Forgot your password?

Comment: API consistency; negative tests (Score 2) 37

by tepples (#47786881) Attached to: IEEE Guides Software Architects Toward Secure Design

Of course, when the end product is as infinitely malleable as software

Software isn't "infinitely malleable" when it exposes interfaces to anything else. This could be APIs to other software or user interfaces. You have to build on the old interface compatibly, and when you do make a clean break, you need to keep supporting the old interface until others have had a reasonable time to migrate.

The human interface needs a design in order to mesh with the humans in an elegant and consistent fashion, but the code? No. The only purpose of code design is to make the code readable and maintainable, and those are attributes you achieve through test driven development and continual refactoring.

APIs need at least as much consistency as UIs. In fact, I'd argue that APIs need even more consistency because human users are slightly better at adapting to a UI through reflection, that is, figuring out a UI by inspection.

The engineering the IEEE is trying to achieve is accomplished by test-first development

Then take this guide as something to consider when determining when you have enough negative tests, or tests that are expected to succeed by failing.

continual automated testing

If you're using a CAPTCHA as part of a process to authenticate a user, how do you perform automated testing on that?

Comment: An excuse for walled gardens and OnLive (Score 1) 37

by tepples (#47786759) Attached to: IEEE Guides Software Architects Toward Secure Design
I read the featured article, and I see ways that publishers could misuse some of the recommendations as excuses for profit-grabbing practices that plenty of Slashdot users would detest.

For example, some organizations will claim a real business need to store intellectual property or other sensitive material on the client. The first consideration is to confirm that sensitive material really does need to be stored on the client.

Video game publishers might take this as an excuse to shift to OnLive-style remote video gaming, where the game runs entirely on the server, and the client just sends keypresses and mouse movements and receives video and audio.

watermark IP

I'm not sure how binary code and assets for a proprietary computer program could be watermarked without needing to separately digitally sign each copy.

Authentication via a cookie stored on a browser client may be sufficient for some resources; stronger forms of authentication (e.g., a two-factor method) should be used for more sensitive functions, such as resetting a password.

For small web sites that don't store financial or health information, I don't see how this can be made affordable. Two-factor typically incurs a cost to ship the client device to clients. Even if you as a developer can assume that the end user already has a mobile phone and pays for service, there's still a cost for you to send text messages and a cost for your users to receive them, especially in the United States market where not all plans include unlimited incoming texts.

a system that has an authentication mechanism, but allows a user to access the service by navigating directly to an “obscure” URL (such as a URL that is not directly linked to in a user interface, or that is simply otherwise “unknown” because a developer has not widely published it) within the service without also requiring an authentication credential, is vulnerable to authentication bypass.

How is disclosure of such a URL any different from disclosure of a password? One could achieve the same objective by changing the URL periodically.

For example, memory access permissions can be used to mark memory that contains only data as non-executable and to mark memory where code is stored as executable, but immutable, at runtime.

This is W^X. But to what extent is it advisable to take this principle as far as iOS takes it, where an application can never flip a page from writable to executable? This policy blocks applications from implementing any sort of JIT compilation, which can limit the runtime performance of a domain-specific language.

Key management mistakes are common, and include hard-coding keys into software (often observed in embedded devices and application software)

What's the practical alternative to hard-coding a key without needing to separately digitally sign each copy of a program?

Default configurations that are “open” (that is, default configurations that allow access to the system or data while the system is being configured or on the first run) assume that the first user is sophisticated enough to understand that other protections must be in place while the system is configured. Assumptions about the sophistication or security knowledge of users are bound to be incorrect some percentage of the time.

If the owner of a machine isn't sophisticated enough to administer it, who is? The owner of a computing platform might use this as an excuse to implement a walled garden.

On the other hand, it might be preferable not to give the user a choice at all; or example if a default secure choice does not have any material disadvantage over any other; if the choice is in a domain that the user is unlikely to be able to reason about;

A "material disadvantage" from the point of view of a platform's publisher may differ from that from the point of view of the platform's users. Another potential walled garden excuse.

