Comment Re:productize? (Score 1) 244
[This is Dan]
Heh, can you find me a cite that shows that Groovy is actually extracting the SQL grammar and reassembling it safely? If so that is awesome and I want to cite that.
[This is Dan]
Heh, can you find me a cite that shows that Groovy is actually extracting the SQL grammar and reassembling it safely? If so that is awesome and I want to cite that.
[This is Dan]
Basically, I create a wrapper class, that's really just a String inside. But when I test the types for each argument of the vararg wrapper, I can see whether the passed string is a SafeString or a bare (thus unsafe) string.
It occurs to me I didn't release this implementation; I'll get it out there.
I actually put some more demos and test kits on recursion.com, and the slides aren't bad. I really want this to get bashed on.
Because they're much harder to work with. If they weren't, we wouldn't have to beg developers to use them.
[This is Dan]
This isn't taint mode. Taint mode is single language, and in the field, is just turned off without any checking being applied. I don't know of many other efforts that really address the problem that we use strings to communicate across languages, and when we do, we lose all type safety.
There are tricks like LINQ, which allow you to basically express one language with the syntax of another, and I like them lots. (Actually, I think they don't get enough credit for their security implications!).
[This is Dan]
The idea is that we make very expensive asks of developers, who simply don't follow our advice.
The question is whether we can ask less of developers -- specifically, whether we can get out of this silly zero sum game where the harder software is to write, the more secure it is.
Interpolique is an effort in this direction.
[This is Dan]
Actually, that's how the Java version works -- you take strings, and subclass them into safe versions and unsafe versions. Then you combine, either through a vararg shell, or through sequential dot notation.
I'm not a big fan of either; I really think interpolation is the right way for a programmer to express intent, and the compiler should be smart enough to extract it.
OK, I was actually there. Not, "I heard this from a guy." I mean, I'm Dan Kaminsky, who's named in the article.
This was kind of a silly situation. One of the guys in our group hit the ball and it sort of sailed into this guy's face. It's a styrofoam ball, the maximum speed of those things is maybe ten miles an hour. It's actually slower than a Nerf ball.
Anyway, the guy who actually hit the thing was sort of an awkward nerd, and laughed about it nervously. You know in the article when the guy's like, it was just one guy? That's because it was just him. There was certainly no mob taunting.
Really, this was a bunch of nerds and burners. There was no damage going on, just general silliness and large scale commerce with institutions that were each contacted in advance and specially staffed to seat all of us. I don't think it'll happen again, and that's sort of sad. Urban golf was a lot of fun for everyone.
I think he's going to burst his eardrums, and possibly some organs.
Look. this is going to be an enormous pressure wave that will saturate his body. He pops this barrier, it's going to rattle him pretty fierce.
They really should try this with a dummy first!
They can replay it within the absolute time of the RRSIG, which can be made relatively small (needs to be long enough to handle time drift).
A web site built on flat HTML pages is more likely to be secure than a web site built on PHP. The message is the medium.
So, I'm posting as somebody who has gotten critical fixes pushed into both IE and Firefox. (Technically, Chrome and Opera too, but those were the pure crypto vulns.)
It's genuinely hard to write a secure web browser. Forget plugins -- you have a complex internal object model, subject to all sorts of very fine grained rules ("the filename on an input type=file form must not be settable from Javascript"), which can be made into a pile of moving parts under the control of an attacker. What's happened somewhat recently is a lot more people have gotten into bashing Firefox. You know those "many eyes" theories of open source, and how they're usually kind of full of it?
Well, "many eyes" are visiting it now, and Mozilla to their credit is doing a lot of very hard work to deal with the influx. Good on them.
Use the PASCO gear, with their Datastudio app. It's great, and will take all sorts of data wirelessly.
http://store.pasco.com/pascostore/showdetl.cfm?&DID=9&Product_ID=53770&Detail=1
Uh, a few machines have eight cores. Core2Duo is doing OK, but really, the heat problem is not actually going away in any way shape or form.
The brain is a wonderful organ; it starts working the moment you get up in the morning, and does not stop until you get to work.