[squeak-dev] Re: smalltalk and Web stuff

Klaus D. Witzel klaus.witzel at cobss.com
Sun Nov 23 15:20:49 UTC 2008 

On Sun, 23 Nov 2008 15:45:31 +0100, Janko Mivšek wrote:

> Klaus D. Witzel wrote:
>
>>> Surely I'm not the only one who like to hear more concretely about  
>>> those vulnerabilities
>>  You mean by listing things like "hacker can smuggle in code" you  
>> arrive at the whole list of possible vulnerabilities? If so, why are so  
>> many new attack forms and their variants still appearing.
>>  There's only one law related to attacks, and it is an instantiation of  
>> Murphy's law.
>>
>>> and how you can exploit them through the web.
>>  That's never going to be stopped, that is for sure. And it makes more  
>> fun to get rid of running services as root than being thrown out by a  
>> customer.
>>  I do not want to see a headline like "Smalltalk system responsible for  
>> vulnerabilities", and how about you?
>
> Too big care is as bad as too little care here. Your door in your house  
> is also locked with a lock which a determined "hacker" can break-in in  
> seconds (believe me, I saw that with my own eyes). But you don't care  
> much, because probability for this to happen is so low that it is not  
> worth additional security measures. Home door is a good metaphor for  
> "just appropriate" computer security as well.

This only tells me that you do not really consider the many perspectives  
when you define "secure". The easiest attacks (preparations unnoticed by  
Janko) are made from within the house, and it's *you* who is keen to bring  
them in.

Example: someone puts #evaluate: into Integer>>#readfrom: and you upgrade  
the web framework to the next release which now has the troyan behind the  
wall. Abandon all hope once you enter that house.

More elaborate example: someone does no change like in the previous  
example but studies realeases and finds wholes in the code as is.

> Don't exaggerate with security,

Running services as root is not related to exaggeration, it's a mistake.

> but also don't neglect it, this is my moto and so far it worked. For 12  
> years already.

I'm doing secure systems since 1973 but wouldn't say that my expertise is  
better than that of 12 years. Murphy's doesn't count the years :(

> Smalltalk systems are inherently more secure by design, but ok, everyone  
> can always run behind Apache as non-root if he wish.

Okay, that's fair, so you had the last word :)

> Janko
>


-- 
"If at first, the idea is not absurd, then there is no hope for it".  
Albert Einstein

More information about the Squeak-dev mailing list