Designers must also consider the implications of user fatigue (for example, the implications of having a user click “OK” every time an application needs a specific permission) and try to design a system that avoids user fatigue while also providing the desired level of security and privacy to the user.

Google tried this with Android by listing all of an application's permissions up front at application installation time. The result was that some end users ended up with no acceptable applications because all applications in a class requested unacceptable permissions.

A more complex example of these inherent tensions would be the need to make security simple enough for typical users while also giving sophisticated or administrative users the control that they require.

That or an application or platform publisher might just punt on serving sophisticated users.

Validate the provenance and integrity of the external component by means of cryptographically trusted hashes and signatures, code signing artifacts, and verification of the downloaded source.

This too could be misinterpreted as a walled garden excuse when a platform owner treats applications as "external components" in this manner.

Comment: Difference between publisher and vanity press (Score 1) 79

by tepples (#47786343) Attached to: Japanese Publishers Lash Out At Amazon's Policies

An agile publishing start up company can do everything the old dinosaurs do thanks to digital publishing.

Including promotion? Even if its illustrators and editors work on an hourly or fee for service basis, how would a startup publisher establish a reputation of sorting worthwhile books from not-so-worthwhile ones? Otherwise, it could be seen as more of what some people might call a "vanity press".

Comment: Editorial control of the monopoly market (Score 1) 79

by tepples (#47786287) Attached to: Japanese Publishers Lash Out At Amazon's Policies

Every marketer and customer gets some easy benefit from a single marketplace

Until the single marketplace uses its market power to exclude sellers entirely from a market. This has allegedly happened in the markets for iOS apps and console games. What editorial power does Amazon exercise over its Kindle store, other than to remove obvious copyright infringements and erotica? Is the "preference to publishers with larger ebook catalogs" a way of dealing with the likes of VDM and 30 Percent Fewer Shades of Grey?

Comment: Amazon has until September 2017 (Score 1) 79

by tepples (#47786211) Attached to: Japanese Publishers Lash Out At Amazon's Policies

There is NO barrier to entry so the protectionist rackets will have to come down. The end of their era is over

Or at least it will be in three years and change. That's how much longer the 1-Click patent family (U.S. Patent 5,960,411 and foreign counterparts) has left, based on the priority date of 1997-09-12 and the common worldwide patent term of twenty years.

Comment: Not a lot of phones (Score 1) 79

by tepples (#47786159) Attached to: Japanese Publishers Lash Out At Amazon's Policies

to read my Amazon Kindle book all I had to do was download the free Kindle reading app on any one of my Android phone, Android tablet, Apple phone, Apple tablet, Windows Phone, Windows 8 device, Apple computer, Windows 7 computer, Blackberry or a web browser for the web reader.

True of books but not video. The only phones that stream Amazon video are the iPhone and Fire Phone. And because the Fire Phone is exclusive to AT&T, that's reduced to one if you happen to live outside AT&T's 4G coverage.

Comment: Sourcing a CRT SDTV (Score 1) 163

[Emulation problems] may all have solutions, but none are as simple or practical as plugging the actual hardware into a CRT SDTV that just works and looks great.

Sourcing a CRT SDTV with A/V inputs in good condition and making a place for it in your home might not necessarily be practical. Many CRT SDTVs that I see at garage sales and charity shops have only an RF input, introducing noise and requiring an RF modulator at additional cost for fifth-generation and later consoles.

Comment: Re:They're not gamers. (Score 1) 275

by tepples (#47779659) Attached to: Among Gamers, Adult Women Vastly Outnumber Teenage Boys

Will I need to buy a car to get a job?

To get one? Probably not

I understand that the first interview is conducted over the phone or Skype (I have both) and the second in person. Do candidates commonly ride Greyhound to and from this second interview? Or should candidates expect to endure the sexual overtones of U.S. airport security theater such as Rapiscan and enhanced patdowns?

Admittedly in some big cities you wouldn't need one as much, but locations vary

Currently I use a bicycle in a (probably different) midwestern town to commute to and from the office where I work as a web application programmer.

Think of your family tonight. Try to crawl home after the computer crashes.