Putting Internet service providers in charge of quarantining computers infected by worms or viruses--an idea proposed recently by Microsoft's (NASDAQ: MSFT) Scott Charney--makes sense in theory, but in practice it presents both technical and social problems. Security expert Bruce Schneier spells out a series of challenges with applying a public health model of quarantining to computers, in a post at Forbes.

The notion of testing computers for proper security before allowing them on networks is already in play on a smaller scale at universities and corporations, Schneier writes. There are tools being used to make sure that a device's patches are current and its malware protection is up to snuff before giving it access to a private network.

Implementing this model on a large scale, however, would require several factors that make the quarantine of human disease effective, in Schneier's view. First, whatever is going to be quarantined must be detectable and recognized easily. If we don't recognize the signs of a disease--or if our anti-malware products don't recognize a computer virus--we can't really use the model of a quarantine to combat it.

Second, the isolation must be efficient. The computer quarantines that have worked have done so because the users don't know how to break out of them and it's easier for them to update their software and get back on the network properly. "The leper colonies on Molokai and Spinalonga both worked because it was hard for the quarantined to leave," Schneier writes. "Quarantined medieval cities worked less well because it was too easy to leave, or--when the diseases spread via rats or mosquitoes--because the quarantine was targeted at the wrong thing."

Third, a quarantine won't work if a majority of the population is infected. And fourth, the value of the quarantine has to be worth the considerable costs. "If we tried to implement Internet-wide--or even countrywide--quarantining, worm-writers would start building in ways to break the quarantine," Schneier writes. "So instead of nontechnical users not bothering to break quarantines because they don't know how, we'd have technically sophisticated virus-writers trying to break quarantines."

For more:
- see Bruce Schneier's post at Forbes

Related Articles:
Microsoft proposes public health approach to curb botnets
How the Stuxnet worm works
Symantec: Retailers hit hard by malicious email
Crackdown on Zeus banking scam unearths massive cybercrime outfit