On 8 May 2012 07:18, Gary McGraw <g...@cigital.com> wrote: > hi sc-l, > > What’s worse, bad software or malicious software? In fact, what’s the > difference? > > My second column for SearchSecurity is all about that. Read it today. And > pass it on. > http://searchsecurity.techtarget.com/opinion/Gary-McGraw-Eliminating-badware-addresses-malware-problem > > Bottom line: Talking about malware may be more fun and entertaining than > talking about endless security bugs, but if we’re going to combat malware we > have to start with the badware vector.
Fixing badware universally would plug one hole - and it's certainly a hole worth plugging. But it won't eliminate malware - it seems it is not hard to persuade users to install it for you, for example. > > gem > > company www.cigital.com > podcast www.cigital.com/silverbullet > blog www.cigital.com/justiceleague > book www.swsec.com > > _______________________________________________ > Secure Coding mailing list (SC-L) SC-L@securecoding.org > List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l > List charter available at - http://www.securecoding.org/list/charter.php > SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) > as a free, non-commercial service to the software security community. > Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates > _______________________________________________ _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
