It can be said, they will take hours to perform the above tasks. And in this hourly period, bots and malware were able to send millions of emails containing malicious code as well as hidden malicious connections. Also during this time, many people will lose their identity, along with their money. If warning users is a good idea, why not help them develop and disconnect the systems of infected computers until they regain 'health' or just let them connect? to 'cleanup' service?
Perhaps, a good idea, it will be hard to happen. All they can do is a computer is disconnected and there may be a lawsuit. How much can we understand about what is being tampered with when they come from customers? How will Internet providers be correct in identifying malicious code against legitimate traffic? And what is the risk of someone's disconnection if they are running an extremely important service - for example, is a computer tasked with collecting health diagnostic information at real time? The method offered by Microsoft, in some cases, may be worse than the problem.
Even though we all enjoy the idea of blocking exploited computers, it has proved to be difficult to accomplish this in order to achieve great success when applied. Is it enough for Internet service providers to issue a disconnected warning, and what constitutes a maliciously detected traffic, in the EULA - (End-User License Agreement_? license contract for end users?
Perhaps, it would be safer to allow computers infected with malicious code to exploit the computer to decide how to control the traffic sent. This means, services like DNS can warn people when a malicious code is detected. Then, the recipient of these warning services can decide on how to control the computers that have been infected with malicious code.
Some may decide to completely disconnect all connections from the exploited computer. Others may just make a simple decision: strict censorship of traffic or limit connection to a quarantine.
Even if there are malicious computer detection services, we should still have a built-in Internet alert service. Most anti-malware companies and interested parties get a list of obscure points every day, updating several times a minute. These anti-malware companies know well where the bad guys live a lot more than their users or businesses. Perhaps, information about bad guys should be shared with everyone, immediately, and not just posting some of them. As mentioned above, a lot of information is always good.
That way, when an innocent computer or a network is exploited, we can immediately know the information. The network protection system and the computer can perform the necessary actions to deal with the problem (malware protection software can be used to detect malicious software). When the original network or the original computer has been scanned cleanly, the world will be notified immediately and connections, normal communication will continue. From now on, it seems a bit strange that the messages people receive are malicious spam emails from their friends.
So, Google, Comcast, Microsoft and other companies should take a bigger step together and upgrade individual user notification services into a global service that alerts everyone. . Microsoft End-to-End Trust has built such ideas. Computer security research group - Trusted Computing Group - built protocols (IF-MAP) to support a warning service. The world has accepted Web services, SOAP and SCAP protocols. All the open parts and standards we need to develop global alert services are ready.
All we need is some servers and some organizations agree on how to deploy the work. After 20 years of waiting for computer security solutions implemented to deal with computer crimes, we are on the threshold of getting a real solution. However, there is only one thing worth wondering: What will they need to become reality?