On Dec 1, 2004, at 12:27 PM, Richard Gaskin wrote:
Bj�rnke von Gierke wrote: > On Dec 01 2004, at 11:02, sims wrote: >> I'm curious about what security concerns that a chat (or sockets in >> general) might open up for the user and what (if any) precautions >> need to be taken.
Intercepted messages, forged messages, corrupted messages, ...
> > This of course varies with the implementation, but talking about > chatrev, I can assure you that there is no security risk whatsoever > for the client. This is mainly due to the fact that the client never > opens a port.
Not true. First of all, clients open a port in order to connect to the port on the server. Both ends of a socket connection use a port. The one at the server end accepts connections from other ports, while the one at the client end serves as a means by which to manage a connection to the server's port.
Also, there is always a security risk in everything done in any way with anything, and security is more than just preventing root access to a UNIX box and preventing transmission of unexpected data. Your chat client does not control the protocol drivers in the operating system. Opening the client port may introduce vulnerabilities in the form of bugs in the underlying TCP/IP suite used by the operating system -- even though your code might be perfect, this could still create security risks to the client machine.
Additionally, depending on your chat client's protocol, there is the possibility that messages could be forged or intercepted. SSL or other encryption packages can help to reduce, but not eliminate that risk.
How does it create a socket connection without opening a port?
> However this is about to change, as we are incorporating file > transfer (Which needs a accept connection at one end). Still, > the opened port is occupied by rev and closed swiftly after > finishing transfer, and because of that you won't get any > malicious attempt trough.
Not guaranteed. If someone between the two systems on the connection intercepts the request to transfer a file, he could beat the other system to opening the connection to that port and send malicious or invalid data to it. So instead of the screen saver user X expected, that EXE file installs a virus or some kind of spyware...
When one computer requests a file from another, the one granting the file transfer might have its attempt to send intercepted by someone in between, and the one intercepting the attempt could receive a copy of some sensitive document...
I'm no security expert, and this may be just a case of my own ignorance getting the best of me, but for my own wares I would be very careful about offering such broad assurances for anything involving network software. Maybe "unlikely to" is more accurate than "won't".
Anytime one computer talks to another there are at least two risks:
- One of the computers may be in the hands of someone with malicious intent
- While in transit the data may be intercepted by a malicious third party
The beauty of TCP is that it's a ubiquitous standard that's been around for a long, long time, so everyone uses it and all tools can be interoperable with it.
The downside of its ubiquity and maturity is that there are people out who devote a sad majority of their lives to mastering TCP specifically to destroy other people's constructive activity. Most of those misanthropes are far smarter than me, and have a deeper knowledge of TCP and its implementations across operating systems than I'll ever have.
I believe that absolute security is not achievable, and that the best we can aim for is to slow down exploits. That's no so bad, and is good enough for businesses and even governments to go about their business more productively than without software.
But I would be wary of giving people the impression that a software provides absolute security. Instead, communicating what it does to protect itself may be all that's needed for the user to make their own risk assessment.
True. Security is relative to the task at hand, and to the perceived desirability of breaking that security. This is definitely a moving target.
-- Richard Gaskin Fourth World Media Corporation ___________________________________________________________ [EMAIL PROTECTED] http://www.FourthWorld.com
_______________________________________________ use-revolution mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/use-revolution
----------------------------------------------------------- Frank D. Engel, Jr. <[EMAIL PROTECTED]>
$ ln -s /usr/share/kjvbible /usr/manual
$ true | cat /usr/manual | grep "John 3:16"
John 3:16 For God so loved the world, that he gave his only begotten Son, that whosoever believeth in him should not perish, but have everlasting life.
$
___________________________________________________________ $0 Web Hosting with up to 120MB web space, 1000 MB Transfer 10 Personalized POP and Web E-mail Accounts, and much more. Signup at www.doteasy.com
_______________________________________________ use-revolution mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/use-revolution
