Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Microsoft Security Government News

Microsoft To Get Malware Bailout In Germany 226

hweimer writes "The German government plans on paying to set up a call center to help Windows users with malware infections. I think this has the effect of being a malware bailout for Microsoft, discouraging them and other software companies from writing better code and giving users little incentive to switch to more secure alternatives. How much government money is needed to run the call center is also not revealed." The call center, running in cooperation with ISPs (but not manufacturers), is envisioned to have a staff of about 40.
This discussion has been archived. No new comments can be posted.

Microsoft To Get Malware Bailout In Germany

Comments Filter:
  • Not really (Score:5, Insightful)

    by sopssa ( 1498795 ) * <sopssa@email.com> on Tuesday December 08, 2009 @04:36PM (#30370680) Journal

    I think this has the effect of being a malware bailout for Microsoft, discouraging them and other software companies from writing better code and giving users little incentives to switch to more secure alternatives.

    I have to disagree with that. Malware problem is usually because of user stupidity. Like any other OS, you can run Windows securely if you don't do stupid things.

    The thing is, as we don't care so much about how to properly feed, exercise and clean ponies, normal people don't care so much about computer security. They just want to do their thing. But now they would have a place they know they can seek help from, and who are giving helpful instructions how to not get infected anymore and how to solve their problem. Maybe those hints stick, maybe not, but at least they can get help with the problem (without calling over our fellow slashdotters all the time!)

    But what is an interesting piece in the article (and somewhat worry-some)

    Before the plans are implemented, however, a decision needs to be made on what sanctions customers who decline to cooperate with their ISP can be subjected to. According to an eco project manager, quoted by the dpa, "Anyone surfing without proper anti-virus software is endangering other web users, in the same way that a car driver driving with faulty brakes is endangering other road users."

    I'm sure Symantec will hurray for that, but I don't want someone push an av software down my throat that I don't even need. Even less on my linux server. I really hope it only means those users who have been identified by the ISP to be sending spam out.

    But the bottom line is, it's not a "bailout" for Microsoft. Malware goes where the users and money are and any kind of better code or secure alternatives cannot go around user stupidity. Linux is mostly secure from malware because the users generally are more geeky than the casual users on Windows and don't just random stuff from the internet. Repositories also help with this, but if Linux ever gained any actual desktop marketshare and casual users, the 3rd party applications/games/whatever that people want would be downloaded from the internet just the same way as on Windows. But any (good) Linux sysadmin knows there been worms in Linux too and remote hacks are commonplace if the system isn't properly secured (and casual users just wont do that).

    • by eln ( 21727 ) on Tuesday December 08, 2009 @04:42PM (#30370754)

      as we don't care so much about how to properly feed, exercise and clean ponies

      On the contrary, I've had an inexplicable interest, some might even say obsession, with ponies since April 1, 2006.

    • Re: (Score:2, Insightful)

      by rolfwind ( 528248 )

      1. This isn't the role of government.
      2. No matter how much the apologists bray, the fact is that Windows has the most infections. The proof is in the pudding! Yes, user stupidity contributes to that... but it ignores deep design flaws in Windows itself! Will the infections ever go toward zero even with the best designs but dumbest users? No. But it sure doesn't excuse it being in the other extreme for Windows.

      • Comment removed (Score:5, Insightful)

        by account_deleted ( 4530225 ) on Tuesday December 08, 2009 @04:51PM (#30370870)
        Comment removed based on user account deletion
        • Re: (Score:3, Insightful)

          by gbjbaanb ( 229885 )

          Not really, governmental organizations are not so much interested in helping you clean up your malware-PC, but in funding the internet cops to trace and bring the perpetrators to justice.

          The callcentre script drones will probably be fine - they'll tell everyone to run spybot, install an AV system, run windows updates and then take it to a repair centre or reinstall if symptoms persist.

        • by DarkOx ( 621550 )

          The best way would be to just make the user responsible. Require a license to use the internet. Make it 1Euro (since this is Germany) and no renewals no exams nothing; just like buying fishing license in the USA. Once you apply you have it. The license entitles you to have a personal computer system attached to public internet. You should still be free to use the internet at friends house library etc with no internet license.

          I am not proposing any elaborate tracking scheme here either. All this would

        • 1. This isn't the role of government.

