Warning: My answers are the simple answers of a person who is merely a computer user...not a technician, not a programmer, not an IT professional.
<<Why can't users control what port or posts any program uses?>>
You make it seem so simple...like blocking a door on a house. But we are talking about communication involving electronics, sophisticated hardware, and intricate programming capabilities on a grand scale...and totally discounting the human factor, which historically has been proven to be the weakest link of all in any attempt at computer security (IMO).
As for port control as a solution...I suspect that most malware comes in the front door, does not require a back door.
<<Why can't any outgoing communication be required to get approval by the computer user, at least on the first occurrence, And likewise with incoming?>>
When any user intentionally or unintentionally installs any software...he/she IS giving tacit approval to any number of actions. Most users don't seem to bother to even review the default options of any software which is installed...which makes it incredibly easy for malware to infect the system and manipulate it.
To further complicate matters...persons who develop/implement malware...are smarter than the average user. These miscreants take advantage of the basic laziness and lack of interest...combine that with programming capabilities beyond the understanding of the average user...and you have the current state of malware infestations which we see evidence of daily.
You seem to want to believe that it's a simple problem with simple answers/solutions...it's not. But an interested user can take certain steps to protect/safeguard the integrity of her/his own system...if he/she desires to do so.
I repeat...I'm no "expert" of any sort when it comes to computing...just a user who's been playing around with computers for a mere 14 years now. I've learned some things, many of them the hard way...but learning was my intent and I've always realized that there are no easy answers...when attempting to deal with situations involving sophisticated electronics, sophisticated machines, and very sophisticated software. Add to this the fact that misguided individuals think it fun to ruin the peace/tranquility of as many computer users as possible...and you have to realize that there never will be simple answers to complex situations.
But...it all starts (and sometimes ends) with the user/operator, IMO. He/she is the person who opens the door.
Edited by hamluis, 02 November 2010 - 06:27 PM.