So I found an old presentation I did on “Active Content” security, back in 1997, and reading it I found that it’d be almost entirely reusable as an Ajax security overview; this inspired me…
Muffett on Web2.0 Security – Video
Comments
5 responses to “Muffett on Web2.0 Security – Video”
-
re: Muffett on Web2.0 Security – Video
I’m still composing a major follow-up to the “Web 2.0 security” thoughts I blogges a while ago – it’s being a tough one to pull together. However, a couple of thoughts:
In something like a blog posting or a web page, a dead link is a dead link. If the page / posting has standalone content which is worthwhile in and of itself, you forgive the dead link. Fine.
If you have a dependency on a dead or modified (effectively the same thing, without resynch of API or whatever) service in a mashup, the problem is likely to be considerably larger. You might be trying to fly over a landscape which is no longer there, or you might be trying to overlay information gleaned from a search engine which no longer talks to you. Result: the mashup ceases to be of value, because even what it does, doesn’t work without the dependency being fulfilled.
“Web 2.0” (for some interpretations thereof) exposes such issues in a distributed Layer 7 world, to ordinary mortals who aren’t necessarily used to working in such.
So, while I agree with you that “the issues are no different”, the impact of the consequences of those issues is more readily made greater. The new way of doing things makes the new tools more brittle. Also, whereas it used to be the case that both the application and the data it depended on were under the control of the same organisation, the new way of working changes that, too. Not for nothing was my prediction of elXML posted as “a jest in sober earnest” ;-).
-
re: Muffett on Web2.0 Security – Video
I’ve just looked at your video (mostly so as to test the sound and video on my desktop machine which I’ve just upgraded to Mandriva 2007 Spring.)
I agree that the same old candidated for security problems are the problems for client-side active web content. (I do hate the term Web 2.0)
As for the challenges, I think the biggest is not so much for the corporate central systems directly, it’s more the fall out from lax security on the users’ client devices which will cause a number of them to become vectors for external attacks. Some of these devices may be controlled using software policy by the companies but others are out of control, especially when you’re talking about smart phones etc. where the vendor and/or mobile company have control over the firmware.
As for the case of “Confused of Calcutta” I agree with your analysis, mostly. My only gripe would be to do with your solution to the problem. I would have suggested disabling the use of USB storage device drivers on the stock market floor machines, or, as done in some institutions, filling the USB ports with epoxy resin.
-
re: Muffett on Web2.0 Security – Video
>I would have suggested disabling the use of USB storage device drivers on the stock market floor machines, or, as done in some institutions, filling the USB ports with epoxy resin.
I know places that do that, mostly in spookland or in public access areas; but where you are paying people five or six-figure salaries to make money for you, it makes sense to me that you can trust them a bit in permitting them to work more effectively…
-
re: Muffett on Web2.0 Security – Video
True, but that’s totally a people problem rather than any sort of technological one. The problem is that with the amounts of money to be made by illicitly distributing the information it can be too tempting for a person with money problems. If you add to this the selfish streak that traders seem to have it’s a disaster waiting to happen. Hence, the measures similar to spookland, to get rid of the temptation.
-
re: Muffett on Web2.0 Security – Video
Also, while stuff funnelled through an SMTP relay is only on the relay transiently (unless the relay is logging everything it forwards, and even then, those logs are usually fairly well-controlled in terms of who is able to access them), what goes onto Flickr / YouTube / etc is there, forever, visible to anyone who passes the ACLs, until someone with appropriate authorisation makes the decision to take it down. Add “worse consequences” (potentially) to “greater brittleness”…
Leave a Reply