Germany pays to fix Microsoft users' computers

The German government has allocated a secret budget to fund call-centers to help Windows users whose PCs are infected with malware. Microsoft's support costs are thus being borne at taxpayer expense.

I can understand why a government would want to create anti-malware programs. After all, malware's costs could easily exceed the cost of this program (think of the social cost of identity theft).

But the state could intervene in other ways. For example, it could establish penalties for software vendors whose users have their identities stolen, where those vendors don't offer this kind of service, forcing companies to internalize the cost of the security vulnerabilities they're responsible for.

Yes, it's not clean-cut (who's responsible for the recent SSL bug -- the OS vendors? The free software project?) and how it would apply to a free software project like GNU/Linux is unclear. But surely there's a more equitable solution than simply offloading the expense of cleaning up software vendors' messes on the taxpayer.

This approach raises a number of concerns. First, it leaves the software manufacturers out of the equation. Therefore, there will be little incentive to write secure code, as the cost of additional support will be passed (at least partly) to the government. Second, it also discourages the users from switching to more secure products. Both aspects can be interpreted as a direct subsidy for Microsoft. The timing of the initiative could also not be better: last week Microsoft's Internet Explorer, the attack vector number one, lost its leadership in Germany to rival Firefox. Additionally, the plan establishes questionable practices for IT security. Malware infections are seen as something inevitable, which is definitely not the case.
Microsoft to Get Malware Bailout in Germany (via /.)

(Image: Screenshot Test, a Creative Commons Attribution photo from yahnyinlondon's photostream)