Talk:Malware

From Wikipedia, the free encyclopedia

This article is part of WikiProject Malware, an attempt to better organise information in articles related to Malware. If you would like to participate, you can edit the article attached to this page, or visit the project page, where you can join the project and/or contribute to the discussion.

This article has been cited as a source by a media outlet. See the 2004 press source article for details.

"Survive and recover from malware with Spybot and Ad-aware." (August 3, 2004). TechRepublic. [1].

"Viruses work and spread (within the infected system) by attaching themselves to other pieces of software (...)"

This sentence is used in the article to give a definition of computer virus. Although I think it's pretty reasonable, I don't think that this definition is completely correct. The problem, in my opinion, is the word attaching. Some viruses do not attach their code to a host program, but simply overwrite executable files (e.g. the Trivial family on the DOS platform, some bootsector-viruses). Other viruses do not write to program files of software at all, but 'infect' executable files by manipulating non-executable structures (e.g. FAT-Infectors such as Dir-II, Companion viruses in MS-DOS).

So, I think it would be more accurate to say that "A computer virus spreads by means of hosts, which typically are executable files that are a part of legitimate software. Some viruses use other types of hosts: for example, macro viruses attach themselves to documents and bootsector viruses use boot sectors of computer media. Normally, a virus attaches itself to other software in a way that ensures the virus is executed first. "Sietse 21:46, 15 Sep 2004 (UTC)

I have rewritten the paragraph about viruses in the light of your comments. I take a "virus" to mean any code that infects other executable code — a boot sector is executable code. —FOo 22:43, 15 Sep 2004 (UTC)

Thanks, that looks better to me. I have also added some other criteria to the definitions . Sietse 11:07, 16 Sep 2004 (UTC)

1 Reorganization Reverted
2 Portmanteau
3 Overuse of the term "virus"
4 Phishing
5 Directory Harvest Attacks
6 Types of malware: How spread and effect
7 URL Injection / Stealware
8 Confusion regarding URL Injection/ Stealware???
9 Rootkit - Not malware
10 Rootkit - control not needed
11 Spyware - Malware?
12 TASHKENT
13 Bad site
14 A correction regarding virus detection
15 Etymology
16 POV
17 badware, malware called "virus" by most normal users
18 A Different Type

[edit] Reorganization Reverted

On November 1, it seemed as if the Malware article was reorganized. I have reverted the article to the previous organization. Please add additional sections to the article for your contributions. The structure as it is right now is fine the way it is. Hfguide 13:30, 3 November 2005 (UTC)

[edit] Portmanteau

Malware (a portmanteau of "malicious software")... this is not. According to [1] (in dictionary.com [2]), Mal in english is a prefix meaning Bad. Malicious is not the source. I suggest changing it.

The American Heritage® Dictionary of the English Language, Fourth Edition
http://dictionary.reference.com/search?q=mal

I'm not so sure. The fact that a string of letters can be a prefix does not mean that it is always being used as a prefix when it occurs at the start of a word. For instance, ant- is a prefix meaning "opposed", as in antonym or antithesis. However, it is not a prefix in antenna or anthrax. An antenna is not opposed to an enna. ☺

My searches suggest that the word "malware" is generally understood to be a contraction (or "portmanteau word" — Lewis Carroll's expression for a playful contraction of words) of "malicious software". See, e.g., Google define:malware or Google:malware malicious.

Moreover, as a prefix, mal- does not mean "malicious"; as you note, it simply means "bad". However, the term "malware" is not used to mean "bad software" — that is, software of poor quality, or things that are not good at being software. It is used, rather, to mean software that is written or released with the intent to cause harm. This, too, suggests that the etymology is from "malicious software" and is a portmanteau.

