What Charney proposed was an "Internet Public Health" system. This proposal extemporised on the idea that Microsoft malware bears a resemblance to real viruses and other biological pathogens and parasites (which is actually not true). Charney advocated that Internet gate-keepers should adopt strategies for controlling malware outbreaks that would be similar to "Public Health Policies" adopted by civil and medical authorities in combating biomedical epidemics. According to him, infected Microsoft computers should be quarantined (i.e isolated from the Internet) until they could prove they had been issued with a "Certificate of health".
Of course if Charney was a lone lunatic ... Calling out to unseen voices in a conference ... The organisers could have just had him carted off to a real public health facility to be administered with some compulsory medication ... Sadly, this delusion is shared by many people around the globe today. There are a lot of people, some of whom should know better, joining in and heartily endorsing this nutty proposal ...
For example, a recent report delivered to the Australian House of Representatives Standing Committee on Communications entitled "Hackers, Fraudsters and Botnets" also called for similar action. Fairfax media also report that Dr Prescott Winter, former chief technology office of the NSA, called for a ban on entire countries that do not pay attention to cyber security (presumably enforce a loony-tunes scheme such as proposed by Charney).
So in the interest of reason and evidence based policies, your blogger proposes a humble but brief sanity check:
Computer malware arises primarily because of Microsoft's shoddy software. In the early years of the adoption of the Windows/Intel (Wintel) PC, IBM abandoned much of the security imperatives which used to be an integral part of their mainframe culture. They allowed third parties to construct an OEM "user-friendly" platform, which they endorsed with their prestigious brand name. This arose mainly because IBM were paranoid about competition from "user-friendly" Apple computers. The appalling security in most of Microsoft's software is a legacy of the poor security choices that were made in the original design of the Wintel PC.
The most obvious way to improve Internet security, would be for Microsoft to abandon their flawed dumbed-down "user-friendly" paradigm and fix the broken security of their product. In fact, the greatest improvement in computer security would arise if a sizeable chunk of consumers chose other (more secure) operating systems. This would have the immediate effect of improving security for those wise users and the equally beneficial effect of sending a clear message to Microsoft that they must clean up their act -- Thus alleviating the suffering of the poor sods not smart enough to ditch Microsoftware.
The "Digital Public Health" scheme is clearly unworkable. It is every bit as ludicrous as the "Global Internet Filter" proposed by our present government. It runs counter to many of the ideals being promoted regarding "net neutrality" and requires ISPs to take an invasive approach to managing their clients. And if such a system were imposed, it would raise serious questions of how ISPs, in the brave new fascistic digital regime, would deal with non-Microsoft workstations. For example the quickest way to permanently upgrade a computer and get rid of Microsoft Malware is to install Ubuntu. But how could one do that if one's computer was banned from accessing the Internet (Because it was a Microsoft workstation with a "virus")? Come to think of it how would a hapless Microsoft customer be issued with a "Health Certificate" from Microsoft if he/she was blocked from accessing the Internet? ... (Perhaps Machines that have been black-listed will only be allowed to download the latest version of Microsoftware?). And what if the next generation of malware authors persuaded compromised machines to generate "Health Certificates"? (Eek!)
Who is going to pay for all of this extra work carried out by ISPs under this scheme? Because Microsoft failed to manage security, ISPs would now have to carry out the work for them, and inspect and manage individual accounts. But who is going to foot the bill? <sarcasm> Umm, Don't Tell Me! Let me guess ... </sarcasm>
In any case, the Public Health Analogy is entirely inappropriate. For any malware author to compare his/her foolish one-track, single-task self-replicating algorithm with something as complex, powerful, elemental adaptable as a genuine (biological) virus (that has to contend with a real defence system) is nothing short of hubris. The analogy might make sense if eighty percent of humankind had absolutely no immune system (because their basic life support had been manufactured by Microsoft). Fortunately this is not true. Microsoft was not involved with the evolution and history of life on earth ... And so there is nothing about the poor design of Microsoft security that comes close to resembling a real world (biological) epidemic.
A friend of this website writes:
Well, can you imagine! But let us not ask how computers get infected with viruses in the first place, due to use of crappy MS software, else we go nuts and have apoplexy and die.
I reckon, this is a bit like a major hospital somewhere in the world, say, hijacked by the evil Joker from Batman: The Dark Knight, which hospital infects the entire world with bubonic plague, or cholera, then issues an "authoritative" health warning and a lament that so many people are, sob, dying.
No, no no no no, it would be far more efficient on all fronts now and for the future if the US government just set the Pentagon, the military, and the CIA and/or the FBI and/or Congress and/or the President hisself in front of vast numbers of TV news network channels broadcasting internationally, to declare that Microsoft [operating system whichever and related software] has in terms of US national interests become a clear and present danger to US national and cyber security and shut them down forthwith. End of the MS story and let's see how good US systems admin folks are at sorting out the damage. Like, MS is just, too soft! Now, is this opinion cruel, or is it merely fair to computer standards? Let's get real here for a useful period, ok.
Now while your humble blogger does not necessarily endorse such views, he can understand why some people might express them.