Computer security products such as antivirus and antispyware applications and services typically work by scanning a user's computer for blacklisted malicious software/code (hereinafter “malware”). As attackers create new malicious programs, the vendors are forced to update the blacklists in the security products. Attackers continue the cycle by creating new pieces of malware—leaving users vulnerable until vendors release updated blacklists.
Additionally, as operating systems and applications are increasingly hardened against attacks (such as through the application of better design principles), attackers are turning to social engineering attacks such as phishing and evil twin attacks, as well as tactics such as bundling malware (including adware and spyware) with otherwise legitimate software in the hopes of tricking users into downloading and installing their damaging programs and evading detection. Even in the case of non-malicious software, incompatibilities, bugs, and exploitable vulnerabilities can all cause potentially devastating problems for a user—problems against which antivirus and antispyware applications do not protect.
Therefore, it would be desirable to have a better way to inform trust decisions.