Here’s an article by Linda Musthaler on botnets that will change the way you think your secure from malware threats.
http://www.networkworld.com/newsletters/techexec/2009/080309bestpractices.html?page=1
While we think we are secure from malware with firewalls, antivirus programs, IPS we are not. For every action in trying to prevent malware, the malware creators will come up with a counter measure. Antivirus? the malware makers come up with way to turn it off. IPS? malware makers encrypt their traffic. No one clicks their malware links in Emails? they come up with driveby infection. Firewalls? Since firewalls allow all outbound traffic by default, all they need it to infect the system.
While we all love to surf the net and go to the millions of different web sites out there, what is on the horizon is cloud computing and controlling a users web experience. If the cloud computing providers have their way, users will no longer connect directly to the millions of web sites out there, they will simply connect to the cloud and be fed the content the cloud provides.
If we remember back in the early days of dialup access, we connected to providers like AOL, CompuServe or Prodigy and they provided the content. Well we are headed back in that direction with thin clients and cloud computing.
This will put a huge damper on malware, botnets, and spam because your thin client has no software that can be exploited or changed [think PROMs and flash memory]. If it’s unlocked or “jail broken” it can simply be denied access to the cloud.
While many might scoff at this idea, this is what IBM,Intel,Google,Microsoft,Cisco, are all heading towards by merging telecom and computers together.