Closed vs Stealthed Ports 
One of the things that I love about computers is you can always try things and see what happens. This ability to experiment can be rather handy as a BS filter and so I thought I would try a little experiment for the closed vs stealthed port debate which can be found here Place your bets - Closed vs Stealthed.

The results are simply that closed ports are not of interest to hackers or worms, as they can't break into either. While I always recommend the use of a firewall which typically results in stealthed ports, closed ports as just as secure with the exception that they could be used in a DOS attack on someone else (read the thread as I don't believe that reflection attacks are very common anymore give the huge bot armies which are available).


[ view entry ] ( 911 views )   |  permalink  |  $star_image$star_image$star_image$star_image$star_image ( 3 / 1530 )
Get ready for Vista and Office 2007 - December 12th Calgary 
I am planning to be at the The 2007 Microsoft Launch Event in Calgary on December 12, 2006. If Vista isn't on your radar screen it should be, so start learning about it now.


[ view entry ] ( 972 views )   |  permalink  |  $star_image$star_image$star_image$star_image$star_image ( 3 / 1721 )
Security issues will always exist 
At a recent tech show I was asked a question as to what I think the future trends will be in security. I think that security will always be an issue for a number of different reasons. First one of the key features of computers is also one of their downfalls when it comes to preventing malware from running on a computer. Computers are flexible and are meant to run programs, and on top of that programs one person runs are likely very different from the programs another person runs, so the idea of determining what good software is pretty well impossible. While digital certificates and signing code add to the level of user confidence in a program there is no way to programmatically determine that software is not malware. For example typically how anti-malware detection software works is to look for some known code signature within the program, which while effective means the malware author has period of time before the malware is discovered, analyzed and signatures generated and distributed, and often this period of time is sufficient for the malware to generate favorable results from the malware authors perspective. So what Iím driving at is malware will never totally disappear, sorry to say.

Now if we look at trends within attack vectors we see that some vendors have made great strides in securing their software. For example Microsoft has done a very good job at securing their operating systems, in that we have not see a purely technical attack in a very long time (Sasser I believe was the last major worm of this type) By technical attack I mean exploiting a vulnerability which exists in the OS and only requires the vulnerable system be connected directly to the internet, it requires zero user interaction (other then the user doesnít patch their system). All global attacks we have seen lately requires some form of user interaction, to click on the attachment, go to some web site, fall for some phishing scheme, etc. Our inability to fix or otherwise totally education users and human nature is another reason why security issues will never disappear in that users are just to easy to exploit. A good social engineering attack is always easier and better then a good technical attack.

Since the OS has become much harder to exploit one trend that is on the increase is the number of attacks which focus on third party software or on internally developed software. Very few companies have invested in training their developers in secure coding practices or have made security a fundamental consideration in every phase of software development. The unfortunate result of this is most companies develop software which is full of potential exploits like SQL or script injection, cross scripting, privilege/authentication issues, canonicalization, etc. The list is almost endless and far to many corporations are vulnerable to far to many of these types of attacks, so until corporations and third party developers start investing in secure code by design and development, their security issues will never go away.

New technologies and practices are always a source of new exploits. For example wireless networks continue to be a security issue and despite the progress of secure protocols such as WPA, far too many wireless networks remain unsecured. Things like home or otherwise remote workers can have huge impact on security. We live in a world of constant change both in technology and human issues, and where there is change there is opportunities for security exploits.

Hacking itself has changed radically over the years, and given it has evolved far beyond a mere curiosity or hobby to become a very profitable business, security issues will not go quietly into the good night but will be exploited in every fashion possible which will benefit the black hats. If nothing else as security gets better, hackers have gotten better, and more creative. Certainly the advantage belongs to the black hats as typically security is a Ďreactioní based process (it typically hasnít matured beyond being reactive yet), so black hats still sit back and pick apart software, processes, etc looking for vulnerabilities to exploit and white hats try to keep up with patching code etc. Certainly the secure by design and development helps reduce the number of vulnerabilities and layered security minimizes their impact but we still large depend on reactive process to secure systems.

Microsoftís Vista presents some very interesting changes in the concept of security, and while I very much like Vista and think it represents a huge step forward in security, it also presents some interesting challenges to both users and corporations. Vista is not only a very secure OS, but it can treat data in a very secure fashion and for the first time corporations can have the security they have always dreamed of, but I sometimes wonder if they find instead that their dreams are in fact too restrictive. So certainly for the first time corporations will have to confront security not just at a systems level, but on other levels as well. For example they will really have to think their processes through and find that balance between security, productivity, creativity and user involvement. This is totally new terrain to most corporations and will no doubt take companies a very long time to figure out what to do and while they are evolving there will be security issues. I very much look forward to the release of Vista and seeing the impact it has on security as I think it will be substantial, but yet very interesting in that it will create a number of new issues we havenít even considered yet.

So are we winning the so called war of security, I think so, but I donít think itís truly possible to fully win this war and security issues will remain with us forever.


[ view entry ] ( 945 views )   |  permalink  |  $star_image$star_image$star_image$star_image$star_image ( 3 / 1498 )
First big upset - Edmonton lays waste to Detroit 
Its that wacky time of the year again called NHL playoffs, which is something like March Madness (its hard to describe just how low I finished in that pole this year), where NHL teams battle it out for the oldest professional sport trophy in North America (they were still inventing football when Lord Stanley's Cup was all the desire of hockey players everywhere).

So let me go out on a limb and make my prediction for the first big upset of the playoffs. Detroit will lose to Edmonton in 6. The Red Wings are only where there are because they play in what is without a doubt the weakest division in the NHL so they are not as good as most people think they are. The really bad thing about this is Edmonton knows it, and knows they can beat Detroit, so there will not be any respect shown to the Red Wings by the Oilers. The Oilers can skate with the Red Wings, but more important they can out hit them and that will be the downfall of the Red Wings. Stevie Y fans better enjoy this series as I fear it will mark the end of the line for one of hockey's greatest players and all round class acts. Stevie Y isn't the kind of person who gets beat and still has something left in the tank, so you can count on him to put it all on the line as he always does.

If Detroit somehow manages to get past Edmonton don't look for them to get much further as Edmonton will have worked them over pretty good.

Note I'm not an Oiler fan, just a hockey fan.

Go Flames Go!!!

[ view entry ] ( 3029 views )   |  permalink  |  $star_image$star_image$star_image$star_image$star_image ( 3 / 1582 )
I will be at realDevelopment_2006 in Calgary on June 13th 
Time again for a Microsoft road show, and you will be able to join me in Calgary on June 13th at realDevelopment_06. In the morning get some inside information and demos from Microsoft on improving the user's web experience using Web 2.0 using AJAX (cool), RSS, Gadgets etc. In the afternoon the topic is security with information and demos on Digital IDs, Hacking and Defending.

For all you unlucky people who don't live in Calgary, you can attend this presentation in Ottawa on May 30th, Toronto on June 1st, Montreal on June 6th and Vancouver on June 8th. Typically these things fill up fast so I'd recommend not waiting to long to register. Lots of opportunities for questions and answers and I promise you will leave at the end of the day having learned something which will make you a better and more secure developer.

[ view entry ] ( 980 views )   |  permalink  |  $star_image$star_image$star_image$star_image$star_image ( 3 / 1467 )

<<First <Back | 1 | 2 | 3 | 4 | 5 | Next> Last>>