The portmanteau formation in -ware to refer to categories of software is very common. Consider shareware (shareable software), adware (advertisement software), or shovelware (shoveled software — a '90s term for the obligatory heap of poor-quality shareware bundled with some computers and products). —FOo 00:07, 27 Oct 2004 (UTC)

While "mal-" does simply mean "bad" or "evil" and not specifically "malicious," I think it is the more likely etymology; so does my etymology geek dad. The words malefactor, malevolent, and malignant are all as relevant as "malicious;" the common theme here is "mal-". I have changed the article. !melquiades 00:13, 26 March 2006 (UTC)

What you or your dad consider likely should not be the basis of an encyclopedia article! It's very bad for Wikipedia that "this article has been cited as a source or otherwise recommended by the mainstream press." Who knows how far the etymological nonsense and this Wikipedia error has spread. I wasn't able to find any mention of it at Wikipedia:Wikipedia as a press source.

And if your dad were more than one of millions of etymology buffs, most of whom produce and reiterate many folk etymologies, he would have provided some proof for his opinion. Etymology is an exact science, not normally a matter of opinions or likelihood, although these are also often necessary due to lack of historical records. In the case of a modern term, especially a technical one, it is usually much easier to find a record of its use, even first use, because the written words of most geeks are recorded electronically. Your naive claims contradict everything i have ever seen on this topic in any reputable source. Here are some samples:

http://www.wordspy.com/words/malware.asp Earliest Citation: Computer viruses that attack IBM PCs and compatibles are nearing a milestone of sorts. Within the next few months, the list of viruses will top 1,000, according to Klaus Brunnstein, a noted German computer virus expert. He has published a list of known malicious software for MS-DOS systems that includes 979 viruses and 19 trojans. In all, there are 998 pieces of "malware," Brunnstein said. —"Inside lines," ComputerWorld, July 29, 1991

http://dictionary.reference.com/search?q=malware&r=66 software, such as viruses, intended to damage or disable a computer system; short for malicious software; also written mal-ware Etymology: 1998-2003 Webster's New Millennium™ Dictionary of English, Preview Edition (v 0.9.6) Copyright © 2003-2005 Lexico Publishing Group, LLC

http://en.wiktionary.org/wiki/malware Blend of malicious and software

http://www.netlingo.com/lookup.cfm?term=malware http://www.pcwebopaedia.com/TERM/M/malware.html http://whatis.techtarget.com/wsearchResults/1,290214,sid9,00.html?query=malware http://www.geocities.com/ikind_babel/babel/babel.html#M --Espoo 16:50, 24 September 2006 (UTC)

This article has been cited as a source or otherwise recommended by the mainstream press. See Wikipedia:Wikipedia as a press source for details.

[edit] Overuse of the term "virus"

Referring to the section "overuse of the term 'virus'", it's worse than you think. I've even seen people use "virus" to refer to accidental ill effects, such as the Y2K bug, which was called the "Y2K virus" in Finnish media.

Worse - I've heard the term "trojan horse virus" being used recently, most notably in an ISP TV ad. That bugs me (no pun intended) since by definition, something can't be a trojan horse and a virus at the same time. A trojan can be a dropper for viruses though.

I also saw an article on the malware that spreads via emails with a Michael Jackson subject, that used the words spam, trojan horse, virus, and malware, and only malware was used correctly. oh well.

Mike 04:33, Jun 14, 2005 (UTC)

WAIT. I am not convinced that it is an overusage of the term Virus to have it refer to Viruses, Trojan horses, malware (an admittedly inverted subclassification), worms, etc. I believe that the common usage of the term allows it as an umbrella term for all malware. Specifically: the term Malware itself is not in the common dialect AFAICT. It might be an unfortunate assumption within this article that such common usage is limited to the common usage of [we] engineers, and it absolutely should not. - Thomas G. Marshall

[edit] Phishing

Does Phising fall under this?--Jondel 08:52, 31 Mar 2005 (UTC)

Phishing is a form of fraud. It does not involve getting any software installed upon the victim's computer, so it is not malware. --FOo 15:27, 31 Mar 2005 (UTC)

What about changing "URL injection" into "URL injectors", if it is meant to denote a piece of software and _not a method_? Or, "Injected URLs"?

