Re: Absolute Sownage (A concise history of recent Sony hacks)

[Valdis.Kletnieks () vt edu]

On Sat, 11 Jun 2011 01:36:54 BST, mrx said:
> I did the top 10 and hopefully with my limited experience and knowledge in
> this field have covered them all.

If you did proper checks for the Top 10 (single biggest issue for most of them
is remembering to filter *in* valid input, not filter out invalid), and went
through your code while thinking to yourself "What would Satan himself put in
this field just to make my life miserable?",  your code is (unfortunately)
probably better than 80-90% of what's out there in production.

Even if you don't always succeed at guessing what Satan would put in the field,
even all the obvious stuff (too long, too short, unexpected UTF-8, upside-down,
whatever) will go a *long* way towards hardening the code.  And quite frankly,
that may be good enough - if you eliminate 95% of the holes, it may be
*effectively* secure, simply because it isn't worth the attacker's time to
fight for the other 5% (of course, this also depends on you being "just another
one of 140 million .coms", where you don't have to outrun the bear, just the
other hiker - if this is highly visible code, of course a higher level of
security will be needed...)

Oh, and remember that security is trade-offs - spending $10K to fix that last
mostly-theoretical hole that will lose you maybe $100 if exploited is simply
not worth it.  You'll have to assess that cost/value thing based on the actual
app and data, of course...

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/