Just when you think you’ve heard everything, something new arrives (update 2010/10/07: actually, S. Charney just did it again).

Two years ago, we heard that half a million computers are infected with malicious bots every day (a “bot” is a software program that enters your computer from the Internet or inside infected files, then runs in the background to steal your data, send spam or wreak havoc in some other way).

This is a huge problem both because we depend on digital data in too many ways to explain them here (but you may read about them in the Open Government Book and because of environmental reasons. According to a McAfee report published in May 2009 the amount of energy used every year to transmit, process and filter spam would be enough to power 2.4 million homes, with the same Greenhouse Gas emissions as 3.1 million passenger cars.

On March 2nd, 2010, Microsoft Corporate Vice President for Trustworthy Computing Scott Charney spoke at a computer security conference about this very theme, that is how to fight the damages caused by computers infected by bots (or “malware”).

According to the summary published on ComputerWorld, Mr Charney started correctly. He pointed out that, just as there are quarantine programs for people with infective diseases, the same thing should happen with people who have computers infected by malware but, for any reasons, won’t fix them up as soon as possible: such people should not allowed to go online until their computer is clean and safe.

Now, this is a valid concept, and isn’t even a new one. A 2009 Guardian article, for example, correctly said that going online with unpatched software is just like “driving your car when you need new tyres: you’re a hazard to yourself and to everyone else on the roads”.

The problem, as always, is money: finding which customers have infected computers is expensive for Internet Service Providers (ISPs), and helping those customers to fix their computers is much more expensive. Unfortunately, Mr Charney’s answer to the question “where do we find that money” was so… er, brilliant, that it’s hard to believe:

“You could say it’s a public safety issue and do it with general taxation”

Yes, that’s just what Mr Charney said, according to ComputerWorld! Can you believe it? We keep reading titles like “Another day, another Internet Explorer security hole” or “Windows security is awful” (and these are just the two most recent stories I could find with a 20 seconds Internet search) and we know that almost all desktop computers still run Windows. Considering this, it’s really hard to disagree with the first comment posted on ComputerWorld (but the others too are worth a read!):

“So Microsoft wants to go on the government dole and compel ME to pay for THEIR incompetence? Pass… Let them clean their own mess”

The proposal to cut Internet access to computers that send spam or run other forms of malware makes a lot of sense and costs much less than fixing those computers: services like Spamhaus already run such checks all the time, so let’s go for it (just avoid dumb errors like this, please.

But saying that any “repair” cost after that should be paid through general taxation is just absurd! It’s just like saying that, since one of the reasons we all (rightly) pay policemen is to stop people who drive with unsecure tyres or brakes, we should also share the costs of replacing those tyres or brakes! Or that people should pay extra taxes to help Toyota fix their gas pedals! Uh??? Are we kidding or what???

Sorry, but no. If your home computer makes a mess online, only your own money should fix it. Especially because this is a much, much simpler work than fixing a car and won’t cost you any of your money, only some of your time and interest. Please replace Windows with Gnu/Linux, an operating system that has much, much less security problems than Windows and also exists in flavours like Ubuntu that are very easy to use for beginners. Please do it before other taxpayers get mad at you.