Part 3: Badware and our normal life

Site Announcements
Locked
Pietry
Senior Member
Posts: 328
Joined: 04 Dec 2007, 07:25
Location: Bucharest
Contact:

Part 3: Badware and our normal life

Post by Pietry » 21 Jul 2009, 08:49

Here is the 3rd part of ADCPortals Article Series

Today's topic is badware. What is badware?
According to Stop Badware and Wikipedia, badware is a piece of software that has at least one of the following minuses:
  • The application acts deceptively or irreversibly.
  • If the application engages in potentially objectionable behavior without first, prominently disclosing to the user that it will engage in such behavior, in clear and non-technical language, and then, obtaining the user's affirmative consent to that aspect of the application.
However, my personal opinion is that badware is more than that. In the terms of open source community, badware might be something that is no longer updated. In this case, the software was goodware at some point in history, but things in the industry change very fast. A piece of software that was secure and fine today might be badware tomorrow.

Programs are not perfect, they all have security holes. The most important part about this part is that a current developer checks out periodically for security reports. Thus, one can fix the problems as they show up and release new versions or patches that solve the problem. In the badware case, either the developer does not want to update the product, or he can't. Abandonware is also a part of badware, it's an obsolete piece of software. People should always be informed about how the product they use is being developed, how old their current version is and if there is a new version available.

The general advice is UPDATE ! In open source community this does not imply anything hard on the user part. It only takes a few minutes of your life, and you don't do it every day. The developers always try to get better and better software for you, so in general a newer version is better. It is possible for a new version to have more bugs but be sure that they will solve it eventually and release a new one very soon.

Badware and abandonware can result in serious problems on your computer, it might have known holes that have not been patched and can result in people intruding in your personal stuff, steal accounts or more. Make sure that the programs you use are still being updated.

In the DC network, there are pieces of software that are very good but no longer under active development. Aquila is a good example. The only solution for this kind of products is taking over by somebody else ( open source community of course ). My project is also no longer developed (DSHub), mostly because of the lack of personal motivation, time and satisfaction. I still hope that somebody might take over, until then I suggest everybody wanting to use to try some newer software that is being updated more often. Another example of non-intentional badware is AML, because at the current moment innocent users are being kicked out, as a result of the list being not updated. This way, new clients are practically banned by the operators using the old AML. Although the idea behind AML is very good, it's practically a stop sign for the spreading of the new clients.

Usage of old software made possible the CTM attacks in the network. Using this, attackers could exploit hubs that were not updated to the latest version released by the developer. According to the definition, badware is a program that does something without user knowing it or it's consent. An example can be the option to not protect against CTM impersonation. Some general idea that is going around software issues, is that the user should not be put in the position to decide too much, but rather take the best decision for them. This is somehow in contrast with the definition but I think everything should be balanced: leave the user to decide but do not give the user the power to affect others or use the software for malevolent purposes.

I hope this article got you a general idea about what badware means and how you interact with it, and of course how to cope with it.
Just someone

Aqualung
Newbie
Posts: 8
Joined: 20 Feb 2008, 20:06

Re: Part 3: Badware and our normal life

Post by Aqualung » 21 Jul 2009, 10:50

Excellent article and points well made.

Pietry
Senior Member
Posts: 328
Joined: 04 Dec 2007, 07:25
Location: Bucharest
Contact:

Re: Part 3: Badware and our normal life

Post by Pietry » 21 Jul 2009, 11:06

Thanks, hope that people read it and makes them think a little about it.
Just someone

Locked