The German government is planning to establish a botnet cleanup helpline for computer users affected by malware infection. ISPs are teaming up with the German Federal Office for Information Security (BSI) to set up an operation geared towards cleansing consumer systems from botnet infestation. ISPs will track down infected …
where is this list?
It sems astonishing that a population with something of a law and order fetish would rampently buy bootleg versions of Windows or randomly download the sort of stuff likely packed with viri, trojans etc.
But if 90% of those calls will be from Windows users this does send the wrong message to them and MS. It could certainly be described as an MS subsidy.
Security. it's not our problem.
downloading bootleg trojans ?
It's not randomly download bootleg versions or trojans, its designing a system where you can so easily get infected by clicking on a URL or opening an email attachment.
Not about Windows
As the article on Heise security makes clear - apart from a couple of FSF freaks - the problem isn't with MS Windows users being the biggest problem but with the potential for further spying by the ISPs on private computers for the federal government.
German law could be interpreted to make users liable for infected machines, it is already deemed an offence if you own an unsecured WLAN connection that is used by a third party as part of a crime.
While this position is definitely contentious it does have the advantage of attempting to clarify liability and bring computers into line with other areas. Ultimately this should lead to better practice by vendors of hard and software.
Not far enough
"ISPs will track down infected machines, before directing users towards a website offering advice and an associated call centre, staffed by around 40."
"ISPs will track down infected machines, before blocking their access. Users will be sent a letter explaining why they are blocked and to get a certified professional to clean the machine. The user is then required to pass a basic class in computing/internet use before reconnection is allowed."
If people are dumb enough to get caught with malware, they are too dumb to be on the interwebs. It's like letting people drive without having a license.
The whole thing is, probably, just another way to control users in the end...
article 88 of the telecommunications law states, that while the communication data is to be private, it can be sniffed in order to prevent any damages to their (ISP) systems.
It's not far to think that governMental people will deem everything dangerous and should be sniffed, therefore basically giving a legal way for DPI.
Redirecting those users to a page could also easily be used to install the "Bundestrojaner" (http://en.wiktionary.org/wiki/Bundestrojaner) on everyone's computer.
Full online surveillance in one go, woopdidoo...
"...better spent offering advice on how to switch to less virus-infected systems..."
Riiight - people who can't manage to run a windows machine without getting infected are going to successfully install and run linux? Right - of course, there's plenty of help available. If they have a problem installing Ubuntu, they can google search for 'Ubuntu installation problem' and find this helpful advice:
"Please use this template when filling out installation reports, and send the report to <firstname.lastname@example.org>.
Machine: <Description of machine (eg, IBM Thinkpad R32)>
Partitions: <df -Tl will do; the raw partition table is preferred>
Output of lspci and lspci -n:
Base System Installation Checklist:
[O] = OK, [E] = Error (please elaborate below), [ ] = didn't try it"
Oh, yeah - that's gonna work out REEEEAL well. These are people who can barely figure out how to click on 'start', and they're going to do that? Ubuntu and its ilk may be easier than linux used to be - but a viable alternative for the computer illiterate? That's just delusional.
Interesting concept but doomed...
I monitored my last network and reported attacks from infected networks to the ISPs concerned. My reasoning was that my network was on the hit list of their infected networks and as such I would be targeted as soon as a new fault hit the net possibly before an anti virus fix was available to me.
If they did not take action, I then notified them that I would hold the ISP itself legally responsible for all and any clean up costs involved should my network be infected by one of their addresses.
The US ISPs were all fairly good about it and contacted users etc, eventually some of the UK ISPs jumped on the bandwagen and sorted their users, who happened to be large companies glad that they had been informed of the problems!
The biggest problem I had was a US ISP who instead of contacting the end user, told the network owner who cut the end user off and issued the letter as described above, ie "you will need to have your computer certified by a computer professional before we allow you to reconnect".
Problem one was it was our US ISP followed by problem 2, which was that the numpty in the (our) Serviced Office network providing company was unable to differentiate between source IP address and Destination IP address and cut our office off instead and then refused to speak to us hiding behind the ISP's order to him. Somehow via a transatlantic call I managed to get to the main carrier network support team who do not even have a phone as they only do online support! Must have been the Brit accent. They then realised what had happened and came down very heavily on the "network manager" resolving our problem in minutes.
Without me or the likes of me geeing up the ISPs this has probably died a death again, but nice to see someone is taking it seriously again.
All very well berating people for having infected machines, but with poor performance expected of todays PCs, the last person to know they are infected is usually the victim, and don't forget this silly rootkit idea came from UNIX, before MS probably patented it!