I'd suggest this goes in a more general "computer security" or personal computing security or internet security article. Paul 15:37, 25 October 2005 (UTC)

[edit] Directory Harvest Attacks

I've heard of Directory Harvest Attacks, but I'm not sure where they should go. Does it belong in Malware, or somewhere else? KellyCoinGuy 19:10, September 5, 2005 (UTC)

[edit] Types of malware: How spread and effect

The discussion on "types of malware" can be simplified by classing first between how the malware is spread (virus, worm, trojan, direct placement by someone with access to the hardware) and what is its effect (destruction of files, spyware, adware, key capturing, spam server and so on.) I propose such a classification. Opinions?

I don't think this is a bad idea, but it certainly wouldn't 'simplify' any discussion of malware. It would probably make it a more precise discussion, but not a simpler one.Tpstigers 02:17, 18 October 2005 (UTC)

I agree with the suggestion - and was about to make a similar one until I saw the comment above. Tpstigers is correct that this would make the discussion more precise. However, I suggest that structuring the article in such a way would also address a major area of confusion and unclear thinking, and make it easier for readers to understand how, for example, a Virus or Trojan Horse can also include Spyware.

My suggestion would be "delivery method" and "function", but there may be better ways of phrasing this. - Paul 15:48, 25 October 2005 (UTC)

Well, the categories of malware given here are based pretty much on the way people use the terms. (Though it would be worth noting that "virus" has pretty much come to include "worm" for most users.) Since the category of "malware" is defined based on the intention of the creator (malicious software) rather than on any technical detail of the software, it would seem reasonable to keep the "traditional" categories somehow.

agreed - the traditional categories and current information in the article should not be lost - Paul

The thing is, categories are only useful insofar as they express distinctions that are useful to speakers and readers. One can't simply define words once, ignore the changes of history, and then call people "wrong" for using the word "virus" to refer to a network-spreading infection. Word usages change: today, as far as I can tell, Windows technicians talk about viruses and network security people talk about worms. :)

(One problem is that the trade-rag press love to come up with new words to express trivial distinctions and pass them off as actual technical terms ... or, equivalently, to harp on minor historical distinctions in order to sound more precise. I don't give trade-rag neologisms any status; technical terms have to come from technical work, not from hype.) --FOo 05:23, 26 October 2005 (UTC)

I worry a bit about including some of the "sillier" definitions. It might be worth noting these with phrases like some sources use the term (or just removing them)?

Distinctions based on what it does are useful to the reader because they indicate how big or small a problem the software poses, and how important it is to protect against or treat outbreaks.

Distinctions based on how you catch it are useful to the reader because they indicate how to protect against the problem.

Placing the common terms in these contexts can only clarify the meaning to readers. If they don't understand the warnings, what hope have they got? Fortunately the terms are still widely, correctly and consistently understood by the technical community and many commentators (unlike, say, the term "hacker") so it is feasible, and the right thing, to document the distinct meanings clearly as possible. - Paul 02:27, 27 October 2005 (UTC)

[edit] URL Injection / Stealware

This claim seems odd:

Moreover the user is not allowed to edit the extension to remove the malicious codes. If an user is caught doing so, he may be liable for legal consequences.

Is it true? Source? - Paul 15:50, 27 October 2005 (UTC)

No, it's not true. It's a comment by zottmann. How would the user be caught? Oh, the new line of code that sends the amazon affiliate id back to the cow site? OK, again, the user per se will be caught how? Hence my comment in the post-vandalism restored section 'protect privacy.. must violate the license" - me 10:13, 19 December 2005 (PST)

[edit] Confusion regarding URL Injection/ Stealware???

I think there was some confusion regarding URL Injection. I remember this section from an earlier version. It seemed to be vaguely referring to what is known as a "browser hijacker" -- that is, a program that takes over a person's browser settings and redirects it to another web site. A browser hijacker can do *more* than just redirect to a page (it can also reset someone's home page and add bookmarks). However, the point is that A) I don't think that "stealware" is what this section was about initially. B) If it was, then it might really fall under the larger umbrella of "Browser Hijacking." Hfguide 14:01, 29 October 2005 (UTC)

What the original article described was not what is known as URL injection in the security community. What it did describe was what is commonly known as Stealware. Stealware and Browser Hijackers can overlap but aren't exactly the same thing. --RainR 08:25, 30 October 2005 (UTC)

Hi! In response to what you have said: I know that stealware and browser hijacking aren't exactly the same thing, which is why I qualified my remarks by saying that it *might* fall under the umbrella of browser hijacking, in case someone wanted to come along and give a definitive confirmation one way or the other. ;-)

At any rate, here is an excerpt from the earlier revision to explain why I thought there was some confusion involved:

"This software modifies the browser's behavior with respect to some- or all domains. It modifies the url submitted to the server to profit from a given affiliate scheme by the content provider of the given domain."

