No *hit sherlock

Status
Not open for further replies.

Osiris

Golden Master
Messages
36,817
Location
Kentucky
Open source blamed for malware development

Why in the **** do software vendors post the **** code??? And they wonder why there are so many exploits, its there own **** fault. Ostensibly, this openness to criticism and analysis
provides some Darwinian selection against weaknesses in any design. <-- That is very true


Malware authors are adopting open source development models to develop more potent threats. It's well known among security experts that botnet clients such as SDBot are written in a modular framework that allows hackers to add features that, for example, facilitate its spread through IM networks or add more potent attack features.

But open source development models are also playing a role in Windows rootkit development, according to a recently published study by net security firm McAfee. It says that open source principles, as practiced in the malware-writing community, are affecting the evolution of threats a phenomenon it describes as "good intentions gone awry".

The first edition of McAfee's Global Threat Report also looks at how the introduction of financial incentives to malware development has spawned more potent spyware and Trojan threats.

McAfee has a strong case when it argues that the chance to make money has fostered "more professional" malware development. However, it is on rockier ground with its contention that open source development is increasing the potency of malware threats. Aside from the obvious point that malware remains a largely Windows-only phenomenon, improved education or better software development tools could be just as much to blame.

Since McAfee didn't blame Visual Basic for the creation of Visual Basic threats, such as the infamous Anna Kournikova worm, it's hardly in the position to point the finger at open source development models.

But that's our take. Readers are invited to make up their own mind by reviewing McAfee's Global Threat Report themselves, which is available here (registration required).
 
LOL... I really wonder what they were thinking.


We open our code for people to use, and now people are exploiting it... OMG! :cries:
 
... good point, lets jsut hope that most of those exploits are fixed before they are exposed in a negitave environment.


and this is why we need a rant section :p
 
This is probably the main reason MS doesn't have any open source software, if it was open source, there'd be more holes than wat is known already!
 
IBMan said:
This is probably the main reason MS doesn't have any open source software, if it was open source, there'd be more holes than wat is known already!

Well, M$ did open CodePlex though... Close enough I guess.
 
The best of the open source programs don't require high security anyway. Open source development allows for a lot more advanced programs to be made with relatively little expense, but antivirus, firewall or similar things don't belong in that catagory. And yeah, there's no reason to be surprised.
 
Status
Not open for further replies.
Back
Top Bottom