digitalmars.D - Attacking Attack Patterns
- "Manfred_Nowak" <svv1999 hotmail.com> Feb 19 2010
- retard <re tard.com.invalid> Feb 19 2010
- Walter Bright <newshound1 digitalmars.com> Feb 19 2010
- Andrei Alexandrescu <SeeWebsiteForEmail erdani.org> Feb 19 2010
- Justin Johansson <no spam.com> Feb 19 2010
- Andrei Alexandrescu <SeeWebsiteForEmail erdani.org> Feb 19 2010
- Walter Bright <newshound1 digitalmars.com> Feb 19 2010
- "Robert Jacques" <sandford jhu.edu> Feb 19 2010
http://cwe.mitre.org/top25/ shows patterns of attacs. Does someone see a way to use D design patterns to stop attack patterns? -manfred
Feb 19 2010
Fri, 19 Feb 2010 19:44:14 +0000, Manfred_Nowak wrote:http://cwe.mitre.org/top25/ shows patterns of attacs. Does someone see a way to use D design patterns to stop attack patterns?
At least I can see a lot of reasons why D is vulnerable to many of those low level attacks because of the desire to be able to control every possible bit state in the program. In fact D is even worse than Java/C# from this point of view. At least in the web environment some state of the art technologies immediately come to mind http://lambda-the- ultimate.org/node/3068
Feb 19 2010
Walter Bright <newshound1 digitalmars.com> retard wrote:Fri, 19 Feb 2010 19:44:14 +0000, Manfred_Nowak wrote:http://cwe.mitre.org/top25/ shows patterns of attacs. Does someone see a way to use D design patterns to stop attack patterns?
At least I can see a lot of reasons why D is vulnerable to many of those low level attacks because of the desire to be able to control every possible bit state in the program. In fact D is even worse than Java/C# from this point of view.
D has safe mode, which when used offers as much safety as C# or Java. Note that you can do unsafe things in C# if you so choose.At least in the web environment some state of the art technologies immediately come to mind http://lambda-the- ultimate.org/node/3068
Feb 19 2010
retard wrote:Fri, 19 Feb 2010 19:44:14 +0000, Manfred_Nowak wrote:http://cwe.mitre.org/top25/ shows patterns of attacs. Does someone see a way to use D design patterns to stop attack patterns?
At least I can see a lot of reasons why D is vulnerable to many of those low level attacks because of the desire to be able to control every possible bit state in the program. In fact D is even worse than Java/C# from this point of view.
I guess SafeD wouldn't be the slouch of the three. Andrei
Feb 19 2010
retard wrote:Fri, 19 Feb 2010 19:44:14 +0000, Manfred_Nowak wrote:http://cwe.mitre.org/top25/ shows patterns of attacs. Does someone see a way to use D design patterns to stop attack patterns?
At least I can see a lot of reasons why D is vulnerable to many of those low level attacks because of the desire to be able to control every possible bit state in the program. In fact D is even worse than Java/C# from this point of view. At least in the web environment some state of the art technologies immediately come to mind
http://lambda-the-ultimate.org/node/3068
Ur/Web sounds interesting. Have you actually tried it in anger?
Feb 19 2010
Manfred_Nowak wrote:http://cwe.mitre.org/top25/ shows patterns of attacs. Does someone see a way to use D design patterns to stop attack patterns? -manfred
Bounds checking takes care of quite a few issues, but that's a banal thing to remark. One more interesting thing that I see doable (and have seen done in e.g. Perl) is the tainted attribute, which marks an untrusted string. That could help with [2], [6], [7], [9], [20]. Andrei
Feb 19 2010
Andrei Alexandrescu wrote:One more interesting thing that I see doable (and have seen done in e.g. Perl) is the tainted attribute, which marks an untrusted string. That could help with [2], [6], [7], [9], [20].
I agree that engaging the type system's help to track untrusted data through the code can be very helpful.
Feb 19 2010
On Fri, 19 Feb 2010 14:44:14 -0500, Manfred_Nowak <svv1999 hotmail.com> wrote:http://cwe.mitre.org/top25/ shows patterns of attacs. Does someone see a way to use D design patterns to stop attack patterns? -manfred
I really don't like this list because its a list of unsecure coding patterns and not dangerous one. The only one of them has ever killed anyone (race conditions, #25), the rest just lead to identity theft. I'd also put "poorly written error messages", "integer overflows" and "corrupting datafiles" up there as things that have killed people. Anyways, in response to your question D's concurrency strategy should make it (relatively) difficult to cause races. And most of the attack patterns are at a higher level than raw code.
Feb 19 2010
Robert Jacques wrote:On Fri, 19 Feb 2010 14:44:14 -0500, Manfred_Nowak <svv1999 hotmail.com> wrote:http://cwe.mitre.org/top25/ shows patterns of attacs. Does someone see a way to use D design patterns to stop attack patterns? -manfred
I really don't like this list because its a list of unsecure coding patterns and not dangerous one. The only one of them has ever killed anyone (race conditions, #25), the rest just lead to identity theft. I'd also put "poorly written error messages", "integer overflows" and "corrupting datafiles" up there as things that have killed people. Anyways, in response to your question D's concurrency strategy should make it (relatively) difficult to cause races. And most of the attack patterns are at a higher level than raw code.
As far as I can tell low-level races are impossible in SafeD. Andrei
Feb 19 2010
Robert Jacques wrote:On Fri, 19 Feb 2010 14:44:14 -0500, Manfred_Nowak <svv1999 hotmail.com> wrote:http://cwe.mitre.org/top25/ shows patterns of attacs. Does someone see a way to use D design patterns to stop attack patterns? -manfred
I really don't like this list because its a list of unsecure coding patterns and not dangerous one. The only one of them has ever killed anyone (race conditions, #25), the rest just lead to identity theft. I'd also put "poorly written error messages", "integer overflows" and "corrupting datafiles" up there as things that have killed people. Anyways, in response to your question D's concurrency strategy should make it (relatively) difficult to cause races. And most of the attack patterns are at a higher level than raw code.
Oh hey... null pointer dereference is not on the list :o). Andrei
Feb 19 2010