all InfoSec news
On the Insecurity of Software Bloat
Schneier on Security www.schneier.com
Good essay on software bloat and the insecurities it causes.
The world ships too much code, most of it by third parties, sometimes unintended, most of it uninspected. Because of this, there is a huge attack surface full of mediocre code. Efforts are ongoing to improve the quality of code itself, but many exploits are due to logic fails, and less progress has been made scanning for those. Meanwhile, great strides could be made by paring down just how much …
attack attack surface cloud computing code cybersecurity exploits good insecurity quality ships software third third parties vulnerabilities world