__/ [Cynic] on Monday 31 October 2005 14:35 \__
> On Mon, 31 Oct 2005 09:54:33 +0000, Roy Schestowitz
> <newsgroups@xxxxxxxxxxxxxxx> wrote:
>>/Somebody/ has got to work /something/ out. I can't carry on like this and
>>I know others who suffer much like myself. If no solution is found soon, I
>>can envision people practically taking their baseball bats and flying off
> How about fighting fire with fire? Release a virus that will affect
> *only* compromised PC's. On such a machine, the virus brings a popup
> every 10 minutes to inform the user that the PC is compromised, and
> gives instructions as to how to remove & protect the PC. If no action
> after a few days, it either removes the malevolent code or blocks all
> access to the Internet.
That sounds like an excellent idea, but will you ever have the consent from a
large corporation to do that to its customers? I suppose they could argue
that prompts which urge the user to get patches do exactly that.
The initiative must come from the ISP. I know we can disconnect users in our
network if their computers has been demonstrated to be scanning ports, thus
attempting to infect more machines. Can the same be applied to hijacked
computers? And if so, is it at all detectable?
To solve the problem globally (as the Internet is not a /local/ network)
could you ever woo every ISP to hop aboard the same initiative? We mustn't
forget that it's enough to have one country with 100,000 flawed PC's to make
a bitter existence to the remainder of the World Wide Web.