Re: SearchSecurity: Badware versus malware

[Ben Laurie <benl () google com>]

On 8 May 2012 07:18, Gary McGraw <gem () cigital com> wrote:
> hi sc-l,
>
> What’s worse, bad software or malicious software?  In fact, what’s the difference?
>
> My second column for SearchSecurity is all about that.  Read it today.  And pass it on.
> http://searchsecurity.techtarget.com/opinion/Gary-McGraw-Eliminating-badware-addresses-malware-problem
>
> Bottom line: Talking about malware may be more fun and entertaining than talking about endless security bugs, but if 
> we’re going to combat malware we have to start with the badware vector.

Fixing badware universally would plug one hole - and it's certainly a
hole worth plugging. But it won't eliminate malware - it seems it is
not hard to persuade users to install it for you, for example.

> gem
>
> company www.cigital.com
> podcast www.cigital.com/silverbullet
> blog www.cigital.com/justiceleague
> book www.swsec.com
>
> _______________________________________________
> Secure Coding mailing list (SC-L) SC-L () securecoding org
> List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
> List charter available at - http://www.securecoding.org/list/charter.php
> SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
> as a free, non-commercial service to the software security community.
> Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
> _______________________________________________

_______________________________________________
Secure Coding mailing list (SC-L) SC-L () securecoding org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________