Firefox security strategy (was: Firefox goodies)
Tom Buskey
tom at buskey.name
Fri Dec 30 09:04:00 EST 2005
On 12/29/05, Thomas Charron <twaffle at gmail.com> wrote:
>
> On 12/29/05, Bill McGonigle <bill at bfccomputing.com> wrote:
> >
> > catastrophic bug. Guess which one has a zero-day exploit today for the
> > same thing that was supposedly patched in the past few months?
>
>
> Oh! Oh! I Know! FIREFOX!
>
> Exploits are going to happen. They're in the nature of C and C++.
> Anytime you have data intermingled with executable code, it can and will
> happen. And untill someone redesigns compilers, and it manages to get it
> accepted by the masses, they will be around. Having the source makes it
> easier to *FIX* the obscure exploits. Over the years, I've come to the
> belief that the argument that it's more secure becouse more eyes can look at
> it is utter poo, becouse the software changes over time. People DON'T spend
> their time going to a several month audit, and find each and every exploit.
> They find the ones
>
http://www.openbsd.org
http://www.openssh.org
Just like the argument that some programmers want to drop to assembly in the
browser, there are programmers that will scoure the code looking for
exploits. Some *live* for it just like some programmers bum assembly for
speed/size.
<ob commercial> You can even hire them from a place I worked at in the past,
@Stake.
> that cause them problems in the manner that they use the software. Not
> many actually sit back and say 'Well, what happens in my URL is a
> BEEEEEELion characters long? Ok, it's fine with that many. OH SHEEEET!
> Someone used a BEEEEEEEELION and *ONE*!??!?!! Poo!' I'm not saying no one
> cares, I'm saying, software, becouse of the way
>
And there are the pen testers that do that. Are report 0 days to the
various vendors. Or keep if for their pen testing. Or keep it to
themselves for other reasons.
all of this evolved, is going to have exploits. Period. OPen source has
> the advantage that ANYONE can fix it. But saying that the exploit just
> doesnt happen becouse it's open source is just silly.
>
>
> > And then we have the Mozilla/VMWare Browser Appliance, a totally
> > tangential approach:
> > http://blog.bfccomputing.com/index.php?p=100
>
>
> Man that seems like overkill. It's a hell of alot safer then driving
> with no underwear, but the overhead of an entire virtual machine seems..
> Well, if the steel underpants weigh 50 pounds, I'm thinkin maybee it IS safe
> enough to just wear tighty whiteys and risk getting shot in the ass.. ;-)
>
And that doesn't mean it's all safe. @Stake found a vulnerability in MacOSX
that used VirtualPC to exploit it. Apple has a patch a few months later.
Having admin'd in that paranoid environment, it's much more difficult to set
up. It can be done, but you need to have the culture to make it work.
Personally, I like the security consultants that start from the risk model.
They basically look at security from a risk management or insurance point of
view. Bruce Schnier (sp?) did a nice analysis of voting machine risks. How
many votes you need to sway vs how much a campaign spent per vote received.
--
A strong conviction that something must be done is the parent of many bad
measures.
- Daniel Webster
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20051230/50ca74b7/attachment.html
More information about the gnhlug-discuss
mailing list