Firewall Wizards mailing list archives

RE: signing applets a solution? Never!

From: Hal <hal () mrj com>
Date: Fri, 12 Dec 1997 11:57:38 -0500

I took some time to read the paper you referenced.  Yes, there are  infinite sources of cleverness and clever people. 
NCSC strove to  perfect a clean environment carefully closing each avenue by which a trojan horse might be introduced. 
A perfect example of deconstructionism and it failed. Too expensive, formal proofs-of-security not up to the job, 
administration, a nightmare. So then what's left?  Industry is simply moving ahead gates ajar!

I heard recently about a large military think tank which had forbid any applets at all except onces that they had 
checkout and cached internally. Nothing directly from outside.  This worked for about a month and was dropped.  Their 
users wouldn't put up with it. So they decided to take the risk, roll the dice, (whatever metaphor you like) and hope 
(or trust) that they weren't going to get wacked. Still they search for a solution as do we all.  

BTW (I don' remember the study title Thompson asked about but I do remember that the trojan horse was carefully 
disguised as a microcode fix.  It was packaged exactly as other routine patches, even to the extent of reproducing 
exact matches of  internal company control forms and wrapping.. The package was "placed" into the on-sight Customer 
Engineer's in-basked who then installled it in the target Multics.
Very neat.) 


----------
From:   Pauline van Winsen - Uniq Professional Services[SMTP:Pauline.van.Winsen () uniq com au]
Reply To:       Pauline van Winsen - Uniq Professional Services
Sent:   Thursday, December 11, 1997 7:41 PM
To:     darrenr () cyber com au; jk () stallion ee
Cc:     firewall-wizards () nfr net
Subject:        Re: signing applets a solution?   Never!


When talking about security of binary products, I believe it is hard to
believe that programmers do not sometimes program backdoors into their
programs. It probably depends on the software company, but in many places
it should be fairly easy to put something into the code without company or
fellow programmers finding out about it.


& for a classic example check out:

http://www.cs.umsl.edu/~sanjiv/sys_sec/security/thompson/hack.html

one of my all time favourite security papers.

cheers,
pauline

Pauline van Winsen                                   pauline () uniq com au
Uniq Professional Services Pty Ltd                       www.uniq.com.au
PO Box 70, Paddington, NSW 2021,                      (Sydney) Australia
Phone: +61-2-9380-6360      Fax: +61-2-9380-6416      Pager: 016 287 000
"You'll need a dress for dancing. Unless you're going steady with 
someone in the Diplomatic Corps, you won't really need a full-length 
ball gown."
   Fashion Sense - The Single Woman - Book 2, Woman's World, circa 1964.

Current thread:

signing applets a solution? Never! Hal (Dec 03)
- Re: signing applets a solution? Never! Marcus J. Ranum (Dec 08)
  - Re: signing applets a solution? Never! David C Niemi (Dec 08)
  - Re: signing applets a solution? Never! Darren Reed (Dec 08)
    - Re: signing applets a solution? Never! chuck yerkes (Dec 09)
    - Re: signing applets a solution? Never! Jyri Kaljundi (Dec 11)
- <Possible follow-ups>
- Re: signing applets a solution? Never! Pauline van Winsen - Uniq Professional Services (Dec 11)
- RE: signing applets a solution? Never! Hal (Dec 12)
  - Re: signing applets a solution? Never! Bennett Todd (Dec 17)