Keeping Information Timely
One of the pressing problems that has plagued information sources since before the Internet is ensuring the timely dissemination of information, before it becomes stale or out of date. With Information Security news and related online sources, arriving at a news source late could have significant cost to business operations or system stability due to attackers capitalising on threat information that you aren't aware of.
A Sûnnet Beskerming article on strange Internet traffic patterns that had been observed drew a lot of traffic and exposure from a number of sources. Besides being an excellent demonstration of how information propagates across the Internet, it showed first hand that some communities could be accessing information for the first time over a week after it first appears, when its viable lifespan was measured in hours, not days. Had the information been related to a rapidly emerging threat, there were a number of communities that would have discovered that information too late. Even with wider dissemination of the article, it would have required a concerted concurrent effort to publish and report the article within a timeframe so that the raw underlying data would still be relevant.
From a similar point of view, using information that is out of date can also introduce significant risks to operations and protection of critical systems and data stores. Information Security seems to be a field where accepted knowledge and best practices are overturned on a regular basis due to improved understanding of available threats, the evolution of new threats, or the development of more robust methodologies for protection and management.
Just in the last decade and a half in the Information Security field, the commonly accepted dogma that email and image files are not virus propagation vectors has been overturned. For many in the Information Security field it was the seminal paper by Aleph One, 'Smashing the Stack for Fun and Profit', which really began to show them the risks associated with vulnerabilities that had otherwise been thought benign, and the paper was only released in the year 2000.
Users have been connected to the Internet since it was the DARPANet, but the risks of online activity are still somewhat less understood when compared to risks associated with compromised desktop applications. While the risks of visiting untrusted websites are becoming better known, the true risk of online activity and web browsing is still being ascertained. Leading research in web application vulnerabilities and threats is still only scratching the surface of the issues tied to this platform.
With many of the leading voices in web application security still only in their early to mid twenties (and with some high school seniors mixed in), it is a young field that is doing its best to establish what can and can not be done with web applications. Information being generated by these researchers is busy turning over accepted dogma that itself may only be a couple of years old. Reading the wrong technical book, or not keeping up with the latest developments could place developers, site maintainers, and security representatives at a distinct disadvantage when creating and maintaining online services.
Even though buffer overflows and their associated risks are relatively well known and understood, the fact that they still crop up in modern systems (such as Windows Vista) means that even with security-aware development, there are still risks and vulnerabilities that can enter complex systems (that may be so complex that they can not completely be understood or modelled accurately). Keeping current with information that has not expired or otherwise become out of date is one of the best ways to help prevent the ongoing inclusion of known risks in development and maintenance of new services and applications.
6 July 2007
Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.
Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.Comments will soon be available for registered users.