Re: [SC-L] Silver Bullet 113: Chandu Ketkar

[Gary McGraw]

The URL was apparently scrambled below.  For the SB episode try: 
http://bit.ly/SB-chandu 

gem




On 8/31/15, 12:51 PM, "SC-L on behalf of Gary McGraw" 
 wrote:

>hi sc-l,
>
>The new episode of Silver Bullet features a conversation with Chandu Ketkar. 
>Chandu has 20+ years of experience in software, starting as a developer and 
>working his way to a secure design proponent.  Have a listen:
>http://bit.ly/SB-chandu
>
>We discuss threat modelling, architectural analysis, healthcare security, 
>economics, and what developers think of security (not necessarily in that 
>order).  You can also find out what Chandu’s favorite Indian music is when you 
>listen.
>
>gem
>
>company www.cigital.com
>blog www.cigital.com/justiceleague
>book www.swsec.com
>
>___
>Secure Coding mailing list (SC-L) SC-L@securecoding.org
>List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
>List charter available at - http://www.securecoding.org/list/charter.php
>SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
>as a free, non-commercial service to the software security community.
>Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
>___

___
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
___

Re: [SC-L] [External] Re: SearchSecurity: Dynamism

[Goertzel, Karen [USA]]

Yes, we seem to abandon security mechanisms that (1) we can actually trust, and 
(2) that Microsoft and Google refuse to build.

===
Karen Mercedes Goertzel, CISSP, CSSLP
Senior Lead Scientist
Booz Allen Hamilton
703.698.7454
goertzel_ka...@bah.com

"The hardest thing of all is to
find a black cat in a dark room,
especially if there is no cat."
- Confucius



From: Peter G. Neumann [neum...@csl.sri.com]
Sent: 06 September 2015 15:24
To: Goertzel, Karen [USA]
Cc: Alfonso De Gregorio; Johan Peeters; Secure Code Mailing List
Subject: Re: [SC-L] [External] Re: SearchSecurity: Dynamism

Reference monitors were a lovely concept, largely invented for multilevel
security kernels and trusted computing bases, but are almost nonexistent
in that context.  Yes, they'd be lovely to have, but even the NSA folks
seem to have abandoned them...

___
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
___

Re: [SC-L] [External] Re: SearchSecurity: Dynamism

[Peter G. Neumann]

Reference monitors were a lovely concept, largely invented for multilevel
security kernels and trusted computing bases, but are almost nonexistent
in that context.  Yes, they'd be lovely to have, but even the NSA folks
seem to have abandoned them...
___
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
___

Re: [SC-L] [External] Re: SearchSecurity: Dynamism

[Gary McGraw]

As far as I know, Microsoft integrated some reference monitoring into their OS 
family under Fred Schneider’s guidance.  They called it “inline reference 
monitoring” and I believe they still use it.

gem




On 9/8/15, 8:49 AM, "SC-L on behalf of Goertzel, Karen [USA]" 
 wrote:

>Yes, we seem to abandon security mechanisms that (1) we can actually trust, 
>and (2) that Microsoft and Google refuse to build.
>
>===
>Karen Mercedes Goertzel, CISSP, CSSLP
>Senior Lead Scientist
>Booz Allen Hamilton
>703.698.7454
>goertzel_ka...@bah.com
>
>"The hardest thing of all is to
>find a black cat in a dark room,
>especially if there is no cat."
>- Confucius
>
>
>
>From: Peter G. Neumann [neum...@csl.sri.com]
>Sent: 06 September 2015 15:24
>To: Goertzel, Karen [USA]
>Cc: Alfonso De Gregorio; Johan Peeters; Secure Code Mailing List
>Subject: Re: [SC-L] [External] Re: SearchSecurity: Dynamism
>
>Reference monitors were a lovely concept, largely invented for multilevel
>security kernels and trusted computing bases, but are almost nonexistent
>in that context.  Yes, they'd be lovely to have, but even the NSA folks
>seem to have abandoned them...
>
>___
>Secure Coding mailing list (SC-L) SC-L@securecoding.org
>List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
>List charter available at - http://www.securecoding.org/list/charter.php
>SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
>as a free, non-commercial service to the software security community.
>Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
>___

___
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
___

Re: [SC-L] [External] Re: SearchSecurity: Dynamism

[Goertzel, Karen [USA]]

It's been there since Windows NT 4.0, and is used with mandatory integrity 
labels to enforce a mandatory integrity policy so that subjects with a lower 
integrity label cannot access (and, most importantly, cannot modify) objects 
with higher integrity labels. 

It also exists separate from the Windows DAC ACL, which is what seems to govern 
user access to data files. One gets the impression it is intended to be used to 
protect DLL executables against modification by unauthorized processes, which 
is a worthy usage, but doesn't do anything for sensitivity- or privacy-based 
control of information flow.



===
Karen Mercedes Goertzel, CISSP, CSSLP
Senior Lead Scientist
Booz Allen Hamilton
703.698.7454
goertzel_ka...@bah.com

"The hardest thing of all is to
find a black cat in a dark room,
especially if there is no cat."
- Confucius



From: Gary McGraw [g...@cigital.com]
Sent: 08 September 2015 15:44
To: Goertzel, Karen [USA]; Peter G. Neumann
Cc: Secure Code Mailing List
Subject: Re: [SC-L] [External] Re: SearchSecurity: Dynamism

As far as I know, Microsoft integrated some reference monitoring into their OS 
family under Fred Schneider’s guidance.  They called it “inline reference 
monitoring” and I believe they still use it.

gem




On 9/8/15, 8:49 AM, "SC-L on behalf of Goertzel, Karen [USA]" 
 wrote:

>Yes, we seem to abandon security mechanisms that (1) we can actually trust, 
>and (2) that Microsoft and Google refuse to build.
>
>===
>Karen Mercedes Goertzel, CISSP, CSSLP
>Senior Lead Scientist
>Booz Allen Hamilton
>703.698.7454
>goertzel_ka...@bah.com
>
>"The hardest thing of all is to
>find a black cat in a dark room,
>especially if there is no cat."
>- Confucius
>
>
>
>From: Peter G. Neumann [neum...@csl.sri.com]
>Sent: 06 September 2015 15:24
>To: Goertzel, Karen [USA]
>Cc: Alfonso De Gregorio; Johan Peeters; Secure Code Mailing List
>Subject: Re: [SC-L] [External] Re: SearchSecurity: Dynamism
>
>Reference monitors were a lovely concept, largely invented for multilevel
>security kernels and trusted computing bases, but are almost nonexistent
>in that context.  Yes, they'd be lovely to have, but even the NSA folks
>seem to have abandoned them...
>
>___
>Secure Coding mailing list (SC-L) SC-L@securecoding.org
>List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
>List charter available at - http://www.securecoding.org/list/charter.php
>SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
>as a free, non-commercial service to the software security community.
>Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
>___

___
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
___

Re: [SC-L] [External] Re: SearchSecurity: Dynamism

[Alfonso De Gregorio]

On Tue, Sep 8, 2015 at 7:44 PM, Gary McGraw  wrote:
> As far as I know, Microsoft integrated some reference monitoring into their 
> OS family under Fred Schneider’s guidance.  They called it “inline reference 
> monitoring” and I believe they still use it.

A related work by Microsoft is BrowserShield, an inline reference
monitor for JavaScript:

  BrowserShield: Vulnerability-Driven Filtering of Dynamic HTML
  http://research.microsoft.com/en-us/projects/shield/#browsershield

-- Alfonso

___
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
___