Jul 6, 2011

Malware are Market Drivers

This 6-page PDF, Ten Myths for Safe Web Browsing sophos-myths-for-safe-web-browsing-wpna.pdf cites data from 2008 about how malware can hitch rides on web page content and browser plug-ins into your computer (or mobile device). I have a few maybe grasping at straws hopes:

1. Browsers have been updated a zillion times since 2008 so might have gotten smarter against malware.
2. Ditto for plugs-ins and extensions such as ActiveX, Flash, Acrobat.
3. With HTML5, maybe plug-ins will be a thing of the past.
4. The software of your browsing platform should have gotten smarter too.
5. Ditto for 'local' security software, cleaning apps and operating systems.

What's this got to do with marketing?

Evil-doers such as malware writers are market drivers. They are getting smarter too so their products create demand for new browsers, operating systems, plug-ins, and (surprise, surprise) demand for new security applications. Software standards like HTML5 help to vitiate vulnerability from plug-ins. No doubt cloud-based security products are enjoying strong growth.

Neglecting the allure of maliciousness for its own sake and the two other motivators of malware (see footnote)*, I believe the commercial disseminators of malware are motivated by advertising and industrial espionage. There is real business value in infecting users' platforms. Malware can commit fraud by re-directing users to click-throughs. Pay Per Click advertisers pay for 'fake' clicks generated by malware. Is it too paranoid to suspect manufacturers of platforms and system software of using malware to build-in obsolescence or to covertly co-market with publishers of security or performance acceleration software?

At the end of this white paper is an ad for Sophos' 'end point security solution.' The fact that the authors point out these ten vulnerabilities ought to signal that their product protects against those malware entry points, but marketing pieces may not always comply with 'the truth, the whole truth...'
*Malware allow evil players to use your computer to do their deeds without your knowledge. Another high-value motivation for malware infection is theft of credentials and/or data.

No comments:

Post a Comment