Re: [SC-L] Interesting article on the adoption of Software Security

2004-06-09 Thread Florian Weimer
* Kenneth R. van Wyk: There's an interesting article out on Net-Security.org (see the full article at http://www.net-security.org/article.php?id=697) that addresses why software development organizations adopt (or do not adopt) a Software Security development methodology. Check it out --

Re: [SC-L] HNS - Biggest X Window security hole since 2000

2006-05-08 Thread Florian Weimer
Certainly that part is OS-specific. On my VMS machine, X-windows processes do not run as root. The X Window server needs elevated privileges because it can trigger DMA on the graphics card (and thus read arbitrary memory, unless you've got an IOMMU). Chances are, however, that your VMS

Re: [SC-L] bumper sticker slogan for secure software

2006-07-20 Thread Florian Weimer
* der Mouse: Absolute security is a myth. As is designing absolutely secure software. I have high hopes in formal methods. All formal methods do is push bugs around. Basically, you end up writing in a higher-level language (the spec you are formally verifying the program meets). You

Re: [SC-L] Bumper sticker definition of secure software

2006-07-20 Thread Florian Weimer
* Brian A. Shea: My slogan: Unsecured Applications = Unsecured Business Which is completely acceptable if you and your business partners are aware of the risk level at which your are running your company. Secure software costs more, requires more user training, and fails in

Re: [SC-L] Compilers

2006-12-29 Thread Florian Weimer
* Crispin Cowan: ljknews wrote: 2. The compiler market is so immature that some people are still using C, C++ and Java. I'm with you on the C and C++ argument, but what is immature about Java? I thought Java was a huge step forward, because for the first time, a statically

Re: [SC-L] temporary directories

2007-01-02 Thread Florian Weimer
I gather you are saying that the innards of Unix will force creation of an unwanted directory entry on the Ada implementation of the required null name support for packagename.CREATE . The Ada implementation could rely on exclusive access to the file (surely Unix has that, right?) You can

Re: [SC-L] Compilers

2007-01-04 Thread Florian Weimer
* Crispin Cowan: I'm with you on the C and C++ argument, but what is immature about Java? I thought Java was a huge step forward, because for the first time, a statically typesafe language was widely popular. Java is not statically typesafe, see the beloved ArrayStoreException (and

Re: [SC-L] Darkreading: Secure Coding Certification

2007-05-14 Thread Florian Weimer
* Johan Peeters: I agree that multiple choice alone is inadequate to test the true breadth and depth of someone's security knowledge. Having contributed a few questions to the SANS pool, I take issue with Gary's article when it implies that you can pass the GSSP test while clueless. But I

Re: [SC-L] Interesting tidbit in iDefense Security Advisory 06.26.07

2007-06-29 Thread Florian Weimer
* Kenneth Van Wyk: 1) the original author of the defect thought that s/he was doing things correctly in using strncpy (vs. strcpy). 2) the original author had apparently been doing static source analysis using David Wheeler's Flawfinder tool, as we can tell from the comments. This is not a

Re: [SC-L] Insider threats and software

2007-08-15 Thread Florian Weimer
* Gary McGraw: My darkreading column this month is devoted to insiders, but with a twist. In this article, I argue that software components which run on untrusted clients (AJAX anyone? WoW clients?) are an interesting new flavor of insider attack. I really wish this were something new. 8-(

Re: [SC-L] Mainframe Security

2007-11-02 Thread Florian Weimer
My limited exposure to Cobol makes me think it is as unlikely to have a buffer overflow as PL/I or Ada. Usually, Ada programmers switch off bounds checking before shipping code. I don't know why Ada has such a reputation for robustness. ___ Secure

Re: [SC-L] Mainframe Security

2007-11-03 Thread Florian Weimer
At 11:45 PM +0100 11/2/07, Florian Weimer wrote: My limited exposure to Cobol makes me think it is as unlikely to have a buffer overflow as PL/I or Ada. Usually, Ada programmers switch off bounds checking before shipping code. I don't know why Ada has such a reputation for robustness

Re: [SC-L] Some Interesting Topics arising from the SANS/CWE Top 25

2009-01-14 Thread Florian Weimer
* Steven M. Christey: Yet smart people insist that it's still input validation, even when presented with the example I gave. So So what's the perspective difference that's causing the disconnect? Some technologies are designed as if to discourage proper output encoding. Most

Re: [SC-L] BSIMM: Confessions of a Software SecurityAlchemist(informIT)

2009-03-21 Thread Florian Weimer
* Steven M. Christey: Two areas that don't seem to immediately lend themselves to design/spec level solutions are (1) transitive trust and (2) interaction errors between multiple components that are all working correctly. I'd love to hear from people who've had to solve these problems in the

Re: [SC-L] has any one completed a python security code review`

2010-04-23 Thread Florian Weimer
* Matt Parsons: Has anyone completed a python security code review? I believe Google has, for their AppEngine product. What would you look for besides inputs, outputs and dangerous functions? Does it involve mobile code? That would be quite a challenge. There are also some historically