Therein lies the confusion. The definition above is so broad that it is really more a definition of "browser hijacking" than it is of "stealware" and could easily be intepreted as such. Stealware is definitely more specific than something that "modifies URLs" and "browser behavior". In fact, unless I'm not mistaken it refers to a type of theft that occurs in which commission that would have been earned by a web site through an affiliate scheme is stolen by someone else through the fradulent replacement of a cookie in the user's browser.

Because the original definition under this section sounded like the one for browser hijacking, I could only assume that the label of "URL Injection" was purely accidental and was supposed to be "Browser Hijacker" instead. (Either that, or the person who did this section really meant to write about URL Injection, but wrote a poor definition of it). Adding to the confusion was what appeared to be a glaring omission of "Browser Hijacking" from the table of contents, since it's one of the most prevalent types of malware around. Since the definition of "URL Hijacking" matched it perfectly, I only assumed that this section was about it, but that it was simply mislabeled.Hfguide 10:17, 30 October 2005 (UTC)

URL injection was no accident. It apptly describe's what Carlo's firefox extension does. It itself is not entirely malware, but only in part, hence the clarifing category, which incidentally is now an accepted use of the phrase hence my comment "(see: google results)". NOT giving the user the power to disable the affiliate code injection (hence URL injection) renders in it part malware. Its installation is not surreptitious but its revenue generating powers are. Contrary to claims by the extension author this power is NOT made clear to the average user: most users never dig into the about menu, and there's no on-install or post-install explanation of the affiliate injection notice which is not technically challenging as earlier versions of Text Zoom extension (different author) once did. Browser Hijacking is a completely different beast and "Better"Search is not of them. Nor is "Better"Seach really StealWare. Its whole intent is not theft, so it properly ought not be in that category. Again, this is why URL injection is the perfect category. It describes essentially the mal-nature of the firefox extension. URLwatcher02 10:26 19 December 2005 (PST)

[edit] Rootkit - Not malware

Arguably a rootkit is not necessarily malware; An employer might install a rootkit to undetectably monitor, say network accesses or even keystrokes, without that monitoring being ever disabled or subverted. A publisher with pre-release content might deploy a rootkit on clearly labelled "Not for distribution" plastic (perhaps) optical disks that 'root' machines into which they are inserted, to disable standard optical hardware - turning a general purpose machine (probably on the premises of the publisher) into a playback-only one. People handling pre-release content would understand this and know not to put such contaminated disks into normal machines (or face the consequences). It like a customised OS without needing to recompile the kernel or have access to its source.

The "Rootkit" section could be completely removed and replaced by a reference to the Rootkit page!

[edit] Rootkit - control not needed

It is not necessary to "take control" of a machine to install a rootkit; by "take control" I mean have the machine do what you want it to do, even when it has been programmed to do something else - an Exploit (computer security). All that is needed is a suitable level of access, such as sufficient access to install software or mount removable media. Many consumer oriented general purpose machines - other than those running normal software such as Linux or Mac OS X run in this state all the time - all that is needed is physical access and normal use of the machine! In some cases merely operating a web browser or sending an email to a user on that machine.

The "Rootkit" section could be completely removed and replaced by a reference to the Rootkit page!

The "rootkit" has not been listed as "malware", but as a tool used in malware. And I don't think it should be removed. Several articles online have mentioned "rootkits" as a major component of malware.

