Architecture, Cloud, Network security, Threats, Malware

RSA Conference: Microsoft’s Charney suggests quarantining botted PCs

March 2, 2010

One of Microsoft's leading security executives said Tuesday that consumers running infected PCs are like smokers exhaling chemicals to those around them.

"You're not just accepting [the risk] yourself," Charney (right), corporate vice president for trustworthy computing, said during a morning keynote at the RSA Conference in San Francisco. "You're contaminating everyone around you."

Charney spent some time discussing preventive and disruptive measures that should be taken to rid computers of botnet infections.

Drawing on statistics that there are 3.8 million compromised computers – one million in the United States alone – responsible for 87 percent of all email, Charney suggested using "inspection and quarantine" to clean infected home computers. He did not go into specifics.

"Just like we do defense-in-depth in IT, we have to do defense-in-depth in response," he said. "We need to use social and political mechanisms to reinforce value."

Microsoft recently spearheaded efforts to bring down the prolific Waledac botnet. A court order was granted last week that ordered the botnet's command-and-control domains to be severed.

Charney also used some of his address to discuss the security implications of cloud computing. He said the issue of identity "becomes amplified" in the cloud. To combat these threats, providers and end-users must accept shared accountability. Meanwhile, governments must define "normative behavior" of how they plan to extract data from the cloud, Charney said.

prestitial ad