 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
Robert L Krawitz wrote: > The point is that code reviews by other people who can read code but > who don't understand the problem domain *in detail* aren't helpful. > Knowing what the code does isn't useful if you don't understand what > the entire system has to do. You are preaching to the choir. I am a big Agile guy. That's not the way things work in my current company, though, and that's not going to change. > Not understanding security code is a BIG no-no, and IMNSHO should be > a firable offense. If you don't understand, you should ask someone > or find someone who does. Granted, I've been in the software security > industry since before such an industry existed (I've been in Security > since 1990), so I'm perhaps a little biased. I've been paid upwards of > $400/hr to fix these kinds of problems after companies have lost real > money due to poor use of cryptography. I am walking a fine line here because I would rather not talk ill of my company or my co-worker. I am also in a different group than he is, but I plan on bringing this up with the appropriate people. There are several problems here that I hope to address; the code is just a small part of it. > It's one of those specialties that really demands an expert who > understands security in the entire depth. A strong encryption > algorithm used improperly may be hardly better than nothing at all; > ECB when you need to encrypt more data than the length of a code > symbol is basically a glorified ROT13 (a simple substitution cypher). > I say this as one who is an experienced software engineer, but not a > security expert -- I would certainly not trust myself with security > code. I've done some limited, low-risk crypto work. I've implemented weak(ish) crypto in non-critical applications (eg: the crypto is more like a way of generating a hash than keeping something secret), but even then I outlined the flaws so anyone else reading the code knew them. This talk of absolutes and black and white is reminiscent of the MySQL discussion that is thankfully winding down. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
