Dailydave mailing list archives
Re: "The organization I belong to doesn't have initals"(that evil dude in Heroes)
From: "Matt Richard" <matt.richard () gmail com>
Date: Thu, 16 Nov 2006 09:09:09 -0500
On 11/15/06, dan () geer org <dan () geer org> wrote:
| I think the real point here is that the majority of people responsible | for security have a backwards mindset. Most security practitioners | still don't make the assumption that everything is vulnerable and | design around it. Of course IIS is vulnerable to an unpublished 0day. so, should one write apps with the assumption that will be running on compromised hosts?
When you write applications for a non-trusted platform such as Windows, Linux, Solaris, OS X, OpenBSD, <your favorite OS> it would be wise to assume that the host will eventually be compromised. When it's assumed the host will eventually be compromised the author may start to include security features that may not have been considered. I like the example of tax return software. All tax return software that I am aware of outputs your tax return as a PDF/html/etc. None of the packages give you the option to protect the documents, presumably because they assume that if you trust the host enough to enter all that information than you trust it to hold copies of the information in the future. If you assume that the host is not compromised when the user creates the tax return but will someday be compromised than a different set of outputs should result. Apps should take measures to limit the possible damage once the assumed compromise occurs. The same holds true of most applications but I'm sure there are corner cases where that's simply not reasonable or feasible. -- Matt Richard http://www.mullingsecurity.com _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: "The organization I belong to doesn't have initals"(that evil dude in Heroes), (continued)
- Re: "The organization I belong to doesn't have initals"(that evil dude in Heroes) Paul Melson (Nov 13)
- Re: "The organization I belong to doesn't have initals"(that evil dude in Heroes) Steve Manzuik (Nov 13)
- Re: "The organization I belong to doesn't have initals"(that evil dude in Heroes) Olef Anderson (Nov 14)
- Re: "The organization I belong to doesn't have initals"(that evil dude in Heroes) Nicolas RUFF (Nov 14)
- Re: "The organization I belong to doesn't have initals"(that evil dude in Heroes) David Maynor (Nov 14)
- Re: "The organization I belong to doesn't have initals"(that evil dude in Heroes) Daniel (Nov 14)
- Re: "The organization I belong to doesn't have initals"(that evil dude in Heroes) Siim Põder (Nov 14)
- Re: "The organization I belong to doesn't have initals"(that evil dude in Heroes) Matt Richard (Nov 15)
- Re: "The organization I belong to doesn't have initals"(that evil dude in Heroes) dan (Nov 16)
- Re: "The organization I belong to doesn't have initals"(that evil dude in Heroes) Rhys Kidd (Nov 16)
- Re: "The organization I belong to doesn't have initals"(that evil dude in Heroes) Matt Richard (Nov 16)
- Re: "The organization I belong to doesn't have initals"(that evil dude in Heroes) Dave Aitel (Nov 16)