At the fourth German IT summit last week, the German government announced plans to help its citizens detect and eliminate malware from their computers. This will be done in conjunction with ISPs who will listen for communication with botnet controllers, directing users instead to a website that offers advice on how to remove them. A call center manned by 40 employees will assist users who are unable to follow the instructions on the site.

When quizzed, Microsoft responded to Ars Technica that "Because no single company can win the battle against cybercriminals...we welcome any engagement of German authorities to effectively support their citizens in regards of computer security."

Reducing the number of botnets and malware infested workstations is certainly a noble and desirable goal. On the other hand, detractors argue that such moves reduces the incentive for companies to actually make their software secure in the first place.  While no funding details were announced, they argue that the infusion of taxpayers' money represents a delegation of Microsoft's responsibility as a commercial entity.

Personally, my concerns have to do with the nature of "directing" users suspected of being infected toward a website designed to help them.  In such a large undertaking, it would be unrealistic not to expect a certain amount of false positives to occur, which will surely lead to frustration and interruption.

I wrote more on this in today's commentary here; do check it out.

For more on this story:
- check out this article at Ars Technica