The U.S.
government is reviewing plans by Australia
to allow Internet service providers to keep compromised computers off the
Internet and alert customers if their computers are hijacked by
attackers, according to media reports.
White House Cybersecurity Coordinator Howard Schmidt reportedly
told the Associated Press that the United
States is studying a number of ways to help
both businesses and the public protect themselves online. According to the AP,
that includes the Australian plan, though U.S.
officials are hesitant to advocate the part of the plan that allows
ISPs to quarantine users who do not clean their infected machines.
"Without security you have no privacy," Schmidt was quoted as
saying. "And many of us that care deeply about our privacy look to make
sure our
systems are secure."
ISPs can help "make sure our systems are cleaned up if they're infected
and keep them clean," he added.
The Australian strategy is similar to other security proposals,
including the PC "Health Certificate" idea Microsoft's
Corporate Vice President of Trustworthy Computing Scott Charney put
forward last week.
"Blocking Internet access to botnet-infected
hosts is certainly a worthy goal, but the issue is more complex than simply
blocking versus letting them run amok," said Adam Wosotowsky, principal
engineer at McAfee Labs. "You have to consider the steps to resolution
post-blocking. … If you block them, then how will they get something to help
them clean it up? What do you give them? Does every block become a
customer calling their ISP to complain that their Internet is broken? Did
you give them any warning? What about the perspective that they used the ISP's
network to resolve and download and install the virus in the first place?"
The Australian plan is slated to go into effect in December, AP reported.
IT Security & Network Security News & Reviews News & Reviews 