          I'd normally be the first to agree, but isn't a large portion of malware used for criminal activity? Identity theft, botnets that engage in DDoS extortion attempts, spam relays, phishing, etc, etc. It seems to me that law enforcement (i.e: government) has a legitimate interest in reducing the number of malware infections that are out there.

          Of course, a call center filled with follow the script support drones probably isn't the best way to go about doing that.......

          I would support the (what is likely not very costly in respect to other programs) spending of money on this kind of service to my countrymen. Rather I would prefer this kind of spending over other extremely tax-parasitic spending programs aimed at 'defending' us that cost us trillions here in the US.

          Yeah, a 200 billion dollar bill to design a new fighter jet (on slashdot a few months ago), is a little excessive when 1) Our current jets and weapons are frikkin amazing and 2) people are all in a hissy about

        • by plopez ( 54068 )

          If some some one sells you a car with defective locks, aren't they somewhat liable? WHy should you have to call someone who saya "change the locks at *your* expense." You've already paid for the car, why pay more?

          • If some some one sells you a car with defective locks, aren't they somewhat liable?

            Car door locks are pretty weak, easily bypassed in most cars with appropriate tools. In many not so old cars, all that is needed is a screwdriver. They also don't prevent the car from being stolen by being towed, or broken into by breaking the glass. All of these are recognized and dealt with as criminal acts, and are insured against as an inevitable occurrence in a world that has the occasional nasty person in it. We don'

        • Re: (Score:3, Insightful)

          by jipn4 ( 1367823 )

          I'd normally be the first to agree, but isn't a large portion of malware used for criminal activity? Identity theft, botnets that engage in DDoS extortion attempts, spam relays, phishing, etc, etc. It seems to me that law enforcement (i.e: government) has a legitimate interest in reducing the number of malware infections that are out there.

          So they should go to the source of the malware infections: Microsoft. Microsoft needs to be held responsible for selling software that is so susceptible to malware. The

      • This isn't the role of government.

        The role of a democratic government is precisely what the voting citizens define it to be. No more, and no less.

        • Re:Not really (Score:4, Insightful)

          by Stormwatch ( 703920 ) <(rodrigogirao) (at) (hotmail.com)> on Tuesday December 08, 2009 @06:18PM (#30371904) Homepage

          The role of a democratic government is precisely what the voting citizens define it to be. No more, and no less.

          The full extent of that reasoning: if 51% of the people say the other 49% should be enslaved, the ballot makes it right.

          Hell no, that can't be right. The purpose of the government is to uphold every citizen's inalienable rights; and it must be as small as it can be while remaining capable of fulfilling that purpose. No more, no less -- with emphasis on the "no more" bit.

          • Re:Not really (Score:4, Insightful)

            by shutdown -p now ( 807394 ) on Tuesday December 08, 2009 @06:34PM (#30372066) Journal

            The full extent of that reasoning: if 51% of the people say the other 49% should be enslaved, the ballot makes it right.

            Not really; note that I said "citizens", not "majority of citizens".

            In any case, show me a democratic government in which, if N% of people say that other 100-N% should be enslaved, they can't make it happen by legal means, for any value of N (keeping in mind such things as referendums, constitutional amendments, etc). U.S. is definitely not in that list, as its Constitution can be arbitrarily amended, given a supermajority - you could get slavery back tomorrow, or install absolute monarchy, if there was sufficient public support for it.

            The only western country I can think of in which the ballot does not ultimately rule supreme is Germany with its "immutable" Constitutional provisions (that guarantee the "fundamental democratic character" of the system of government and certain basic human rights). It's fairly obvious, however, that with sufficient support, Constitution is just a piece of paper - it won't help you against a revolution by an armed mob, and then whatever laws they establish will become the law of the land. So in the end, pragmatically, it's always tyranny of the majority - it may be just more or less veiled.

            The purpose of the government is to uphold every citizen's inalienable rights

            Who determines what rights are inalienable? What if 51% and 49% disagree?

          • Hell no, that can't be right.
            The purpose of the government is to uphold every citizen's inalienable rights; and it must be as small as it can be while remaining capable of fulfilling that purpose. No more, no less

            There are no restrictions on amendments to the American Constitution. No greater formal barrier to repealing the 1st Amendment than the 18th, Prohibition.