Microsoft

Techworld

If you'd like to add a line or two to clear some ambiguity (that in itself, it isn't malware but can be used in malware), I think that would be great. However, I think that the malware section should remain. Hfguide 19:39, 8 November 2005 (UTC)

Actually, I am in broad agreement with you. My real beef is that this page ought not to define rootkit, [The page has: "A rootkit is software inserted onto a computer system after an attacker has gained control of the system", whereas it is at least arguable that defining characteristics of a rootkit are that it causes you own system to lie to you, and effectively parameterises the OS by changing how the OS behaves to various inputs; and not i) that it was inserted, or ii) that an attacker installed it, or iii) that an attacker had control of the system. More importantly, these points belong on the rootkit page not not the malware page], but refer to the Rootkit page for that definition and for fuller (and possibly more accurate) information. Also I suspect there was a thinko, you probably had in your mind: The 'Rootkit' section on the malware page should remain.

Having said that, I would argue that statements such as

"A rootkit is commonly deployed during a successful infection with malware in order to conceal the latter", or
"The presence of an unsuspected rootkit is consistent with, and always strongly suggestive, of malware", or the slightly stronger:
"An unauthorised rootkit is pathognonomic of malware"

belong on the rootkit page as these are characteristcs of rootkits rather than malware in general - though the first perhaps does belong here as a true and concise example of the relationship between malware and a rootkit (malware wastes your resources and may compromise your privacy, a rootkit lies to you). Finally, I am not confident that I could render the phrase "can be used in malware" into brief and accurate English, though I think that its meaning is identical to my expression: " ... in order to conceal [the presence of malware]"

I am new to wikipedia. I would have thought that adding even a few lines should not be done without considering that this may mean 'bloating' the page and actually removing duplicate (or low value) material would be better.

If I were new to Malware, I would like to read that that it is an aggregate category (a bit like 'Intellectual Property') with no definable meaning, I would like to know what kinds of software or code can be classified as Malware: Worms, Viruses, BHOs, Dialers ...; and that malware is only found in commerical software, and for that matter where there is a monopoly position in the provision of core code. Actual details of Computer_worms, Computer_viruses et cetera belong on their own pages, and perhaps some very, very simple simple information on avoiding and detecting the presence of malware

Thank you for taking the trouble to respond. --Ben.the.mole 22:11, 8 November 2005 (UTC)

[edit] Spyware - Malware?

According to the Common Malware Enumeration (CME) spyware and adware cannot be considered malware due to their non-destructive nature. Have a look here (A3. What is "malware"?) http://cme.mitre.org/about/faqs.html . Do you guys think spyware should be included in this article? Viruswitch 01:03, 15 January 2006 (UTC)

-Spyware destroys privacy.

I dont disagree. Non-destructive was referring to hardware-software. Although one could claim spyware modifies the operating system as it istalls itself in it. Still, on strickt theoretical terms, is spyware malware? There must be a global academical defition for it. Isnt the CME an authority on this? If not, who is then? Viruswitch 16:01, 17 January 2006 (UTC)

PJTraill 10:46, 17 April 2006 (UTC) They are malware – anything intended to make a system behave contrary to its owners rightful expectations should be considered malware. That leaves the open question what one has a right to expect from ones system (DRM?), but using my system to pester or snoop on me is clearly out. As to CME, "CME defines malware as ..." doesn't mean we have to accept it, rather indicates there may be other opinions. I would go so far as to suggest this definition as preferrable to "software designed to infiltrate or damage a computer system, without the owner's consent".

[edit] TASHKENT

[edit] Bad site

I know this website that I would like to warn people about, how would I do that? WWW.CRACKZ.WS is a hacker front for malware DON'T GO THERE!!! Instead go here http://forums.spywareinfo.com/lofiversion/index.php/t61280.html, how would I warn on wikipedia or the public about this site? Pseudoanonymous 04:36, 17 February 2006 (UTC)

Keep in mind What Wikipedia is not, specifically "Wikipedia is not a soapbox" and "Wikipedia does not give advice". If you have a reputable source for the information, you might write something like "Malware can be caught in downloads from websites, for example, according to source, the site name of site has downloads that ... more details." --RainR 09:44, 17 February 2006 (UTC)

A script kiddie site. Is it any wonder that actual coders put malware into the files to infect the script kiddies who cant make/compile their own files? 68.49.72.210 04:44, 24 July 2006 (UTC)

[edit] A correction regarding virus detection

The page originally stated:

Cohen's faculty advisor, Leonard Adleman (the A in RSA) presented a rigorous proof that algorithmically detecting the presence of a virus in the general case is Turing undecidable [Ad88].

