Dec 09, 2011

How do you feel about Microsoft's remote kill switch for Windows 8? Is it a legitimate security measure or overreach?

Apparently MS is enabling a "kill switch" to enable them to remotely remove apps from your machine, with the added effect that any data generated by the app may disappear as well. I understand the idea that Microsoft could provide an important service by removing malware, but I'm not sure I am comfortable with Microsoft being able to delete my data remotely whenever they wish, even if it is related to a security concern. I can help but think that it will be just as likely that apps get zapped for reasons other than security. Is this the future of security or is Microsoft going a step too far with this?

The real issue here is that a lot of people simply don't trust Microsoft. Is it fair or justified? Well, given the company's past behavior I'd say yes. Microsoft has nobody to blame but themselves for this, distrust and suspicion are rooted in the history of that company.

If it really bothers you though, perhaps it's time to consider a switch to Linux? Go to http://distrowatch.com and you can find lots of distros to choose from if you want to make the switch. Linux has a lot to offer and Windows 8 might be the straw that broke the camel's back for a lot of people.

Google has a kill switch, and has used it in the past a few times without much if any complaint.  Apple has one in iOS, but to the best of my knowledge it has never been utilized.  The underlying idea of being able to kill apps that are malware in disguise is a valid and potentially valuable capability.  Think about how many people there are out there that do not take even the most basic precautions against viruses/malware.  Some people don't run any anti-virus/malware software at all, and there is also a significant number of people who never even update their OS, thus leaving them unnecessarily vulnerable.  So in that it could protect people against their own sloth, I think a remote kill switch could be a good thing.


However, there is no certainty that Microsoft is going to use it in a purely protective manner.  What happens if there is a dispute between Microsoft and an application developer, unrelated to security, and Microsoft decides to use their power to simply remove the application, along with associated data, from every machine in the World that is running Windows 8?  I do not like the thought of that at all.       


So in the end, I am rather conflicted about the clear benefits that could be provided by Microsoft having a remote kill switch for malware versus the requirement that I surrender control over my own machine to Microsoft and trust in the good will and judgment of the company.  That latter concern leaves me quite vexed, to be honest.  

Answer this