            We the People of the United States, in Order to form a more perfect Union, establish Justice, insure domestic Tranquility, provide for t

          • by jonaskoelker ( 922170 ) <(moc.oohay) (ta) (rekleoksanoj)> on Wednesday December 09, 2009 @02:08AM (#30374810)

            The purpose of the government is to uphold every citizen's inalienable rights; and it must be as small as it can be while remaining capable of fulfilling that purpose. No more, no less

            I propose a different mission for government: in economist-lingo, to maximize social welfare (that is, the sum of how happy the population is).

            And of course, the population should value freedom of {speech,assembly,press,etc.} very highly.

            But---pregnant pause---there is such a thing as a market failure, and I think it makes good sense for the government to step in and make regulations that makes the market more competitive.

            Observe that the societal material benefit of a free market comes about not because the market is free but because it's competitive.

            If you're free to enter a market where you'll most certainly be crushed by the incumbent monopoly, what does that freedom really buy the society? But if the monopoly is prevented from using its monopoly status to crush you and has to compete reasonably fairly with you, you might have a shot at getting your better/cheaper product out to consumers.

            If you're an American, you'll laugh at "I'm from the government, and I'm here to help you." I don't. I know there's something shady going on, in particular with travel funds for the EU which the MEPs aren't held much accountable for [long story, but the point is if you-an-MEP travel not-extremely-extravagantly, you can pocket a large wad of my tax money at the end of the year. Some politicians do.]. But I also believe politicians (from time to time) genuinely want to do good for the people and the nation.

        • by jipn4 ( 1367823 )

          The role of a democratic government is precisely what the voting citizens define it to be. No more, and no less.

          Not quite. If the citizens make decisions that make government undemocratic, then their decision is logically not part of the democratic process anymore (since the democratic process has ceased at that point).

      • 1. Don't you think it is up to the people of the nation in question who set up said policy to decide if it is the role of their government or not?
        (If you are a citizen of Germany then there is nothing inconsistent about your 1 point.)
        2. What if as a solution to the Malware problem they offer advice like "Have you tried Linux?"
      • If the largest number of machines was Apple, or Linux, or operating system abcdefg that operating system would have simular issues with malware.

        The most used OS == biggest target. That being said, will the person at microsoft who decided that the first or default account is an administrator please stand up. You need to be beaten.

        • That being said, will the person at microsoft who decided that the first or default account is an administrator please stand up. You need to be beaten.

          Yeah, I agree. That would be as bad as, say, having the admin user be the first user you set up on a linux box, or giving it a UID of 1. Wait...

      • "1. This isn't the role of government."

        I don't know. I used to think government should just bugger off, and leave people alone. But, they insist on meddling in every facet of citizen's lives anyway. Hell, government spends 25 to 30% of my paycheck before I ever get to see how much I've earned!! If government is so intimately involved in all our lives anyway, government might as well slap around those people who ARE running a spambot from their machine. Knowingly, or not. Ain't no malware on MY machines

    • Re: (Score:3, Insightful)

      by CaseCrash ( 1120869 )
      Thanks for pointing out something actually interesting from the article and relevant to us /.'ers

      As it is, the summary reads "A government decided to do something to help their less computer-savvy citizens. Here's my rant against microsoft with no bearing on reality. Please go to my blog."
    • I fail to see how government specific help around one specific product from one specific company, is not a bailout. They are reducing Microsoft support costs, pure and simple...

      How would it fly if the government were spending money to pay for gas for one specific brand of car?

    • Re: (Score:2, Funny)

      The thing is, as we don't care so much about how to properly feed, exercise and clean ponies, normal people don't care so much about computer security. They just want to do their thing.

      So... are you suggesting that you just want to.... "do your thing" with a pony?

    • Re: (Score:2, Insightful)

      by noidentity ( 188756 )

      I have to disagree with that. Malware problem is usually because of user stupidity. Like any other OS, you can run Windows securely if you don't do stupid things.

      Agreed; Mac users are no more bright, so they should set up a call center for Mac OS X malware infections too, though they could staff it less, perhaps with one person. Oh wait, Mac OS X doesn't have the malware level as Windows, even given the same level of user carelessness.

