Voluntary “Zombie” Code of Practice – Will it Work?

In an article covered by ZDNet today, the Federal Government is temaing up with the Internet Industry Association to curb the number of trojan or worm-infected computers (otherwise known as “zombies”) on the Internet. What’s more, the code originally drafted last year in September will be voluntary for each and every ISP to implement.

A code of practice is all well and good but the real question is whether or not it would actually work (even if partially or completely enforced). Will it even make a difference?

I am aware of certain ISPs in the past suspending the accounts of their customers in cases where worm activity was detected and I guess this formalises the procedure to a degree. The problem that I can foresee is that with an increasing number of broadband connections and multiple computers being connected in each home, it may prove difficult to narrow down which computer (or computers) have been remotely exploited.

These days, many people rely on their security software to tell them if something is wrong and to also correct detected issues if necessary. Beyond that, they may be up a brown coloured waterway without any means of propulsion. Of course, people without the means to help themselves could call upon an appropriately skilled person to correct the issue.

That sounds all well and good but I fear that this will trigger a flood of “spyware specialists” in the market who will provide a poor level of service with little interest for anything apart from a quick buck. Computers are difficult enough for the average person in amongst updates, security, drivers and upgrades. Trying to suss out a worthwhile technician from a sub-standard one would be a hard ask in my opinion.

What I do firmly believe is that the only 100% effective solution to cure a zombie computer is to format and reinstall or restore from a known good backup. I won’t harp on about the importance of backups like I have in previous posts but they can and will save your bacon.

So will the code of practice work?

I guess that it might (and this is a big might) protect people on 200MB broadband plans from potential bill shock and perhaps identity theft if caught early but once the horse has bolted then all bets are off. I think people should be responsible for their computers on the Internet just like people are responsible for their cars on the road (it’s always the bombs that breakdown in the middle lane of a busy arterial in peak hour). I guess it comes down to education and discipline but with widespread computer use these days those things would be a tall order indeed.

1 ping

  1. […] Filed under Anti-malware, Antivirus, Security, Technology by Boydo This might polarise the audience a bit but I just wanted to expand on my thoughts in this earlier article. […]

Leave a Reply

Your email address will not be published.