View mode: basic / threaded / horizontal-split · Log in · Help
February 19, 2010
Attacking Attack Patterns
http://cwe.mitre.org/top25/
shows patterns of attacs.

Does someone see a way to use D design patterns to stop attack patterns?

-manfred
February 19, 2010
Re: Attacking Attack Patterns
Fri, 19 Feb 2010 19:44:14 +0000, Manfred_Nowak wrote:

> http://cwe.mitre.org/top25/
> shows patterns of attacs.
> 
> Does someone see a way to use D design patterns to stop attack patterns?

At least I can see a lot of reasons why D is vulnerable to many of those 
low level attacks because of the desire to be able to control every 
possible bit state in the program. In fact D is even worse than Java/C# 
from this point of view. At least in the web environment some state of 
the art technologies immediately come to mind http://lambda-the-
ultimate.org/node/3068
February 19, 2010
Re: Attacking Attack Patterns
retard wrote:
> Fri, 19 Feb 2010 19:44:14 +0000, Manfred_Nowak wrote:
> 
>> http://cwe.mitre.org/top25/
>> shows patterns of attacs.
>>
>> Does someone see a way to use D design patterns to stop attack patterns?
> 
> At least I can see a lot of reasons why D is vulnerable to many of those 
> low level attacks because of the desire to be able to control every 
> possible bit state in the program. In fact D is even worse than Java/C# 
> from this point of view.

D has safe mode, which when used offers as much safety as C# or Java. 
Note that you can do unsafe things in C# if you so choose.


> At least in the web environment some state of 
> the art technologies immediately come to mind http://lambda-the-
> ultimate.org/node/3068
February 19, 2010
Re: Attacking Attack Patterns
retard wrote:
> Fri, 19 Feb 2010 19:44:14 +0000, Manfred_Nowak wrote:
> 
>> http://cwe.mitre.org/top25/
>> shows patterns of attacs.
>>
>> Does someone see a way to use D design patterns to stop attack patterns?
> 
> At least I can see a lot of reasons why D is vulnerable to many of those 
> low level attacks because of the desire to be able to control every 
> possible bit state in the program. In fact D is even worse than Java/C# 
> from this point of view.

I guess SafeD wouldn't be the slouch of the three.

Andrei
February 19, 2010
Re: Attacking Attack Patterns
Manfred_Nowak wrote:
> http://cwe.mitre.org/top25/
> shows patterns of attacs.
> 
> Does someone see a way to use D design patterns to stop attack patterns?
> 
> -manfred

Bounds checking takes care of quite a few issues, but that's a banal 
thing to remark.

One more interesting thing that I see doable (and have seen done in e.g. 
Perl) is the @tainted attribute, which marks an untrusted string. That 
could help with [2], [6], [7], [9], [20].


Andrei
February 19, 2010
Re: Attacking Attack Patterns
Andrei Alexandrescu wrote:
> One more interesting thing that I see doable (and have seen done in e.g. 
> Perl) is the @tainted attribute, which marks an untrusted string. That 
> could help with [2], [6], [7], [9], [20].

I agree that engaging the type system's help to track untrusted data 
through the code can be very helpful.
February 19, 2010
Re: Attacking Attack Patterns
retard wrote:
> Fri, 19 Feb 2010 19:44:14 +0000, Manfred_Nowak wrote:
> 
>> http://cwe.mitre.org/top25/
>> shows patterns of attacs.
>>
>> Does someone see a way to use D design patterns to stop attack patterns?
> 
> At least I can see a lot of reasons why D is vulnerable to many of those 
> low level attacks because of the desire to be able to control every 
> possible bit state in the program. In fact D is even worse than Java/C# 
> from this point of view. At least in the web environment some state of 
> the art technologies immediately come to mind

> http://lambda-the-ultimate.org/node/3068

Ur/Web sounds interesting.

Have you actually tried it in anger?
February 20, 2010
Re: Attacking Attack Patterns
On Fri, 19 Feb 2010 14:44:14 -0500, Manfred_Nowak <svv1999@hotmail.com>  
wrote:

> http://cwe.mitre.org/top25/
> shows patterns of attacs.
>
> Does someone see a way to use D design patterns to stop attack patterns?
>
> -manfred

I really don't like this list because its a list of unsecure coding  
patterns and not dangerous one. The only one of them has ever killed  
anyone (race conditions, #25), the rest just lead to identity theft. I'd  
also put "poorly written error messages", "integer overflows" and  
"corrupting datafiles" up there as things that have killed people.

Anyways, in response to your question D's concurrency strategy should make  
it (relatively) difficult to cause races. And most of the attack patterns  
are at a higher level than raw code.
February 20, 2010
Re: Attacking Attack Patterns
Robert Jacques wrote:
> On Fri, 19 Feb 2010 14:44:14 -0500, Manfred_Nowak <svv1999@hotmail.com> 
> wrote:
> 
>> http://cwe.mitre.org/top25/
>> shows patterns of attacs.
>>
>> Does someone see a way to use D design patterns to stop attack patterns?
>>
>> -manfred
> 
> I really don't like this list because its a list of unsecure coding 
> patterns and not dangerous one. The only one of them has ever killed 
> anyone (race conditions, #25), the rest just lead to identity theft. I'd 
> also put "poorly written error messages", "integer overflows" and 
> "corrupting datafiles" up there as things that have killed people.
> 
> Anyways, in response to your question D's concurrency strategy should 
> make it (relatively) difficult to cause races. And most of the attack 
> patterns are at a higher level than raw code.

As far as I can tell low-level races are impossible in SafeD.

Andrei
February 20, 2010
Re: Attacking Attack Patterns
Robert Jacques wrote:
> On Fri, 19 Feb 2010 14:44:14 -0500, Manfred_Nowak <svv1999@hotmail.com> 
> wrote:
> 
>> http://cwe.mitre.org/top25/
>> shows patterns of attacs.
>>
>> Does someone see a way to use D design patterns to stop attack patterns?
>>
>> -manfred
> 
> I really don't like this list because its a list of unsecure coding 
> patterns and not dangerous one. The only one of them has ever killed 
> anyone (race conditions, #25), the rest just lead to identity theft. I'd 
> also put "poorly written error messages", "integer overflows" and 
> "corrupting datafiles" up there as things that have killed people.
> 
> Anyways, in response to your question D's concurrency strategy should 
> make it (relatively) difficult to cause races. And most of the attack 
> patterns are at a higher level than raw code.

Oh hey... null pointer dereference is not on the list :o).

Andrei
Top | Discussion index | About this forum | D home