    • Re: (Score:3, Insightful)

      by natehoy ( 1608657 )

      No, the article is pretty clear that the ISP will use patterns (not the existence or presence of antivirus, which they really couldn't detect effectively anyway) to determine if a computer is infected with a bot.

      The first step will be to contact the infected user and/or put up a custom web page that they will default to letting them know about the infection. That will be done by the ISP. The ISP will then refer them to the new advisory center to get the infection cleaned up.

      I think part of the advice woul

    • Re: (Score:3, Interesting)

      by LWATCDR ( 28044 )

      For the most part I tend to agree. Any user installed Trojan is the users responsibly.
      If the malware gets installed through an exploit then it is the OS/Applications fault.
      In a good amount of cases it is no longer Microsoft's fault.

    • Re: (Score:3, Interesting)

      by bhtooefr ( 649901 )

      There is one platform out there that's resistant to the dancing bunnies problem.

      The iPhone.

      Unfortunately, that's the only way to be resistant to it - don't allow third-party software unless it's been inspected by real people whose job it is to inspect it.

    • Re:Not really (Score:4, Insightful)

      by Tom ( 822 ) on Tuesday December 08, 2009 @05:22PM (#30371298) Homepage Journal

      Like any other OS, you can run Windows securely if you don't do stupid things.

      Like any car, you can parallel park an 18-wheeler, if you are careful enough.

      Sure, you can do it. Some OSes just make it easier, and some make it a challenge. I dare say Windos (any version) is in the later category. Heck, it usually comes with a fine selection of ad- and spyware pre-installed thanks to your friendly OEM.

    • by plopez ( 54068 )

      Bullshit. It's due to crappy insecure software. As long as they get a free ride they have no reason to fix it.

    • by pod ( 1103 )

      The thing is, as we don't care so much about how to properly feed, exercise and clean ponies, normal people don't care so much about computer security.

      Oh, what a cop out!

      Most of us don't care about the care and feeding of ponies because.... most of us don't have ponies to care for and feed.

      On the other hand, most of us do have computers.

      Most of us also have cars, and even though most of us do not have mechanical engineering degrees, we know the basics of maintaining them, either ourselves or having someone else do it, because we know negligence can be very expensive. Using public resources to bail out computer user mistakes due to ignorance and negligence

    • Re: (Score:2, Troll)

      by jipn4 ( 1367823 )

      I have to disagree with that. Malware problem is usually because of user stupidity. Like any other OS, you can run Windows securely if you don't do stupid things.

      You're exhibiting typical programmer stupidity. Hard as it may be to believe, most people in this world don't give a damn about software, they just want to get their work done. They don't want to be pestered by annoying dialogs, and they certainly don't want to understand security just in order to browse the web or use their PC without virus infe

  • This is one of the dumbest things I've ever heard. Is this just a government make work project or something?

  • With a staff of 40, they'll be swamped. I don't even work in IT, and I get 5-10 calls a week from family members and "friends" who want me to help them remove viruses and spyware from their machines (some I help, some I don't). Nobody will be able to get through, even with an automated system to help those who know at least a little about what to do.
    • Re:Too small a staff (Score:4, Informative)

      by natehoy ( 1608657 ) on Tuesday December 08, 2009 @05:13PM (#30371184) Journal

      This is not an open support desk, at least that's not what the article describes. This is a "referral of last resort" from an ISP to this support desk. In your case, you'd probably still field most of the calls, but your friends and family would say "my Internet people just called me and said I have worms or a cold or something, and that they'll stop my Internet unless I fix it. Help!"

      Based on what I'm reading in the article, here's how a general fix would go:

      1. ISP detects malware patterns coming from one of their users.
      2. ISP contacts customer, says "you appear to have a virus that is doing bad things on the network. Please fix it." or pops a web page with the same message and probably a link to an antivirus solution.
      3. (assuming user doesn't know how to install AV software) ISP refers customer to government call center.

      If the customer refuses to fix the problem or turns out to be unable to do so even with help, then the German government needs to figure out what they want to do. Shut the user off? Attempt to have the ISP block the malware with port blocking? Some interesting and perhaps disturbing possibilities there.

