User: Password:
|
|
Subscribe / Log in / New account

Security! Security! Security!

Security! Security! Security!

Posted Feb 27, 2012 14:24 UTC (Mon) by KaiRo (subscriber, #1987)
In reply to: Security! Security! Security! by khim
Parent article: Tracking users

As already stated, both OCSP and CRLs have the problem of not working when requests to those services are blocked, so they're actually bad solutions. We need to do better in terms of certificates/keys for encrypted communications (I'm not sure the word "secure" is even correct for those), and both OCSP and CRL are not good answers to CA breaches. One possible proposal for this is being described at https://kuix.de/mecai/

On the other topic, sandboxing is IMHO hyped more than it's actually useful. It's one reasonable idea of how to possibly prevent exploits from going worse, but 1) if you (in theory) don't have exploits in the first place, it's useless, and 2) there's lot of security/privacy-relevant flaws where it has no effect at all, esp. in the area surrounding XSS. Also see http://hackademix.net/2012/02/16/sandboxes-are-overrated-... and stuff linked from there.


(Log in to post comments)

Security! Security! Security!

Posted Feb 27, 2012 15:42 UTC (Mon) by khim (subscriber, #9252) [Link]

1) if you (in theory) don't have exploits in the first place, it's useless

Sure, if your browser and OS are written by infallible God and if it's run on the impeccable computer which is created by said God then you can ignore any and all security practices.

In our universe compartmentalization is the only solution worth discussing. It predates computers by several millennia (think military and state secrets, different levels of access, etc) and is the only tied and true [albeit imperfect] solution.

2) there's lot of security/privacy-relevant flaws where it has no effect at all, esp. in the area surrounding XSS

Let me translate "discovery" from geek to English:

Sensation, sensation! Everything you ever knew is wrong!
Recently researchers found that most thieves started using windows and not doors. This fantastic discovery shows that all these sturdy doors and complicated locks are just a waste of time and money! We should immediately stop wasting our time and fully switch to windows protection! You can leave keys under your doormat, don't lock the door at all, it does not matter! More in our newspaper, just $.02 per copy.

Yeah, right.

If you really believe that then I have very nice bridge to sell.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds