Came across a fascinating written piece today that in the words of its author, outlines a strong argument as to why those pesky botnets that are generally responsible for much the worlds spam, should be considered weapons of mass destruction (WMD). Yeah, I know what you must be thinking. Clearly this guy is off his rocker, right? At first, that was my thinking as well. But after I gave it a bit more thought, while referring to this problem as a WMD might be over the top, clearly it is more than a nuisance.

I tend to agree that we collectively, are not taking a strong enough stance against ISPs that allow this type of behavior and the means for punishing those that participate in using botnets is apparently, not severe enough based on the sheer number of people using them.

Now this is not to say that crappy operating system design has not done its part to make this entirely too easy over the years, but the fact is that it is those who are basically being treated like this is some kind of civil offense might potentially be putting us all at risk.

As far as the author’s statements regarding national infrastructure being at risk, I am not qualified to make a comment here. My understanding is that it is both a threat and no so much a threat as a lot of stuff is pretty well isolated while other stuff (banking), is not.

While I am not saying I agree with everything said in this piece, this one statement made the article for me, personally.

Individuals and businesses. Everyone who uses the Internet needs to understand that they have a civic duty to take reasonable care that their computers are reasonably secure from attack and infection. Any computers that become infected should be promptly cleaned or disconnected. To the extent feasible, forensic evidence should be made available to law enforcement.

I could not agree with that statement more or loudly enough. It’s like handing someone any weopon or tool. The user and the user alone, must take some level of responsibility. Otherwise, why the heck are we even bothering with stuff like driver licenses or tax courses. Let’s just toss everyone out into the world and let them fumbled around to see how it ends up. Works well in the computer world, does it not?