A New Rating System Required?

| | Comments (1)

Check out Marketscore and New.net. Not a spectacular score, threat wise - there's plenty of things out there with a bigger, badder bite. Yet in some strange way, both of these two have been tangled up in the Julie Amero case (according to the details filtering out from the ongoing case, they were both present on the infected PC spawning the popups) and she faces anything up to forty years in jail because of some fairly generic, otherwise harmless porn adverts.

My question is, do we need to start applying a "real world" danger ranking to Adware and Spyware? And if so, what other possible score could we give than the equivalent of "10 - Extremely Dangerous"? If any and all Adware can now be used to lever a situation where someone could face jail time, what other response could we have?


I think the "real world" danger ranking is a great idea. If I look at the situation from a traditional infosec perspective (confidentiality, integrity, and availability), I would think that losing an employee for the duration of the sentence (or even the duration of the trial, for that matter) could potentially be viewed as a loss of availability of some potentially needed resources. What if it were the CEO of a large company? It seems to me that it's a real threat even if the actual system impact of the malicious software isn't significant.

Leave a comment

About this Entry

This page contains a single entry by Christopher Boyd published on March 1, 2007 7:02 AM.

False 'Friends' Prey On Social Networking Sites was the previous entry in this blog.

The Real World Impact of Virus Attacks is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.