all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

On the Insecurity of Software Bloat

Add to bookmarks
Feb. 15, 2024, 12:04 p.m. | Bruce Schneier

Schneier on Security www.schneier.com

Good essay on software bloat and the insecurities it causes.


The world ships too much code, most of it by third parties, sometimes unintended, most of it uninspected. Because of this, there is a huge attack surface full of mediocre code. Efforts are ongoing to improve the quality of code itself, but many exploits are due to logic fails, and less progress has been made scanning for those. Meanwhile, great strides could be made by paring down just how much …

attack attack surface cloud computing code cybersecurity exploits good insecurity quality ships software third third parties vulnerabilities world

Visit resource

More from www.schneier.com / Schneier on Security

Friday Squid Blogging: Searching for the Colossal Squid 1 day, 7 hours ago | www.schneier.com
blog blogging can cruise +7
Long Article on GM Spying on Its Cars’ Drivers 1 day, 17 hours ago | www.schneier.com
article cars companies data +10
The Rise of Large-Language-Model Optimization 2 days, 17 hours ago | www.schneier.com
artificial intelligence coming easy end +12
Dan Solove on Privacy Regulation 3 days, 17 hours ago | www.schneier.com
academic papers article consent dan +6
Microsoft and Security Incentives 4 days, 17 hours ago | www.schneier.com
capabilities companies cyber cybersecurity +16
Using Legitimate GitHub URLs for Malware 5 days, 13 hours ago | www.schneier.com
attack attacker attack vector can +25
Friday Squid Blogging: Squid Trackers 1 week, 1 day ago | www.schneier.com
article blog blogging can +13
Other Attempts to Take Over Open Source Projects 1 week, 2 days ago | www.schneier.com
action backdoors council discovery +16
Using AI-Generated Legislative Amendments as a Delaying Technique 1 week, 3 days ago | www.schneier.com
adoption a hacker's mind artificial intelligence bill +7

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Application Security Engineer - Enterprise Engineering

@ Meta | Bellevue, WA | Seattle, WA | New York City | Fremont, CA
View on infosec-jobs.com

Security Engineer

@ Retool | San Francisco, CA
View on infosec-jobs.com

Senior Product Security Analyst

@ Boeing | USA - Seattle, WA
View on infosec-jobs.com

Junior Governance, Risk and Compliance (GRC) and Operations Support Analyst

@ McKenzie Intelligence Services | United Kingdom - Remote
View on infosec-jobs.com

GRC Integrity Program Manager

@ Meta | Bellevue, WA | Menlo Park, CA | Washington, DC | New York City
View on infosec-jobs.com
View more jobs