Dailydave mailing list archives
Security Event Horizons
From: Dave Aitel <dave () immunityinc com>
Date: Mon, 09 Jan 2012 16:16:00 -0500
Every so often you see a ton of effort from a security person go into a platform or protocol that most people ignore. For example, X405, or MSRPC or DCERPC or HTTP or the BlackBerry Playbook. I don't have a good way to explain it, but there's an event horizon where once you've understood a platform enough, the only way to secure it against you is to turn it off or tunnel it completely under something that provides its own protection. I think this is because the overall properties of a computing system are non-obvious emerging results - i.e. Windows Presentation Foundation seems secure if you read about it. But in practice, nobody has every deployed a WPF system more robust than tofu-like. Publicly, people just don't talk about it in the security world though, so as a developer you assume it's at least as good at PHP, possibly better! A friend of mine calls this theory "The Big Eye". I.E. Microsoft Windows has been under the withering glare for quite some time, but OS X (and iOS) has not, so it sometimes seems more secure. But once that big eyeball turns around to it, it'll blow away like dust. I hate posting about things I don't have metrics for. But perhaps someone else also feels this and has the data and metrics to explain it - there's a big ramp up, and then there's body blow after body blow as you tear into something and the whole system collapses. -- INFILTRATE 2012 January 12th-13th in Miami - the world's best offensive information security conference. www.infiltratecon.com
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com http://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Security Event Horizons Dave Aitel (Jan 09)