Lay the foundation for a safer Internet world

TipsMake.com - The services of Google, Comcast and Microsoft can lay the foundation for a global warning system to disable malware.

When talking about information technology (IT) security, many people will be deemed miserly and go against the trend. However, recent developments in this industry have opened up hope for a safer Internet world to come in the near future. Large Internet companies, including Google, Comcast, and Verizon have launched new services that can serve as a foundation for global alert systems and the ultimate goal is to make the Internet safer by slow down the spread of malware.

The first is the unpublished improvements in Google's Gmail service. When Gmail (through analyzing an IP address) discovered an account is being accessed from a country - for example, China - has unusual signs, the service will alert people. use when they log into their regional and national accounts. The user will see a red flag, saying : ' Warning: we believe your account has just been accessed from: China '. Next is the IP address of the person who accessed the account in China.

This warning deserves praise. In fact, this idea is not new because some online email services from the past two decades have displayed the user's last login area. However, Gmail is the first service to place a banner that warns users, especially about access from China. This is because more attacks have come from China earlier this year. These hacks are related to attacking account login information.

Perhaps, it would be better if warnings like this simply reported unauthorized access occurring from a location other than the user's usual location. Certainly, there will be a slight error when we travel and access our account from a new geographic area - however, more information is usually better than less information. Clearly, Google's revelations and services deserve compliments, and hopefully more email providers will offer similar services.

Comcast's Constant Guard service is another step in the right direction. If this service, one of the most recent ISPs in the world, detects malicious activity spreading on a client's computer (for example, a large number of connections from an IP address, guest The item is listed on the Antibot report list from anti-malware services, the company will alert users about the possibility that they are being exploited on their own computers.

In 2009, Comcast began sending alert emails to alert customers. Now, the company is trying to put a warning flag in the middle of the user's browser session. Comcast's effort is remarkable. Because, when this company protects its customers, it also means that they are protecting many people who are not their customers.

Similarly, this is not entirely new. Two decades ago, a number of other major Internet service providers offered similar features. Still, Comcast is still one of the largest providers offering this type of service, and with its leading position, its decision will have a far-reaching impact.

Lay the foundation for a safer Internet world Picture 1 As part of End-to-End Trust, Microsoft is currently recommending that users, businesses and Internet service providers become more proactive. The giant wants infected or hacked computers to not be connected to the Internet until they are completely scanned. Smart security, this is a step in the right direction: Why wait until the exploited people read and react when receiving a warning, before their computer is cleaned?

However, a lot of users - very wary of fake antivirus scareware - might think that these malware warnings are bogus and ignore them. Even if they don't ignore them, how much time will it take when some individual users log in and read their emails or start a new browser session?

It can be said, they will take hours to perform the above tasks. And in this hourly period, bots and malware were able to send millions of emails containing malicious code as well as hidden malicious connections. Also during this time, many people will lose their identity, along with their money. If warning users is a good idea, why not help them develop and disconnect the systems of infected computers until they regain 'health' or just let them connect? to 'cleanup' service?

Perhaps, a good idea, it will be hard to happen. All they can do is a computer is disconnected and there may be a lawsuit. How much can we understand about what is being tampered with when they come from customers? How will Internet providers be correct in identifying malicious code against legitimate traffic? And what is the risk of someone's disconnection if they are running an extremely important service - for example, is a computer tasked with collecting health diagnostic information at real time? The method offered by Microsoft, in some cases, may be worse than the problem.

Even though we all enjoy the idea of ​​blocking exploited computers, it has proved to be difficult to accomplish this in order to achieve great success when applied. Is it enough for Internet service providers to issue a disconnected warning, and what constitutes a maliciously detected traffic, in the EULA - (End-User License Agreement_? license contract for end users?

Perhaps, it would be safer to allow computers infected with malicious code to exploit the computer to decide how to control the traffic sent. This means, services like DNS can warn people when a malicious code is detected. Then, the recipient of these warning services can decide on how to control the computers that have been infected with malicious code.

Some may decide to completely disconnect all connections from the exploited computer. Others may just make a simple decision: strict censorship of traffic or limit connection to a quarantine.

Lay the foundation for a safer Internet world Picture 2 Even if there are malicious computer detection services, we should still have a built-in Internet alert service. Most anti-malware companies and interested parties get a list of obscure points every day, updating several times a minute. These anti-malware companies know well where the bad guys live a lot more than their users or businesses. Perhaps, information about bad guys should be shared with everyone, immediately, and not just posting some of them. As mentioned above, a lot of information is always good.

That way, when an innocent computer or a network is exploited, we can immediately know the information. The network protection system and the computer can perform the necessary actions to deal with the problem (malware protection software can be used to detect malicious software). When the original network or the original computer has been scanned cleanly, the world will be notified immediately and connections, normal communication will continue. From now on, it seems a bit strange that the messages people receive are malicious spam emails from their friends.

So, Google, Comcast, Microsoft and other companies should take a bigger step together and upgrade individual user notification services into a global service that alerts everyone. . Microsoft End-to-End Trust has built such ideas. Computer security research group - Trusted Computing Group - built protocols (IF-MAP) to support a warning service. The world has accepted Web services, SOAP and SCAP protocols. All the open parts and standards we need to develop global alert services are ready.

All we need is some servers and some organizations agree on how to deploy the work. After 20 years of waiting for computer security solutions implemented to deal with computer crimes, we are on the threshold of getting a real solution. However, there is only one thing worth wondering: What will they need to become reality?