This is easy to read in a way that suggests that one cannot construct software that is recognizably free of viruses. If by a virus, we mean code that can access unintended machine resources, this is clearly false. Code implemented on top of a virtual machine whose operations access only limited resources can itself access only limited resources. I changed this to a slightly more awkward, but substantially more clear form:

Cohen's faculty advisor, Leonard Adleman (the A in RSA) presented a rigorous proof that, in the general case, algorithmically determining whether a virus is or is not present is Turing undecidable [Ad88].

I also added:

This problem must not be mistaken for that of determining, within a broad class of programs, that a virus is not present; this problem differs in that it does not require the ability to recognize all viruses.

I think that this addition is important, because this mistake has, in fact, often been made, and as a consequence has discouraged work that could help to reduce the virus problem in the real world. Harold f 07:25, 23 May 2006 (UTC)

PJTraill 18:53, 29 July 2006 (UTC) But how did they formally define a virus? And how did they define the execution environment? As a Turing machine? I should have thought a real-life TM-virus would be one that corrupted the look-up table, which is only possible in a flaky TM implementation. Since it essential to malware that is disregards the user‘s wishes, I doubt it can be adequately formalised to distinguish malware from a bona-fide patch-tool for executables. And does this discussion not belong in virus (computing), rather than in malware?

[edit] Etymology

There seems to have been at some point a bit of an etymology war going on in the opening paragraph. I wrote it to reflect both points of view (to really settle this, someone ought to track down the first known use of the term, and figure it out from there, a la OED--though if we don't, I'm sure they'll get around to it eventually, stuffy old coots though they are). I also removed the French language segue for offenses against punctuation and necessity. I think most English readers are probably aware of the meaning of the prefix mal- and can click on the link if they're not. Also, French is a fairly arbitrary choice; the prefix is common to all Romance languages, and standard practice is to go back to the Latin. Durito 22:53, 16 August 2006 (UTC)

Can you cite any source for the prefix mal- being relevant? "Malicious software" is pretty widely accepted as the origin. See, e.g. define:malware on Google. --FOo 04:50, 17 August 2006 (UTC)

[edit] POV

This article has a few POV problems. Words like "unfortunately" do not belong in an encyclopedia article. There are also citations needed for some claims in this article that seem pretty far fetched. 68.43.121.42 04:00, 21 August 2006 (UTC)

The whole "Fighting Malware" section needs citations from reputable sources and needs to be rewritten to present only facts. Wikipedia is not an instructional guide, and encyclopedia article doesn't tell users what they "should" or "should not" do. 68.43.121.42 19:59, 21 August 2006 (UTC)

Well, 'Mr Anonymous', it's even more POV to delete the entire section when the deleter has an economic conflict of interest. In fact, I think it's considered vandalism. CFLeon 07:26, 28 August 2006 (UTC)

I used the talk page to explain why the article needs to be fixed, and received no response/objections. Several days later, another editor removed the offending section and cited the Wikipedia policy that tells us the article shouldn't contain how-to guides or tutorials. Instead of making accusations and reverting, you should try explaining why an article that violates WP:NOT should be allowed to remain. The section is being removed because it is a a how to guide with phrases telling readers "Do not" do this and "Avoid" doing this. Feel free to request mediation if you don't understand.

68.43.121.42 13:10, 28 August 2006 (UTC)

[edit] badware, malware called "virus" by most normal users

Nagle, "badware" is not only not in any standard dictionary but also not in any of the slang or the many computer dictionaries normally listed at www.onelook.com. (Compare http://www.onelook.com/?loc=bm3&w=virus ) In fact, the only reference found by Onelook is Wikipedia. That means it's an extremely rare word, which is confirmed by the search http://www.google.com/search?as_q=%22badware%22&num=10&as_epq=&as_oq=dictionary+glossary+words+terms+lexicon&as_eq=&lr=lang_en&as_occt=any&as_dt=i&as_sitesearch=&safe=off

which produces only very few glossary results that can (almost) be taken seriously such as the following:

This seems to indicate that "badware" is at most jargon and only of a very small group of people. The only serious use of the word i could find was at http://www.technewsworld.com/story/48490.html and http://www.pcworld.com/article/id,126928-c,aol/article.html which seems to indicate that it's a very new word, perhaps even originally the name of the website mentioned in both articles http://www.stopbadware.org

Especially in light of this situation, i find it quite amusing that you added this very rare word while removing the information that most normal computer users never use the word "malware" and instead use "virus" as the generic term. This change was especially uncalled for because you say my edit was "uncited". A quick look in some general dictionaries would have shown you that it's unnecessary to provide a source. This is especially true since i'm describing a situation that anyone who is in contact with normal people knows to be true. In fact, although some dictionaries do give the "geeky" i.e. professionally correct description of "computer virus", these are actually prescriptionist and therefore incorrect according to the guidelines of these same dictionaries. You seem to be a computer professional with very little contact with normal users, otherwise you'd know what more than about 90% of all computer users call "malware".

Your edit was also not good because your use of "hostile code" means nothing to most Wikipedia users. It should at the very least be "programming code" or "computer code". That is why i changed your edit

Malware is a generic term covering a variety of forms of hostile code. The term "badware" is a synonym for "malware".

of my version

However, many normal computer users are still unfamiliar with the term, and most never use it. Instead, "virus" is more commonly used in common parlance to describe all kinds of malware.

Malware is a general term used by computer professionals to mean a variety of forms of hostile computer code. Another term used for this is "badware", but this new term was apparently coined to mean any "software that fundamentally disregards a user's choice over how his or her computer will be used." (http://www.stopbadware.org/home/faq) In that sense, "badware" is a more general term that encompasses "malware", which then means only malicious software. In addition, many normal computer users are still unfamiliar with the term, and most never use it. Instead, "virus" is more commonly used in common parlance to describe all kinds of malware.

http://www.askoxford.com/concise_oed/virus?view=uk a piece of code surreptitiously introduced into a system in order to corrupt it or destroy data.

http://www.m-w.com/cgi-bin/dictionary?book=Dictionary&va=virus 4 : a computer program that is usually hidden within another seemingly innocuous program and that produces copies of itself and inserts them into other programs and usually performs a malicious action (as destroying data)

http://en.wiktionary.org/wiki/virus

A computer virus; often mistakenly used where malware would be the correct word.

http://www.bartleby.com/61/97/C0539700.html A computer program that is designed to replicate itself by copying itself into the other programs stored in a computer. It may be benign or have a negative effect, such as causing a program to operate incorrectly or corrupting a computer's memory.

And last but not least, Computer virus.

--Espoo 23:21, 24 September 2006 (UTC)

The term "badware" is a deliberate neologism coined by the StopBadware.org people. It is intended to raise users' awareness of potentially harmful software.

It is not technical jargon, as it doesn't have any precise or specific meaning to people in the trade. Security professionals do not discuss problems in terms of "badware". And, of course, authors of the programs themselves do not call them "badware". (In contrast consider the term "computer virus". Both security professionals and authors of viruses, as well as the mainstream press, use the term "virus".)

"Badware" has no more currency as a technical term than does "poopware" or "craptacularware" or "dorkusware". It's just a marketing term for a particular public-awareness campaign. --FOo 05:58, 25 September 2006 (UTC)

[edit] A Different Type

There is one thing that we could add to this page that isn't discussed at all. What about software that doesn't try to intentionally harm your computer, but the programmers weren't exactly the best in the business and so their uninstall fails. It ends up leaving parts of the program in your computer and unless you get some specific but risky software to edit the registry, you can't get it off your computer ever. This has happened to me a few times with software demos that came with magazines. 216.191.40.149 18:58, 17 October 2006 (UTC)

What about Wikipedia's recent malware attack? Its on Google News that some hackers hacked Wikipedia. --66.218.11.146 07:33, 5 November 2006 (UTC)

Retrieved from "http://en.wikipedia.org../../../m/a/l/Talk%7EMalware_190e.html"

Category: Articles referenced by the press