No Microsoft, an 'Net tax' won't stop botnets

No Microsoft, an 'Net tax' won't stop botnets

Summary: Scott Charney, Microsoft's Corporate Vice President for Trustworthy Computing, thinks that an "Internet tax" might offer a solution to hacking.


Scott Charney, Microsoft's Corporate Vice President for Trustworthy Computing, thinks that an "Internet tax" might offer a solution to hacking.

The idea that Internet service providers might somehow step up in the fight against malware is not new. The problem, however, is cost.


So who would foot the bill? "Maybe markets will make it work," Charney said. But an Internet usage tax might be the way to go. "You could say it's a public safety issue and do it with general taxation," he said.


Let's crunch the numbers. Some 90% of computers run Windows. According to Microsoft there are some 3.8 million botnet PCs worldwide, with some 1 million in the US. These botnets are responsible for the spam and phishing emails you get, denial of service attacks and other nefarious activities. They're a big problem.

But ...

Where does this idea come from that we should all have to chip in to fight this war of botnets? It's safe to say that the majority of these botnet systems are Windows-based systems (I'm pegging this number at close to 99% of the botnet PCs). Let's also not forget that Microsoft has gone out of its way to create a monoculture where one OS dominates, through legal and illegal methods. So the idea that we should now all pay to solve a problem that Microsoft not only wanted to create, but made billions of dollars in the process is frankly a ridiculous idea.

So, what needs to be done? Well, here are a few things that would help:

  • OEMs should pre-load free antivirus software onto new PCs rather than trial crapware
  • Other hardware vendors (router, wireless equipment) could also offer free antivirus software
  • Microsoft Security Essentials should be offered to all PCs without up-to-date antivirus installed
  • Microsoft needs to make keeping Windows Update switched on by all more compelling ... and this includes those running pirated operating systems
  • Rather than pushing a Windows Genuine advantage scan in exchange for software downloads, Microsoft should instead offer to scan systems for malware
  • Banks and other financial institutions need to be more insistent that customers using online services are protecting their PCs (some do, others don't)

Nowhere does people being taxed come into the equation.

Topics: Security, Browser, Hardware, Microsoft, Operating Systems, Software, Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • How long before people start crying

    about [i]their[/i] choice wether to run updates or not, or to install AV software on their systems, ect.

    Alot of this would stop where Security Essentials come loaded with the OS, up to date and turned on.

    But then Symantec, McAffee, ect would be running to the DoJ crying "unfair"
    John Zern
  • Ditch Windows

    Just stop using Windows. No, I'm not saying to all switch to other OSes, but just show Microsoft there ARE alternatives, and that if they don't start getting serious about security we could easily ditch 'em.
    • They ARE serious though

      They can include all the security they want into Windows, the thing is though, they can only do so much without interfering with what the user wants to do and the day to day operations of the machine running the OS.

      Secondly, It is up to the user, yes the user, to be informed of and resilient against these attacks. User ignorance comes into play here, if Joe User [i]really[/i] wants to install that program that shouldn't be trusted or open that e-mail attachment they know better not to, then there is nothing Microsoft or anyone else can do.
      The one and only, Cylon Centurion
    • Sure thing.

      And when those other OS become popular (thus a target) then you'll use the same excuse then, right?
      John Zern
      • It can never be as bad.

        Repositories, signed and secure. MS would do well to start on it, you can read here (and NO, it is NOT simply a slam on MS, it is truly what I think is a POSITIVE idea for MS to consider).

        • Windows: 99% botnets vs 90% share - Others: 1% botnets vs 10% share

          That really says it all, doesn't it?
          Great Kahuna
          • Yep, even further.

            90% marketshare with 99% botnets (and likely 100% of malware based botnets).
            10% marketshare with 1% botnets (I am still waiting for a report on the first OS-X or Linux botnet, not to be confused with cracked servers, but this is only for the math part).

            Just based on the probably flawed 1% non windows, you scale the 10% to 90%, you get a TEN TIMES reduction in botnets.

        • I wonder how difficult it would be

 do something like Android and have the user forced to turn on the ability to install things outside the repos. ISP's could potentially read that flag and maybe deny you access if you have it turned on and start posing a malware or botnet problem.

          MS will probably do something like this eventually (the Windows Phone store is a start) and I swear the MS fanboys will swear its some new invention and somehow Linux is just being a "me too" OS. LMAO
          • If you mean Linux, fine

            but if you mean Android, then you are putting Google spyware on your computer. Not an evil I would accept.
          • If they can't do any of the suggestions

            without users complaining that MS is forcing updates on them, or competitors complaining unfair, how will any OS ever be 100% safe?
            John Zern
  • RE: No Microsoft, an 'Net tax' won't stop botnets

    While not a completely bad idea to have Microsoft attempt to do more by default, if you target Windows and take away that avenue, Hackers, Virus and Malware Writers, etc... will just move onto other platforms (assuming those platforms are numerous enough to make it worth their while, Microsoft is to some degree a victim of it's own success).
    Better method would be for ISPs to monitor internet traffic for signs of Viruses behavior, DOS activity, etc... and then shut down those Botnets from being on the Internet. That would get the attention of the companies, individuals, and bad guys all at once!
    • Over 99% of botnets are windows...

      but windows is only on 90% of machines.

      Put another way: Remaining OSs have 10% market share and less
      than 1% of botnets. The ratio is worse than 10 to 1. Amazing,

      What do you make of that?
      Great Kahuna
  • I use Linux but I would be willing to pay another windows tax if...

    ...if that meant less phishing and a faster net.

    I already paid for several windows licenses that I never used.
    Paying another windows tax to get a faster net and less spam is
    nothing compared to that. At least I would be getting something
    from that, unlike that first windows tax this one it would be
    money well spent.
    Great Kahuna
    • I am not willing to pay.

      But i do believe that Microsoft should pay a tax on it. Figure a 7% tax on
      all Microsoft OS related products. To be fair All other OS makes should
      pay a 0.7% tax. That way no one is being singled out. Everyone is paying
      their fair share. This tax would be based on the retail price of the given
      OS, If the OS cost $0, the tax would be 0.7% of $0. If someone is willing
      to pay $320 for an OS, then another $22.40 is not an issue.
  • Only 3.8 million worldwide?

    Here is a report from last July indicates more than 10 million in the US alone and only counting the top ten botnets, they were aware of at the time.

    I realize no one is going to have precise data... as things are in flux, and each may have their own agendas.
    • And usually as one disappears

      from someone's system, that same person will go out and pick up a new one for that same system... :)
      John Zern
  • "Microsoft should instead offer to scan systems for malware"?

    Don't they already do that with the Malicious Software Removal Tool?

    And Windows Defender?
    Hallowed are the Ori
    • How about "electronic stamps"?

      Have a minimal fee for sending email. Those with infected systems would suddenly know and be willing to fix their issues. The money could be used to proactively address the issue. Email without "stamps" could be stopped at the door.
      Of course it would require an entire eco-structure to be developed, but I could see it absolutely aiding the situation.
  • ALL Microsoft machines, the truth...

    Yip, ALL Microsoft machines funny isn't it...
  • They do already

    [i]Banks and other financial institutions need to be more insistent that customers using online services are protecting their PCs (some do, others don?t)[/i]

    The usual method for this is to insist on a recent version of Microsoft Internet Explorer.

    This might or might not be an effective way to make sure that customers are protecting their Microsoft machines, but it's extremely effective at making sure that customers don't try to use non-Microsoft machines.
    Yagotta B. Kidding