At 04:50 PM 9/5/2006 +0300, Vassilis Aggelakos wrote:
We hear louder and louder everyday that linux is more secure than windows
or MySQL is more secure than SQL server...
...
Those are just general statements. And they are 'generally' true. But in
any given circumstance, a specific implementation could be worse in either
case (e.g. leave root exposed in MySQL, or a 'blank' admin password in
MSDE/MSSQL, etc)
How can an open source program to be a secure one? It is oxymoron isn't it?
...
A bit of a digression here....
In terms of encryption (e.g. storing the actual data on-disk), the
encryption algorithm is not what protects the data - the encryption key
does. For example, AES encryption (the new standard). Everyone can get
access to the actual encryption algorithm. They have to so they can
implement it. The important thing is how well does the encryption method
protect the encryption 'key'. In other words, if you're given a binary
stream of data, how hard will it be for you to crack the encryption key
given no other information?
The bottom line is the 'security' of the encryption stream is dependent
upon the encryption key. That is why computer to computer communications
automatically change the encryption key between sessions, etc. If you give
someone enough data, they'll be able to break the encryption eventually.
And if you don't change the key, then, once broken, they'd be able to read
anything else sent. There are all kinds of encryption methods in use, and
all of them are published.
Now, there is another aspect to point out. The fact that something is open
source means the technical details are visible. E.g. in MySQL, you'll see
there is a 'root' user when MySQL is first installed. And that user is
granted complete rights to the DB. So, knowing that technical info means
you could try to create attacks against it. But now, consider this in the
real world. MySQL Admins know about this too. In fact, the whole world can
easily know about this. And knowing it means a reasonably competent Admin
would take appropriate measures: e.g. a strong password on root and/or even
remove/change the root account. Next, consider the issue of 'buffer
overflow'. This is a severe problem because it potentially allows code to
be "externally sent" but "internally executed." So, seeing all the source
code you'd think - Ah, I'll be able to find a way to hack this. But again,
in the real world what happens is that everyone is seeing the source code,
and the vast majority of viewers want the source to be reliable and protect
against buffer overflows. So, buffer type attacks get quickly found and
removed in open source. Lastly, it becomes very obvious very quickly if
there are any 'back doors' in the system. I'll guess that there are no back
doors in MySQL specifically because it is open source.
Constrast that last paragraph to closed-source systems like MSSQL. You'd
think you'd be more protected at first glance. But again in the real world
you realize that anyone wanting to attack MSSQL would probably buy MSSQL
and start playing with it. The hacker gets all the Admin docs, etc and he
basically gets to know the in's and out's of MSSQL. So any potentially
damaging information would eventually be found anyway. And in this case,
that info would probably spread around in hacker-channels for exploit vice
being clearly in public view. In terms of buffer overflows, with MSSQL you
end up being at the mercy of what MS finds and what MS fixes as opposed to
having millions of techies all over the world examine and hit that stuff.
Next, since it's closed-source, you don't know if there are any back-doors
or not. It's likely hackers would be the first to find one. I imagine MS
has taken out their back-doors because of being pinged on for so long by
security problems. But if you don't have the source, you don't know for sure.
You can look at the above in application contexts too. For example, assume
someone writes a time-card application with open-source code. Well, it
looks like they wanted to be able to easily debug things, so they put a
back door into the system so they could get into any user's data. Well,
duh! As soon as the application hits the streets, and probably before,
everyone will be pointing a finger saying - Hey! Backdoor! No one would end
up using the application until the source is changed.
Go the next step, into buffer overflows. Here, perhaps the developers
simply missed something by accident. Again anyone viewing the source could
say - Hey! You missed you bounds check here which might allow a buffer
overflow to occur. Problem fixed.
Contrast that with closed-source. Assume MS releases a patch and updates
your OS (you know, according to their license statement they're allowed to
do this without your knowledge). No one but MS has seen the code in that
patch. It may contain a back-door into your system and MS may use it to
monitor what other software you have on your computer (oh, but just to make
sure you're not pirating MS software.... heh heh, riiiiiight). Patch comes
out, hackers blast the patch with an array of tools looking for something,
etc. Imagine what could happen if hackers are the first to find the
back-door/buffer overflow first.
So, generally, the conclusion is that security is actually better in
open-source systems.
-Charlie
_______________________________________________
Post Messages to: [email protected]
Subscription Maintenance: http://leafe.com/mailman/listinfo/profox
OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech
** All postings, unless explicitly stated otherwise, are the opinions of the
author, and do not constitute legal or medical advice. This statement is added
to the messages for those lawyers who are too stupid to see the obvious.
