Continuing the discussion from GOP leaders: We're not inviting Putin to address Congress:
@Orygun posted this link in the other thread and, as I’m wont to do, my mind went away from the discussion of Putin and to Cyber security.
In the linked article, Microsoft informs us of activity that they’ve identified by the location that it reports to. This thread is not questioning Microsoft’s information, but what they and others do with that knowledge.
This is a common scenario on a variety of scales.
Some antimalware software will add thousands of entries to a computers’ hosts file to prevent that computer from being able to reach sites that are known to host malicious payloads.
Some devices are sold to large enterprises which watch all of the network traffic and if a device reaches out to a known malicious address, the computers are disabled until they’ve been addressed.
This is not ‘new’ capability. In ‘layman’s’ terms, it would be like preventing a phone call from going through.
As costly as these events are on every level individual, business, government, etc. Do software companies bear some responsibility toward protection of their customers?
If they know where these malicious and illegal sites are, why don’t they code a block to it in their regular updates? They absolutely can. Are they being negligent by not doing so?
One of the frustrating attitudes for me has been a snobbish attitude toward end users which, in some cases, borders on contempt and I can see how those attitudes bubble into various aspects of design and support. There’s an attitude that people should know computers if they’re going to use them and if they don’t take the time to ‘learn’ them, then they shouldn’t be using them. But that’s not a realistic attitude and I wonder if if plays any role in the escalation of malware.
Should OS creators be required include blocks for malicious sites in their updates? Should Google be required to block those domains and IPs at their domain name servers? Should ISPs? Should exchange admins?
I know a lot of us are ‘purists’ in the sense that we don’t want the government mucking about with our lives and the internet, but I also know that when a bad thing reaches a particularly egregious point it becomes the lesser of two evils.
Do any of you have an opinion on this? Do companies have a moral or legal responsibility?
I honestly have to say, I don’t know. To my mind, this is one of those theoretical conversations that sounds good until you get it all put together and then ask yourself who you trust to hold they keys and I’d be interested to hear others’ thoughts on the matter.
ETA: I’m aware of the possibility of false positives. I’d like for this to be a policy/responsibility/how-to-address discussion vs a who knows more about IT discussion, if possible.