"Bumper sticker" definition of secure software

[michaelslists at gmail.com (mikeiscool)]

On 7/17/06, Crispin Cowan <crispin at novell.com> wrote:
> mikeiscool wrote:
> > On 7/17/06, Crispin Cowan <crispin at novell.com> wrote:
> > > >  Goertzel Karen wrote:
> > > > I've been struggling for a while to synthesise a definition of secure
> > > > software that is short and sweet, yet accurate and comprehensive.
> > >
> > > My favorite is by Ivan Arce, CTO of Core Software, coming out of a
> > > discussion between him and I on a mailing list about 5 years ago.
> > >
> > > Reliable software does what it is supposed to do. Secure software
> > > does what
> > > it is supposed to do, and nothing else.
> > and what if it's "supposed" to take unsanitzed input and send it into
> > a sql database using the administrators account?
> >
> > is that secure?
>
> "supposed to" goes to intent.

I don't know. I think there is a difference between "this does what
it's supposed to do" and "this has no design faults". That's all I was
trying to highlight.

The point remains though: trimming this down into a friendly little
phrase is, IMCO, useless.


> If it is a bug that allows this, then it
> was not intentional. If it was intended, then (from this description) it
> was likely a Trojan Horse, and it is secure from the perspective of the
> attacker who put it there.
>
> IMHO, bumper sticker slogans are necessarily short and glib. There isn't
> room to put in all the qualifications and caveats to make it a perfectly
> precise statement. As such, mincing words over it is a futile exercise.
>
> Or you could just print a technical paper on a bumper sticker, in really
> small font :)
>
> Crispin

-- mic