MS Security Chief Suggests Computer Security Tax

This ITworld piece details some of Scott Charney’s thoughts from the RSA conference. Scott is Microsoft Corporate Vice President for Trustworthy Computing.

He does a fair job of characterizing the issues, especially that non-secure PC’s aren’t just a burden to their owners. If they become part of a botnet, then they burden the network which shares the pain even with connected but uninfected systems.

Where his thought process goes astray is in considering a healthcare-like model. You know, because that is working extraordinarily well right now and hasn’t added its own burden of arguments and complications.

I don’t necessarily disagree with the idea of using social systems, including education and advocacy. But we have those already in the form of projects like He seems to be saying that ISPs should take on these additional roles and that cost is the only barrier. Cost, unfortunately, is the least part of the equation. Neither market based solutions or another of his ill-consdired ideas, a new tax on computer users, is going to magically conjure up the expertise that either ISPs or other outfits need to pursue any number of viable schemes to reactively deal with malware.

Of course, here is another thought–how about Microsoft uses a bit of its hefty margin and/or cash in the bank to address the security issues that stem almost entirely from their own operating system?

2 Replies to “MS Security Chief Suggests Computer Security Tax”

  1. I have a concern that if implemented the technology may be used to discriminate against non standard devices, those that can’t show that they are running a fully patched Windows OS with an antivirus product installed. An enforced border control at ISPs can be potentially subverted to discriminate unfairly, based of any number of criteria.

    1. I would echo that concern. Any type of broad regulation runs the risk of unintended consequence. There is even good evidence already of this sort of coercion by vendors–Apple’s app store and Microsoft’s WGA program. Putting that sort of toll booth on the internet itself could be disastrous.

Leave a Reply

Your email address will not be published. Required fields are marked *