      • by REggert ( 823158 )

        ISP contacts customer, says "you appear to have a virus that is doing bad things on the network. Please fix it." or pops a web page with the same message and probably a link to an antivirus solution.

        Popping up a web page would be an extraordinarily bad idea, given how many popup/banner ads, malicious web pages, and adware are already out there selling fake antivirus software.

  • I mean, it's a drop in the bucket compared to the millions of lifetimes we as a species have already lost to Microsoft's pathetic security. The entire industry is about ten years behind where it would have been had we not had MS fighting virtually every innovation we now take for granted-- the Internet, multitasking, multiuser, open source, open standards, basic security (you don't try eating everything that looks like it'd fit in your mouth... why should you execute every piece of data you find on the int
  • by Bert612 ( 1672270 ) on Tuesday December 08, 2009 @04:55PM (#30370934) Homepage
    The press release doesn't mention Microsoft. In fact it states that this new service is for all users with all operating systems. So while indeed 99% of all users run Microsoft, niche systems like Linux and Mac will be helped too. A good idea which will hopefully help improve internet safety for those users who just don't understand the technology they are using, but want to be on the net just like everybody else.
    • by earlymon ( 1116185 ) on Tuesday December 08, 2009 @05:10PM (#30371156) Homepage Journal

      In fact it states that this new service is for all users with all operating systems. So while indeed 99% of all users run Microsoft, niche systems like Linux and Mac will be helped too.

      I like the way you think.

      It's very different from the support centers that I call with hardware problems - like when an update bricked my router - that suggested I:

      a) re-install Linux to fix the problem,
      alternately, b) don't use a Mac, because they don't do REAL networking,
      c) if I were only using Windows, I wouldn't be having this problem,

      and my favorite -

      d) I must be lying because no one has three operating systems in their house - and if I do, then maybe that's what bricked my router.

      But - as I said, I like the way you think, and I wish them many good lucks with this endeavor.

      • Re: (Score:2, Troll)

        by DangerFace ( 1315417 )

        This. This this this.

        The number of times I've had to explain to my ISPs tech support that they just need to tell me what they want, as opposed to which button in XP to click, at one point got so bad that I feel I was justified in pirating Windows just so I could dual boot into it for those idiots. I had a friend once who was getting a slow connection speed from his router to the ISP, and they told him he'd have to get Windows before they could help him, because they don't support Linux.

        Normally with these p

  • by mseeger ( 40923 ) on Tuesday December 08, 2009 @04:57PM (#30370956)

    Hmmm..... Neither headline nor summary fits the news. Nothing in the quoted article mentions windows. The article itself is focussing on a small aspect of what is being discussed. Some parts of the discussion would be very negative for Windows users. E.g. it is being discussed to disconnect users from the Internet who don't fix their PCs when attacks originate from them. I don't agree with a lot of things discussed, but they didn't do anything to deserve a /. summary like this.

    CU, Martin

  • This is not a bailout for Microsoft, it's a bailout for German economy in order to decrease unemployment. Because exhausted call center employees will force government to hire more staff. If they aim to keep lines open for calls that would surely bring the unemployment in Germany to pre-recession levels.
    • "Because exhausted call center employees will force government to hire more staff."

      Or put "Arbeit Macht Frei" over the gate to the call center.

  • by meerling ( 1487879 ) on Tuesday December 08, 2009 @05:32PM (#30371406)
    Sorry, but helping the clueless or unfortunate users from something that wasn't created, distributed, or sanctioned by Microsoft isn't a Microsoft Bailout even if the users are running MS Windows.

    If Macs were the big dog in the OS world, would you then be calling it an Apple Bailout?

    By the way, don't buy into the apple myths. They have malware and bugs aplenty, they just don't have enough population density to encourage easy transmittal, or even be a tempting target for malware creators. Those scum want to get as many machines as possible, so only niche diehards or those who want to prove a point bother to infect anything with less than a 40% market share. Guess what that means... yeah, that's right, they go after Windows. If you flip-flop the percentages, you'll see a total shift in what they target. And that's not guesswork or rhetoric.

    Personally I know of many reasons to complain about Microsoft, and Apple, and the Linux community. None are perfect, and all have nuts, fanatics, and total wackjobs. Pick your poison and learn how to use it safely.
    • Re: (Score:3, Interesting)

      by Penguinisto ( 415985 )

      They (Macs) have malware and bugs aplenty,...

