If the infected client machines are "known" or "discoverable"...
...isn't it time to install anti-malware and anti-virus software into these clients, after/as part of redirecting them to a "good" CnC server?
Security researchers have warned that the resurrected Kelihos botnet blasted off the face of the web yesterday is still alive. Experts not involved in the blasting say the miscreants behind the network of compromised Windows computers are working on their comeback. The zombie PC army was walloped offline in September, they say …
Because you have people out there that hates MS and will preach that MS are trying to take controlling of your machine. Then there are the people that will see this as big brother using MS to take control of their computer. It's the last group that I'll worry about. Those that will expect MS to fix their PC thus thinking that they can just download whatever and MS will fix it.
Oh and that assumes that there is no legal barriers to MS doing this.
If you were to pull a Superman III and steal a large sum of money from a bank and escape to a nation that doesn't have extradition, you probably wouldn't get off scott free. If the bank's big enough, you can bet that money that the bank or other financial institution will send a hit squad or mercs to kick down your door.
Why doesn't MS/etc. just do the same thing? Hire investigators or teams to find where these people live, kick down their doors, and put two in the head? Or for the more Paragon route, get the authorities involved. Would solve the problem a lot more efficiently than just sinkholing a swathe of machines.
Most people have noticed a few mistakes by 'the authorities' in recent times, whether it be the US military attacking a genuine Pakistani border post, or the Met shooting an un-armed Brasilian electrician in the head.
Now bear in mind Microsoft's reputation for accuracy, fairness, etc. ...
Biting the hand that feeds IT © 1998–2019