[Dailydave] Security Event Horizons
Dave Aitel
dave at immunityinc.com
Mon Jan 9 16:16:00 EST 2012
Every so often you see a ton of effort from a security person go into a
platform or protocol that most people ignore. For example, X405, or
MSRPC or DCERPC or HTTP or the BlackBerry Playbook. I don't have a good
way to explain it, but there's an event horizon where once you've
understood a platform enough, the only way to secure it against you is
to turn it off or tunnel it completely under something that provides its
own protection.
I think this is because the overall properties of a computing system are
non-obvious emerging results - i.e. Windows Presentation Foundation
seems secure if you read about it. But in practice, nobody has every
deployed a WPF system more robust than tofu-like. Publicly, people just
don't talk about it in the security world though, so as a developer you
assume it's at least as good at PHP, possibly better!
A friend of mine calls this theory "The Big Eye". I.E. Microsoft Windows
has been under the withering glare for quite some time, but OS X (and
iOS) has not, so it sometimes seems more secure. But once that big
eyeball turns around to it, it'll blow away like dust.
I hate posting about things I don't have metrics for. But perhaps
someone else also feels this and has the data and metrics to explain it
- there's a big ramp up, and then there's body blow after body blow as
you tear into something and the whole system collapses.
--
INFILTRATE 2012 January 12th-13th in Miami - the world's best offensive information security conference.
www.infiltratecon.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 267 bytes
Desc: OpenPGP digital signature
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20120109/b24d7497/attachment.sig>
More information about the Dailydave
mailing list