Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Computer Viruses and Other Malicious Software", Organization for Economic Co-operation and Development

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Han
    BKCVAOMS.RVW 20100607 Computer Viruses and Other Malicious Software , Organization for Economic Co-operation and Development, 2009, 978-92-64-05650-3 %A
    Message 1 of 1 , Jan 11, 2011
    • 0 Attachment
      BKCVAOMS.RVW 20100607

      "Computer Viruses and Other Malicious Software", Organization for
      Economic Co-operation and Development, 2009, 978-92-64-05650-3
      %A Organization for Economic Co-operation and Development
      %C 2 rue Andre Pascal, 75775 Paris Cedex 16, France
      %D 2009
      %G 978-92-64-05650-3 92-64-05650-5
      %I OECD Publishing
      %O oecdna@... sourceoecd@...
      %O http://www.amazon.com/exec/obidos/ASIN/9264056505/robsladesinterne
      %O http://www.amazon.ca/exec/obidos/ASIN/9264056505/robsladesin03-20
      %O Audience i- Tech 1 Writing 1 (see revfaq.htm for explanation)
      %P 244 p.
      %T "Computer Viruses and Other Malicious Software"

      The executive summary doesn't tell us much except that malware is bad,
      and that this report is seen as a first step in addressing the issue
      in a global, comprehensive manner.

      Part one, entitled "The Scope of Malware," is intended to provide
      background to the problem. Chapter one, as an overview, is a random
      collection of technical issues, with poor explanations. Although it
      is good to see that the malware situation is defined in terms that are
      more up-to-date than those in all too many security texts, the lack of
      foundational material provided by the authors will necessarily limit
      the perception of the issue for those readers who have not done
      serious research themselves. Various stories of attacks and payloads
      (not all related to malware) are listed in an equally disjointed
      manner in chapter two. There are numerous errors, including in simple
      aspects like arithmetic. (20 million is not "5 times" one million.)
      The explanation of why we should be concerned, in chapter three, boils
      down to the fact that the net is important, and malware imposes costs.

      Part two turns to the economics of malware. Chapter four, while it
      promises to deal with cybersecurity and economic incentives, merely
      states that security is hard. Chapter five does deal with economic
      factors influencing decisions of key players on the Internet, but does
      so only on the basis of an opinion survey, rather than any measured
      costs or benefits. Descriptions of different types of economic
      situations are given in chapter six, but a final set of "findings"
      doesn't seem to have much background support.

      Part three is supposed to contain recommendations about actions to
      take, or policies to follow, to address the malware issue.

      Unfortunately, this work does not have sufficient technical depth on
      areas of malware to contribute to the literature. The concept of
      addressing the economic aspects is interesting, but is not
      sufficiently fulfilled. Overall, this text has nothing to add to
      existing information.

      copyright, Robert M. Slade 2010 BKCVAOMS.RVW 20100607

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      The nice thing about standards is that you have so many to choose
      from. Furthermore, if you do not like any of them, you can just
      wait for next year's model. - Andrew S. Tanenbaum
      victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html
      http://www.infosecbc.org/links http://twitter.com/rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.