On Fri, May 28, 1999 at 11:42:03AM -0400, Arnold G. Reinhold wrote:
> At 1:36 PM -0400 5/27/99, Kawika Daguio wrote:
> What I would like to know from you is whether you and others have been
> able to construct a "duh" list of typical, but unacceptable current
> practices that can easily be remediated.
>
> Here are my top 10 candidates for a "duh" list:
[excellent list deleted]
Here's my addition:
0. Failure to state a comprehensive security model. What does
the product protect against? What does it not protect against?
What assumptions have been made in the design of the product?
When I was consulting I saw too many people who just wanted to
put some crypto on top of an existing product without understanding
what attacks they needed to protect against and what ones they didn't.
Too many people think only about how many bits are in the key, not
about where the data comes from or goes. The strongest crypto in
the world won't help if your data is open to attack after it's
decrypted.... attackers go after the weakest link.
--
Eric Murray N*Able Technologies www.nabletech.com
(email: ericm at the sites lne.com or nabletech.com) PGP keyid:E03F65E5
