Poxy old computers (was RE: [extropy-chat] SPACE: Spirit Problems)

Harvey Newstrom mail at HarveyNewstrom.com
Fri Jan 30 03:55:17 UTC 2004


Adrian Tymes asks,
> Who's going to QA the beast?  Who's going to certify
> its utility for certain services it's sold to perform?

Putting on cape...  Ta da!  It's Security-Auditor-Man!

There are security methodologies for developing secure and safe code.  There
are design review procedures.  There are development procedures.  There are
beta-testing procedures.  Most of today's code is buggy because people are
too busy/lazy/cheap to spend the time/effort/money to make stuff work.

For example:
Buffer overflows were solved in the 1960s.  Nobody should be plagued by
them.  But we are.  C++ as a strcpy command that copies a buffer from one
place to another.  It should never be used.  It does not force the
programmer to make sure the source buffer is not bigger than the destination
buffer.  Instead, there is a strncpy command that forces the programmer to
get the buffer size and only copy up to the safe amount.  There are many
other examples.  These bugs should never occur again.  We can search the
code for the faulty commands.

There are testing methods.  Don't put it in production until its been
tested.  Fix the bugs before release.  Microsoft and other product
developers simply refuse to do this because it would delay production.

There are also safe environment standards.  Backup work so we don't lose it.
Deploy in a safe environment so failures don't hurt anybody.  Don't have
single points of failure.  Have redundancy.  Have monitoring.  Have
contingency plans.  Have peer review.  Require multiple steps before doing
some thing dangerous.  Always have reversible operations.  Keep logs so
everything can be reconstructed and understood.  Have predictable structures
and modes.  Have checkpoints, self-evaluation, sanity-checks, verification,
etc.  Have safety controls.

I'm not saying that it will be easy, or even necessarily possible.  But we
can do much better than we are today.  Companies today just refuse to try.

-- 
Harvey Newstrom, CISSP, CISA, CISM, IAM, IBMCP, GSEC
Certified IS Security Pro, Certified IS Auditor, Certified InfoSec Manager,
NSA Certified Assessor, IBM Certified Consultant, SANS Certified GIAC
<HarveyNewstrom.com> <Newstaff.com> 





More information about the extropy-chat mailing list