Protecting applications from exploitation by failing secure

Do you think there is a right way to crash?┬á A system crash sounds like a bad thing all around but there are safe ways for a system to crash and dangerous ways.┬á Systems can crash in a way that allows attackers to exploit the data on them or to install back doors gaining control over the system.┬á In a term called ÔÇ£Fail SecureÔÇØ, systems are designed in such a way that they fail and then start up without introducing new security vulnerabilities for attackers to exploit.

LetÔÇÖs look at three areas where systems should fail secure; communication channels, access control systems and default configurations.┬á In communication channels, use public key cryptography for communication initialization.┬á In this way, when new sessions are created, key material will not be exchanged in plain text for an attacker to read.┬á Likewise, access control systems should deny requests when they fail.┬á How many times in movies have you seen a person bash a keypad to gain entry to a system.┬á Attackers perform something similar such as disconnecting the power from a device to gain entry.┬á These devices should be configured so that they stay locked even when they fail.┬á Avoid default configurations on systems and disable the ability for a system to roll back to a default state.┬á Some devices have a button or a menu item that will allow you to reset to factory defaults but this can create a security hole in your network since many devices have their default configurations well documented.

Leave a Reply

Your email address will not be published. Required fields are marked *