      Please list all non-trojan malware for OSX. Even a small sampling will suffice. Hell, even one would suffice.

      (Bugs? Certainly. Trojans? There have been roughly a handful of variants that require a user to find a shady pr0n website, download the trojan, then enter an admin password in spite of all warnings telling them that it might not be a good idea... one simply cannot fix stupid).

      Anyrate - let me know what you find.

      • Yeah. I'd like a list too. My wife works in PC support for a large university (34,000 students). She works at the main repair and service center. When I go in, the shelves are lined up with Win laptops waiting for a wipe and reinstall of the OS to repair some virus (is that really necessary?), and there'll be a single Mac sitting there waiting for Office to be installed. Every new trojan or virus that comes out sees the Windows folks lined up, and Mac users only show up because the U uses a stupid website t
    • The security by obscurity bullshit constantly spewed as a counter argument whenever someone claims OSX or Linux is more secure is tiring. Security through obscurity doesn't work, and the argument falls flat on its face when you look at the rate of exploit of *NIX servers vs. Windows servers or Apache vs. IIS, the former being more widespread in both cases, but having fewer exploits compared to the latter.
  • Malware is not the same thing as viruses. No amount of security in the operating system will save the user from getting a malware infection if he clicks "Yes" to anything. Unless the OS is locked down to the point of not being able to install anything.
  • by dave562 ( 969951 ) on Tuesday December 08, 2009 @05:57PM (#30371678) Journal

    I've been cleaning up other people's infected Windows machines for longer than I have wanted to. It seems like nine times out of ten, the only way to ensure that the computer is clean after it gets infected is to do a complete pave and rebuild of the OS. That level of complexity isn't something that a tech support person can walk an average user through over the phone. Forget about backing up the data beforehand, or re-installing the applications after the fact.

    I like the idea. The way that the article is worded is complete flamebait though. I think we can all agree that steps need to be taken to reduce the number of malware infected Windows boxes on the internet. Doing so makes the internet a better place for everyone. It just seems to me like the Germans are taking on an impossible task. Once a Windows box is owned, it stays owned.

    On a related tangent, I think things could be better if ISPs institute the equivalent of a "good driver discount". Give the owners of clean computers a discount on their monthly service fee. I'm not an economist, but it seems like it would need to be enough of a discount to cover the cost of having a "professional" setup the computer right in the first place. I see advertisements where I live that claim to clean malware infected computers for $30-50. So a discount of $5 a month seems about right. On the other hand, if the discount isn't high enough, then the incentive won't be strong enough to encourage people to keep their computers clean. At that point maybe the ISPs need a stick, instead of a carrot. Perhaps throttling the connection, or re-directing to a subset of URLs for how to deal with malware infections.

  • On the contrary, its 'the people' just saying that the vendors are not doing enough! If you think for a minute that people are stupid, well you may be partially right, but they won't be that way forever. Once they realize it doesn't have to be that way (by talking to others that already know the truth) they will demand more before they spend their next dime. Talking to a person not a party to the software itself will certainly educate them. In this day and age the vendors need to make their products a lot b
  • Maybe it should be set up in Munich they should have some clue about installing Linux.

    Now I remember that I just recently had to cleanup somebody's computer and didn't install Linux. Damn, I have become so complacent.

  • how long are we going to put up with this corporate welfare? Bank bailout,subsidies for oil and gas companies, subsides for agribusiness etc. I need money, why can't I get it? I pay more in taxes than any of those scum bags.

  • Okay then - I'll start selling cars (car analogy FTW!)... I don't know anything about cars, but OTOH Microsoft doesn't know shit about Operating Systems, so aparently that's okay... I'll just sell cardboard cutouts and my government will pay for the fixes...

    PROFIT!
  • "BSI"

    I can't help but wonder if this might be a way for folks to be directed to Knoppix? [knoppix.net]
  • I'll provide my own bailout to the world and seed ubuntu-9.10-desktop-amd64.iso.torrent a bit longer.

Ocean: A body of water occupying about two-thirds of a world made for man -- who has no gills. -- Ambrose Bierce

Working...