Slashdot Mirror
Ask Slashdot: How Are So Many Security Vulnerabilities Possible?
dryriver writes: It seems like not a day goes by on Slashdot and elsewhere on the intertubes that you don't read a story headline reading "Company_Name Product_Name Has Critical Vulnerability That Allows Hackers To Description_Of_Bad_Things_Vulnerability_Allows_To_Happen." A lot of it is big brand products as well. How, in the 21st century, is this possible, and with such frequency? Is software running on electronic hardware invariably open to hacking if someone just tries long and hard enough? Or are the product manufacturers simply careless or cutting corners in their product designs? If you create something that communicates with other things electronically, is there no way at all to ensure that the device is practically unhackable?
Yes, the big issue here is that it's common knowledge consumers by and large refuse to be bothered to get educated and the bulk of the major software development companies out there aren't don't have leadership ethical enough to be able to resist taking maximum possible advantage of their naivety. Unfortunately this knowledge gap is also being turned against our own government even as our own government participates in using the very same knowledge gap on the general population. It's a huge ugly mess, really, and it says a lot about the spiritual deficiencies of humans as a whole, and I still completely in all seriousness blame Microsoft for starting it.
How Are So Many Security Vulnerabilities Possible?
Do you life in a house or apartment? Go around and look very closely at every aspect of the structure. As you go, make note every flaw you find, however tiny, but paying special attention to things that could be avenues for entering the dwelling from the outside even if everything is locked up. Now imagine 1,000,000 people all working constantly to find ways through those vulnerabilities without you realizing that is going on. Now imagine everybody in your city has an identical dwelling so that when one avenue is compromised, they all are.
That is how.
Or are the product manufacturers simply careless or cutting corners in their product designs?
This is 90% of the problem.
This, so much this. Companies still view security as something that costs too much money to implement properly. It's cheaper to deal with the financial loss of a hack, than it is to have decent security policies implemented with properly trained personnel who's responsible for patching security vulnerabilities and testing the network constantly. Security's a constantly changing state of being, but this last statement shouldn't really be news for the crowd who's drawn to reading ./
How is it 'trolling'? Rust has guaranteed memory safety, which does in fact eliminate the possibility of whole families of security flaws. It also has threads without data races, which eliminates yet more families of security flaws. Rust has been designed to prevent segfaults. It has been designed to avoid the problems with C and C++ that allow for security flaws to be introduced into code.
There's no reason for you to hate Rust. If you feel it's threatening your job as a C programmer, well, it is. You should start learning Rust now because it's a language you'll be using in the near future.
Companies do not care about security, because they see no value in it. They rush their own developers to release software, and never ask them to focus on security.
Developers do not care about security. They never face the consequence of their negligence on it
Consumers do not care about security. They shop for the cheaper or the most hyped product, not for the one that was correctly engineered. How could they know it really was, anyway?
Engineering software typically involves confirming that everything that is supposed to happen, happens. Making software secure involves testing that everything that shouldn't happen, doesn't.
Testing for *every* possible failure case is hard.
09F91102 no, 455FE104 nope, F190A1E8 uh-uh, 7A5F8A09 that's not it, C87294CE no. Ah! 452F6E403CDF10714E41DFAA257D313F.
Security is not free. It is neither free in that it requires lots of man hours of time to develop & code, and that security has no impact on the user experience.
You can do end to end encryption of all traffic, encrypt at all states, require multi-factor auth, require physical devices, require secure portal software. But all of these have operational costs as well. But in the cost of compute and in the usability of the software.
If you had to access gmail through a specific secure application, with 3+ factor authentication, and it was really really slow, would you use it?
There is no system of professional licensing, etc for so-call "software engineering" like there is for say, civil engineering.
When shit goes wrong no one is responsible.
We need to treat our digital infrastructure just like our physical infrastructure. For critical projects, someone should be signing that the code has been written and reviewed using industry-standard techniques, just like there are industry-standard techniques for designing a bridge or calculating the margin of safety on an AMSE pressure vessel.
It's time for large sections of the software industry to grow up from the do-whatever-we-want era of the 70s and take responsibility for being a critical part of peoples lives, just like civil and mechanical engineers did 100s of years ago.
Microsoft as an OS vendor (I know I'll get attacks from various ACs that think any criticism of MS is unfair
If you take a minute to look at the bulk of major incidents in the last year, it's mostly poorly configured Mongodb and S3 buckets. No SQL Server, MS Exchange or IIS in the list. There's the occasional ransomware but given the market share of Microsoft products, it's not bad at all.
lucm, indeed.
It does mitigate certain families of security flaws. However most C programmers have had it beat into their head to generally do the right thing, so these are more rare than they used to be, though still real enough to value the language removing the and implementations like rust deserve credit for taking measures that help here..
However it simply cannot magically fix most modern vulnerabilities that get announced, as they are generally oversights in logic flows. So it's a bit worrisome to see people seeming to put a bit *too* much faith in language to provide 'automagic' security, when the design is more often the vulnerability rather than bungling pointers/mallocs/bounds.
XML is like violence. If it doesn't solve the problem, use more.
LOL at the guy that thinks most security problems are technical problems instead of the result of perverse risk prioritization in response to market demands.
There are no panaceas in programming languages, but working with a framework that is carefully well-designed sure does cut down on human error down the road, even in the hands of a skilled programmer.
Ada is de facto for onboard systems in airplanes for a reason. Language constructs for design-by-contract matter when it's important, and we're learning from the masses of botnets and hackery that there's a lot that matters, not just hospital systems and jet planes.
Rust is in fact building important features into the core that C++ is just trying to bolt on. We need less error-prone, more validated and tested code, and the frameworks to support that. We're designing systems that society relies on, and it's irresponsible to society to assume that every programmer is a rock star 100% of the time.