Charlie ,
All true and I totally agree with you.
Try walking in my shoes,
I develop and deploy a vertical market app and I send my CDs to
approximately 1000 companies all over the country. Many of my clients are
totally unknown to me. One of the reasons that I decided to migrate my dbfs
to MySql was to be my data more secured. Until today I believed that because
MySQL is a secure server (as it is said) my data is well protected from
unauthorized eyes. Of course, there is a crack, a crack in everything that's
how the light gets in! I knew all that. I just wondered "how can an open
source server to be a secure server" if all the technical details about
login, authorization, files, dlls etc... are revealed through its code?
My *valuable* database is an open book if a user of mine (just because he is
the pc owner and has admin rights) modifies the source code of the server.
My ExtraLongAndDifficult password is useless.
-Vassilis
----- Original Message -----
From: "Charlie Coleman" <[EMAIL PROTECTED]>
To: "ProFox Email List" <[email protected]>
Sent: Tuesday, September 05, 2006 6:22 PM
Subject: Re: [NF] Open Source Rookie + Database Servers
At 04:50 PM 9/5/2006 +0300, Vassilis Aggelakos wrote:
We hear louder and louder everyday that linux is more secure than windows
or MySQL is more secure than SQL server...
...
Those are just general statements. And they are 'generally' true. But in
any given circumstance, a specific implementation could be worse in either
case (e.g. leave root exposed in MySQL, or a 'blank' admin password in
MSDE/MSSQL, etc)
How can an open source program to be a secure one? It is oxymoron isn't
it?
...
A bit of a digression here....
In terms of encryption (e.g. storing the actual data on-disk), the
encryption algorithm is not what protects the data - the encryption key
does. For example, AES encryption (the new standard). Everyone can get
access to the actual encryption algorithm. They have to so they can
implement it. The important thing is how well does the encryption method
protect the encryption 'key'. In other words, if you're given a binary
stream of data, how hard will it be for you to crack the encryption key
given no other information?
The bottom line is the 'security' of the encryption stream is dependent
upon the encryption key. That is why computer to computer communications
automatically change the encryption key between sessions, etc. If you give
someone enough data, they'll be able to break the encryption eventually.
And if you don't change the key, then, once broken, they'd be able to read
anything else sent. There are all kinds of encryption methods in use, and
all of them are published.
Now, there is another aspect to point out. The fact that something is open
source means the technical details are visible. E.g. in MySQL, you'll see
there is a 'root' user when MySQL is first installed. And that user is
granted complete rights to the DB. So, knowing that technical info means
you could try to create attacks against it. But now, consider this in the
real world. MySQL Admins know about this too. In fact, the whole world can
easily know about this. And knowing it means a reasonably competent Admin
would take appropriate measures: e.g. a strong password on root and/or
even remove/change the root account. Next, consider the issue of 'buffer
overflow'. This is a severe problem because it potentially allows code to
be "externally sent" but "internally executed." So, seeing all the source
code you'd think - Ah, I'll be able to find a way to hack this. But again,
in the real world what happens is that everyone is seeing the source code,
and the vast majority of viewers want the source to be reliable and
protect against buffer overflows. So, buffer type attacks get quickly
found and removed in open source. Lastly, it becomes very obvious very
quickly if there are any 'back doors' in the system. I'll guess that there
are no back doors in MySQL specifically because it is open source.
Constrast that last paragraph to closed-source systems like MSSQL. You'd
think you'd be more protected at first glance. But again in the real world
you realize that anyone wanting to attack MSSQL would probably buy MSSQL
and start playing with it. The hacker gets all the Admin docs, etc and he
basically gets to know the in's and out's of MSSQL. So any potentially
damaging information would eventually be found anyway. And in this case,
that info would probably spread around in hacker-channels for exploit vice
being clearly in public view. In terms of buffer overflows, with MSSQL you
end up being at the mercy of what MS finds and what MS fixes as opposed to
having millions of techies all over the world examine and hit that stuff.
Next, since it's closed-source, you don't know if there are any back-doors
or not. It's likely hackers would be the first to find one. I imagine MS
has taken out their back-doors because of being pinged on for so long by
security problems. But if you don't have the source, you don't know for
sure.
You can look at the above in application contexts too. For example, assume
someone writes a time-card application with open-source code. Well, it
looks like they wanted to be able to easily debug things, so they put a
back door into the system so they could get into any user's data. Well,
duh! As soon as the application hits the streets, and probably before,
everyone will be pointing a finger saying - Hey! Backdoor! No one would
end up using the application until the source is changed.
Go the next step, into buffer overflows. Here, perhaps the developers
simply missed something by accident. Again anyone viewing the source could
say - Hey! You missed you bounds check here which might allow a buffer
overflow to occur. Problem fixed.
Contrast that with closed-source. Assume MS releases a patch and updates
your OS (you know, according to their license statement they're allowed to
do this without your knowledge). No one but MS has seen the code in that
patch. It may contain a back-door into your system and MS may use it to
monitor what other software you have on your computer (oh, but just to
make sure you're not pirating MS software.... heh heh, riiiiiight). Patch
comes out, hackers blast the patch with an array of tools looking for
something, etc. Imagine what could happen if hackers are the first to find
the back-door/buffer overflow first.
So, generally, the conclusion is that security is actually better in
open-source systems.
-Charlie
[excessive quoting removed by server]
_______________________________________________
Post Messages to: [email protected]
Subscription Maintenance: http://leafe.com/mailman/listinfo/profox
OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech
** All postings, unless explicitly stated otherwise, are the opinions of the
author, and do not constitute legal or medical advice. This statement is added
to the messages for those lawyers who are too stupid to see the obvious.
