I may be stating the obvious but I see Murphy’s law as the guiding principle for security and privacy design: “Anything that can go wrong will go wrong.”
Doing manual memory management? Someone will inevitably introduce a use-after-free vulnerability.
User input has to be escaped everywhere? Sorry but you will have XSS vulnerabilities because someone forgot escaping and the reviewer missed it.
Storing users’ location data? Too bad, some attackers will get their hands on it and abuse the hell out of it.
More checks and balances will only get us so far. Patching to stay ahead of the attackers will only get us so far. What really helps is eliminating the potential for mistakes.
Memory-safe languages don’t require every contributor to be an expert in order to avoid memory errors. There are frameworks which will perform any required escaping actions automatically, or even avoid the need for these completely. And you can always reconsider collecting data that you can do without, or you can at least choose not to keep it. You cannot leak data that you don’t have.
As developers, we are sometimes trapped in the mentality that us being experts we won’t make a mistake. But even if everyone on a project were an absolute expert, all people have their bad days. Systems should not be designed with the expectation of people who won’t mess up.
Yellow Flag /
npub190…f5wdd
2024-01-17 22:59:32
Author Public Key
npub190z95jsfjmjuzvdrq2t27ucldpvvsvh46tcxl9elexhy9mp2qeps6f5wddPublished at
2024-01-17 22:59:32Event JSON
{
"id": "3923d12f1320b0273275a11a95abfb070f5c852541f8c1c10f1fc73c3b81f00a",
"pubkey": "2bc45a4a0996e5c131a30296af731f6858c832f5d2f06f973fc9ae42ec2a0643",
"created_at": 1705528772,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/WPalant/statuses/111773533654895124",
"activitypub"
]
],
"content": "I may be stating the obvious but I see Murphy’s law as the guiding principle for security and privacy design: “Anything that can go wrong will go wrong.”\n\nDoing manual memory management? Someone will inevitably introduce a use-after-free vulnerability.\n\nUser input has to be escaped everywhere? Sorry but you will have XSS vulnerabilities because someone forgot escaping and the reviewer missed it.\n\nStoring users’ location data? Too bad, some attackers will get their hands on it and abuse the hell out of it.\n\nMore checks and balances will only get us so far. Patching to stay ahead of the attackers will only get us so far. What really helps is eliminating the potential for mistakes.\n\nMemory-safe languages don’t require every contributor to be an expert in order to avoid memory errors. There are frameworks which will perform any required escaping actions automatically, or even avoid the need for these completely. And you can always reconsider collecting data that you can do without, or you can at least choose not to keep it. You cannot leak data that you don’t have.\n\nAs developers, we are sometimes trapped in the mentality that us being experts we won’t make a mistake. But even if everyone on a project were an absolute expert, all people have their bad days. Systems should not be designed with the expectation of people who won’t mess up.",
"sig": "2ef99d94cf700d1fd95bde24ffe0698955ff8aec6113eccbbcefbc8dda7891dfbdc0ed6c01d1842b3cf16b92455880f4860c278138926ea1d4298e6e32257fa7"
}