For some products, it's just too easy to find vulnerabilities. First, find the most heavily used functionality, including the first points of entry into the product. Then, perform the most obvious attacks against the most common types of vulnerabilities. Using this crude method, even unskilled attackers can break into an insecure application within minutes. The developer likely faces a long road ahead before the product can become tolerably secure; the customer is sitting on a ticking time bomb. These Unforgivable Vulnerabilities act like canaries in a coal mine. They are beacons of a systematic disregard for secure development practices. They simply should not appear in software that has been designed, developed, and tested with security in mind.
http://whitepapers.zdnet.com/abstract.aspx?docid=1296551
Joining with the Tech
Labels
Algorithms
(7)
Antikythera Mechanism
(2)
APIs
(3)
Applications
(7)
Artificial Intelligence
(10)
Assistive Technology
(25)
AT Toolkit
(1)
Cloud Computing
(9)
Computer Books
(2)
Computer Companies
(8)
Computer Graphics
(2)
Computer Vision
(1)
Databases
(5)
Game Theory
(3)
Gender Balance
(2)
Hackers
(8)
History of Computers
(6)
Innovation
(3)
Knowledge Management
(27)
Legal Issues
(4)
Linguistics
(1)
Mathematics of Computing
(5)
Mindmapping Tools
(2)
New Science
(1)
Open Source
(7)
Programming Languages
(1)
Project Management
(4)
Robot Hand
(2)
Robotics
(5)
Search Technologies
(4)
Security
(28)
Semantic Web
(2)
Software Development
(6)
Technical Support
(1)
Timetabling
(1)
Ubiquitous Computing
(1)
Virtual Reality
(2)
Virtualization
(1)
Visualisation Tools
(5)
Web 2.0
(3)
Web News
(6)
Web Technologies
(6)
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment