Microsoft To Get Malware Bailout In Germany

hweimer writes "The German government plans on paying to set up a call center to help Windows users with malware infections. I think this has the effect of being a malware bailout for Microsoft, discouraging them and other software companies from writing better code and giving users little incentive to switch to more secure alternatives. How much government money is needed to run the call center is also not revealed." The call center, running in cooperation with ISPs (but not manufacturers), is envisioned to have a staff of about 40.

It doesn't say "for Microsoft"

[Bert612]

The press release doesn't mention Microsoft. In fact it states that this new service is for all users with all operating systems. So while indeed 99% of all users run Microsoft, niche systems like Linux and Mac will be helped too. A good idea which will hopefully help improve internet safety for those users who just don't understand the technology they are using, but want to be on the net just like everybody else.

Re:Too small a staff

[natehoy]

This is not an open support desk, at least that's not what the article describes. This is a "referral of last resort" from an ISP to this support desk. In your case, you'd probably still field most of the calls, but your friends and family would say "my Internet people just called me and said I have worms or a cold or something, and that they'll stop my Internet unless I fix it. Help!"

Based on what I'm reading in the article, here's how a general fix would go:

1. ISP detects malware patterns coming from one of their users.
2. ISP contacts customer, says "you appear to have a virus that is doing bad things on the network. Please fix it." or pops a web page with the same message and probably a link to an antivirus solution.
3. (assuming user doesn't know how to install AV software) ISP refers customer to government call center.

If the customer refuses to fix the problem or turns out to be unable to do so even with help, then the German government needs to figure out what they want to do. Shut the user off? Attempt to have the ISP block the malware with port blocking? Some interesting and perhaps disturbing possibilities there.

Re:What I heard

[Anonymous Coward]

If you actually RTFA (not the blog one, which is from the submitter himself), it never mentions Microsoft anywhere. Nor do the german press releases.

So AAA is a bailout for Ford Motors?

[meerling]

Sorry, but helping the clueless or unfortunate users from something that wasn't created, distributed, or sanctioned by Microsoft isn't a Microsoft Bailout even if the users are running MS Windows.

If Macs were the big dog in the OS world, would you then be calling it an Apple Bailout?

By the way, don't buy into the apple myths. They have malware and bugs aplenty, they just don't have enough population density to encourage easy transmittal, or even be a tempting target for malware creators. Those scum want to get as many machines as possible, so only niche diehards or those who want to prove a point bother to infect anything with less than a 40% market share. Guess what that means... yeah, that's right, they go after Windows. If you flip-flop the percentages, you'll see a total shift in what they target. And that's not guesswork or rhetoric.

Personally I know of many reasons to complain about Microsoft, and Apple, and the Linux community. None are perfect, and all have nuts, fanatics, and total wackjobs. Pick your poison and learn how to use it safely.

Re:Not really

[sopssa]

But what do you need sudo for? Most malware that is trying to steal your info, send spam or whatever runs perfectly happy in user base.

You only need root access if you're trying to get control over the box, which is more of a hacking thing than what malware does.

Re:Not really

[FlyingBishop]

Well UAC is built-in to the system.

Yes, but it's almost completely ineffectual [pretentiousname.com]

Re:Not really

[Anonymous Coward]

dude you don't have a clue about what your talking about. Windows NT line did not evolve from DOS and has had security built in from the start, some of it not very well (that is besides the point), NT was ALWAYS designed and implemented as a multi user system with fine grained security permissions and multi sub systems, in many ways it is not much different than unix and in some ways it is better. before posting learn a little bit about the technologies of which you speak.

Re:Not really

[Xtifr]

Setting the execute bit is not difficult...

Yes, but it has to be done. Which means you have to persuade someone to do it.

if someone emails someone else a binary the execute bit will probably already be set.

Set where? The mime type doesn't define "executable bit" anywhere. And even if it did (which it wouldn't because it's not tied to a particular family of OSes), any unixish mail user agent which honored that instruction and set the executable bit would be blasted out of the sky by thousands, if not millions, of irate users who know what a security risk it is, and the program would never be allowed in the repositories of any reputable distribution.

And even if that weren't true, and commonly used unix MUAs did generously set the executable bit for you (which, I reiterate, they don't), that still wouldn't help, because, unlike with MSDOS or its horrid descendents, the current directory is not in the executable PATH! And no MUA will save to anywhere where a program could normally be executed, so you'd either have to persuade the user to modify their path or specify a path designation when they try to execute your malware, so we're back to social engineering, even in our contrafactual universe.

Apparently, the "weird thing" you've never heard of is UNIX (or Linux or BSD). :)

Re:Not really

[symbolset]

Thanks for joining the discussion friend. Now go back and review what he and I have shared on the subject to get some context on what I said. You may have to subscribe to slashdot to get the good bits.

Windows still has autorun even in W7. They've limited it, but it's still there [theregister.co.uk].