US and Australia in talks over cyber-quarantine

The US government is considering emulating an Australian program that allows internet service providers to alert customers who have fallen victim to spambots.

The scheme, due to go into effect in Australia in December, also permits them in theory to restrict outbound email and halt internet access for infected PCs while the problem is fixed, effectively quarantining machines.

White House cybercoordinator Howard Schmidt confirmed to AP that talks were taking place.

“Without security you have no privacy. And many of us that care deeply about our privacy look to make sure our systems are secure,” he said, adding that internet service providers could help “make sure our systems are cleaned up if they’re infected and keep them clean.”

The scheme echoes a recent proposal from Microsoft VP for trustworthy computing Scott Charney, who recently suggested that infected machines should be thrown off the internet.

But Schmidt said that this idea would be technically difficult and would receive a lot of opposition. While few customers would object to being alerted by their provider if their machine is taken over by a botnet, it’s hard to believe that many would want to give their ISP the power to cut them off if an attack was detected.

Comcast has already held a pilot program in Denver to alert customers who fall victim to botnets, and says it’s planning a national rollout.