[fny]

I don't think the definition of "bad" is expanding. Rather the ability to detect and exploit "bad" is.

[chrisweekly]

fair point. another way of putting it might be to say that, for all extant software, much more of it is "bad" than we realized even a month or two ago -- and the cost to create and maintain "good" software is increasing (even as the naive / surface-level / apparent cost is plummeting)

[kenjackson]

Same thing happened with the growth of the internet. There was a time when there was basically no consideration of buffer overflow.