Comments on: Take that, Security! http://www.piepalace.ca/blog/2009/11/that.html Sun, 13 Nov 2011 15:27:40 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: Erigami Scholey-Fuller http://www.piepalace.ca/blog/2009/11/that.html/comment-page-1#comment-79334 Erigami Scholey-Fuller Sun, 15 Nov 2009 20:39:25 +0000 http://www.piepalace.ca/blog/?p=1139#comment-79334 It sounds like your security model for your car is "nobody is going to try and steal my car." I'm running a popular *nix distribution (oxymoron, I know), and I expect that my web browser or other network client will eventually be subverted by an attacker <i>in an automated manner</i>. In order for someone to steal your car, they have to find your house, go there, and do whatever is necessary to get into it and then get away. Then they have to convert it into something they want. All of those actions are physically risky. In order for someone to steal account info for Wesabe (ie, bank credentials) or my program, they have to subvert a popular server and use that, in turn, to subvert every client of that server. Then they have to get valuable information from the victims to a place where they can use it. The effort is greater, the risk is lower, but the payoff is much higher (assuming the attacker can convert account credentials into money in their account easily). I agree that the ideally secure software is inaccessible, secure, and of no value. The problem is that my program (and Wesabe) is accessible, insecure, and of some value. It sounds like your security model for your car is “nobody is going to try and steal my car.” I’m running a popular *nix distribution (oxymoron, I know), and I expect that my web browser or other network client will eventually be subverted by an attacker in an automated manner.

In order for someone to steal your car, they have to find your house, go there, and do whatever is necessary to get into it and then get away. Then they have to convert it into something they want. All of those actions are physically risky.

In order for someone to steal account info for Wesabe (ie, bank credentials) or my program, they have to subvert a popular server and use that, in turn, to subvert every client of that server. Then they have to get valuable information from the victims to a place where they can use it. The effort is greater, the risk is lower, but the payoff is much higher (assuming the attacker can convert account credentials into money in their account easily).

I agree that the ideally secure software is inaccessible, secure, and of no value. The problem is that my program (and Wesabe) is accessible, insecure, and of some value.

]]> By: MG http://www.piepalace.ca/blog/2009/11/that.html/comment-page-1#comment-79290 MG Thu, 12 Nov 2009 04:57:33 +0000 http://www.piepalace.ca/blog/?p=1139#comment-79290 Being secure is not the same as being an unlikely target... My keys are in my car in my drive way. It's not secure, but no one walks by my place looking for cars to steal so it's not likely to get stolen. The real question is not weather the software is more secure but which is more likely to be successfully attacked. ideally you would have the better software on the out of the way server. And if some can get to you files to get your credentials it's not that big a leap to install keylogger software and grab your Wesabe password. Being secure is not the same as being an unlikely target… My keys are in my car in my drive way. It’s not secure, but no one walks by my place looking for cars to steal so it’s not likely to get stolen.

The real question is not weather the software is more secure but which is more likely to be successfully attacked. ideally you would have the better software on the out of the way server.

And if some can get to you files to get your credentials it’s not that big a leap to install keylogger software and grab your Wesabe password.

]]> By: Erigami Scholey-Fuller http://www.piepalace.ca/blog/2009/11/that.html/comment-page-1#comment-79286 Erigami Scholey-Fuller Thu, 12 Nov 2009 02:51:41 +0000 http://www.piepalace.ca/blog/?p=1139#comment-79286 Being secure isn't about saying "meh, it probably won't happen." It's about building a system that is resilient to attacks within certain parameters. But yeah, one lone weenie code-wanking in his basement is probably pretty safe. Being secure isn’t about saying “meh, it probably won’t happen.” It’s about building a system that is resilient to attacks within certain parameters.

But yeah, one lone weenie code-wanking in his basement is probably pretty safe.

]]> By: MG http://www.piepalace.ca/blog/2009/11/that.html/comment-page-1#comment-79271 MG Wed, 11 Nov 2009 03:42:28 +0000 http://www.piepalace.ca/blog/?p=1139#comment-79271 Not really familiar with Wesabe, but doesn't present a more enticing target? Assuming your software doesn't become widely used, then it's not likely that someone is going to target your software. Unless it's a personal attack.. And it's not likely you could stop someone if they were really determine. An attack on Wesabe get's me your credentials and that of a bunch of other people. Not really familiar with Wesabe, but doesn’t present a more enticing target? Assuming your software doesn’t become widely used, then it’s not likely that someone is going to target your software. Unless it’s a personal attack.. And it’s not likely you could stop someone if they were really determine.

An attack on Wesabe get’s me your credentials and that of a bunch of other people.

]]>