Security Event Horizons

[Dave Aitel <dave () immunityinc com>]

Every so often you see a ton of effort from a security person go into a
platform or protocol that most people ignore. For example, X405, or
MSRPC or DCERPC or HTTP or the BlackBerry Playbook. I don't have a good
way to explain it, but there's an event horizon where once you've
understood a platform enough, the only way to secure it against you is
to turn it off or tunnel it completely under something that provides its
own protection.

I think this is because the overall properties of a computing system are
non-obvious emerging results - i.e. Windows Presentation Foundation
seems secure if you read about it. But in practice, nobody has every
deployed a WPF system more robust than tofu-like. Publicly, people just
don't talk about it in the security world though, so as a developer you
assume it's at least as good at PHP, possibly better!

A friend of mine calls this theory "The Big Eye". I.E. Microsoft Windows
has been under the withering glare for quite some time, but OS X (and
iOS) has not, so it sometimes seems more secure. But once that big
eyeball turns around to it, it'll blow away like dust.

I hate posting about things I don't have metrics for. But perhaps
someone else also feels this and has the data and metrics to explain it
- there's a big ramp up, and then there's body blow after body blow as
you tear into something and the whole system collapses.

-- 
INFILTRATE 2012 January 12th-13th in Miami - the world's best offensive information security conference.
www.infiltratecon.com

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
http://lists.immunityinc.com/mailman/listinfo/dailydave