OWASP Has started month awareness proble/solution see updated: http://www.owasp.com
Point you ask...... As a united community we raise visibility for the problem that results in a ecosystem - lets make noise about it together, monthly and globally from the builder / breaker & defender perspectives On May 11, 2012, at 3:39 PM, Ben Laurie <b...@google.com> wrote: > On 11 May 2012 20:07, Gary McGraw <g...@cigital.com> wrote: >> The article does not suggest otherwise. > > Well, it certainly does _suggest_ it: "All of the things that we do to > improve software security are aimed explicitly at the badware > problem." > > It doesn't say it, though, I agree. > >> >> gem >> >> On 5/11/12 1:51 PM, "Ben Laurie" <b...@google.com> wrote: >> >>> On 8 May 2012 07:18, Gary McGraw <g...@cigital.com> wrote: >>>> hi sc-l, >>>> >>>> What¹s worse, bad software or malicious software? In fact, what¹s the >>>> difference? >>>> >>>> My second column for SearchSecurity is all about that. Read it today. >>>> And pass it on. >>>> >>>> http://searchsecurity.techtarget.com/opinion/Gary-McGraw-Eliminating-badw >>>> are-addresses-malware-problem >>>> >>>> Bottom line: Talking about malware may be more fun and entertaining >>>> than talking about endless security bugs, but if we¹re going to combat >>>> malware we have to start with the badware vector. >>> >>> Fixing badware universally would plug one hole - and it's certainly a >>> hole worth plugging. But it won't eliminate malware - it seems it is >>> not hard to persuade users to install it for you, for example. >>> >>>> >>>> gem >>>> >>>> company www.cigital.com >>>> podcast www.cigital.com/silverbullet >>>> blog www.cigital.com/justiceleague >>>> book www.swsec.com >>>> >>>> _______________________________________________ >>>> Secure Coding mailing list (SC-L) SC-L@securecoding.org >>>> List information, subscriptions, etc - >>>> http://krvw.com/mailman/listinfo/sc-l >>>> List charter available at - http://www.securecoding.org/list/charter.php >>>> SC-L is hosted and moderated by KRvW Associates, LLC >>>> (http://www.KRvW.com) >>>> as a free, non-commercial service to the software security community. >>>> Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates >>>> _______________________________________________ >> > > _______________________________________________ > Secure Coding mailing list (SC-L) SC-L@securecoding.org > List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l > List charter available at - http://www.securecoding.org/list/charter.php > SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) > as a free, non-commercial service to the software security community. > Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates > _______________________________________________ _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
