of Internet quarantining? Post your comment or question below...
This article was posted by Bob Rankin on 26 May 2011
|For Fun: Buy Bob a Snickers.|
Free Online Photography Classes
The Top Twenty
TeamViewer Remote Access Software
There's more reader feedback... See all 30 comments for this article.
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005
- Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Should Unsafe Users Be Quarantined? (Posted: 26 May 2011)
Copyright © 2005 - Bob Rankin - All Rights Reserved