I think the original analogy is very poor, personally. It implies that the responsibility shouldn't lay with the ISPs by comparing them with manufacturers of vehicles. ISPs are much more like the people who manage and regulate the roads and toll booths. Unlike card manufacturers with bad drivers, ISPs actually in an ideal position to effectively address the problems of infected computers. In addition, they provide the resources (which belong to the ISPs) that an infected computer requires in order to be a threat to the Internet at large (and thus other computers). It is the ISPs networks that they sell. And most ISPs actually have in their contracts with their customers (at least in the US) that their networks may not be used for crime, abuse, etc. So, the ISPs likely have legal standing already to enforce the issue.

Although, turning those users "off" without warning and giving alternatives is a bit extreme. It would be nicer (as I've seen with some ISPs in the US) if the user were notified that suspicious malware-related communication is coming from their Internet connection. And if not resolved after a notification or two, disable access until the problem is resolved. Again... it's the ISPs' networks that are also responsible for the problem... not just some end user's computer.

Yeah, one problem... Anti-virus is not terribly effective against a lot of the botnets out there! They update themselves more often than most A/V companies update their DATs. And many of them are managing to root-kit the system, so even if it's cleaned, hidden processes (even from the OS) just reinfect.

I work in security. I tracked down 2 systems just this week (a number of others I provided for the local sys admins to track down) that had spam malware (detected and tracked down through outbound traffic monitoring for a 15K+ employee network). One of the systems got a clean bill of health from McAfee... well, actually, it found malware, said it cleaned it, except for some running processes. So, reboot the system... all the malware came back. The system had a root kit that can really only be cleaned by a full re-install of the system (or an off-line boot CD that could possibly clean it if properly identified). And the user who didn't know better just assumed he was clean when the A/V software said he was, and that maybe he kept getting infected... but felt safe because the McAfee "status bar" was green.

So... while it sounds like a neat theory, I am highly skeptical of it being fully successful. It would reduce things greatly to ensure people are running A/V. Although, it also forces people to run A/V, and probably only "supported vendors".... i.e. pay someone to scan your system if you want to use the Internet, in addition to you Internet access fees. Not sure how I feel about the power posturing and shifts in this scenario.

I agree that it raises question as to why one should use them, but "down time" is not the biggest threat out there, if you wanna talk loss/cost. While one's time is valuable, I'm thinking that their bank account information, passwords, etc, might be slightly more valuable to them. Personally, I think good secure end-user practices is the best protection, I do think that a good A/V program is needed.

So, while there is malware out there that is less harmful, more of the malware out there is much MORE harmful... if you disagree, please provide your financial account information, or contact me to transfer all funds to a secured off-shore account... maybe buy me a new car too! ;-)

But seriously... this is really bad, and REALLY stupid. But having no protection for most users risks damaging them in ways worse than a few hours of time to manually fix their issue. And from a corporate perspective, loss of sensitive information is a BIG deal and can cost a LOT more. And that's just talking about data loss. Being part of a botnet to help facilitate financial fraud and other badness... that's also double plus ungood... and irresponsible to not take measures to help keep your computer from playing a part in those crimes.

Anyway... I agree it raises question... but there more downside to malware than just downtime.