Re: How many people write secure programs?

From: Crispin Cowan (crispinat_private)
Date: Tue May 01 2001 - 15:29:28 PDT

  • Next message: Ben Laurie: "Re: Re-RSA and large numbers"

    Justin Young wrote:
    
    > For the record everyone is throwing around this word secure as if it
    > pertains to our industry. Nothing can ever be secure as that would be it
    > could never be compromised. If anyone feels that your systems, networks,
    > programs can never be compromised your sadly mistaken. The proper term that
    > you should be using is TRUSTED.
    
    Uh, no.  "Trusted" is a specific, technical term that means that a product has
    been through a formal evaluation procedure.  It is "trusted" because some folks
    who (allegedly) know something about security have inspected it, and say that
    it can be trusted.  It is meaningless to say that a program is
    "trusted" without also specifying which kind of formal evaluation it has
    passed, e.g. C2, common criteria, etc.
    
    "Secure" means "can't be hacked."  Trusted software *probably* is secure, but
    not necessarily.
    
    You're right that nothing can ever be "secure", but that doesn't mean we can't
    discuss the concept.  It's like "infiinity":  you can't get there, but it is a
    very useful abstraction.
    
    There was a very interesting thread a while back (I think on on vuln-dev) about
    what "secure" means as compared to "reliable.  I quite like the results:
    
       * Reliable:  a program that does what it is supposed to.
       * Secure:  a program that does what it is supposed to, and *nothing* *else*.
    
    Crispin
    
    --
    Crispin Cowan, Ph.D.
    Chief Scientist, WireX Communications, Inc. http://wirex.com
    Security Hardened Linux Distribution:       http://immunix.org
    



    This archive was generated by hypermail 2b30 : Thu May 03 2001 - 14:11:02 PDT