Sunday, August 17, 2008

terminology rant

remember me saying the word infect (and it's derivatives) was overused/misused? probably you don't, this blog had a lot fewer readers back then...

but infect is still being overused and here's an example... describing the deployment of a drive-by download attack as putting up an infected website... viruses are what infect things but viruses only infect programs (or computers in the case of the subset known as worms)... websites aren't programs (though they may contain one or more of them in the form of scripts/flash/etc) and what gets put on them for drive-by downloads are generally not viruses but rather some non-viral form of malware...

misusing the term 'infect' like this reminds us that collectively we still haven't gotten over calling all malware a virus, and i think by now we've all realized that such imprecise thinking/communicating only leads to ambiguity and confusion...

so, like i did when i suggested an alternate term for when a computer has non-viral malware, i'm going to suggest a term (2 actually) for the websites used in drive-by downloads... the first should be rather obvious, when the entire website itself is put up by the blackhat then it's a malicious site - no need to mince words, the site attacks visitors in one way or another so it's malicious... the other comes about because sometimes the malicious content is on what is otherwise a completely legitimate site like yahoo or cnn or the superbowl... we can't exactly call those malicious sites, however we can call them tainted sites (maybe even poisoned sites for those who prefer more pejorative terms)...

0 comments: