Software security is a vital aspect of Information Security. Some software is intended to be troublesome and is known as malicious software. Malicious software is a broad category that encompasses everything from viruses, Trojan horses, to ad-ware and spy-ware. But not all malicious software has a negative purpose. Occasionally, the software works perfectly normal, but has a hidden method to grant access to a remote user. This would be a case of malicious software.
Another problem with software is sometimes completely unintentional. These are call software vulnerabilities and when exploited cause the program to do odd and unintentional things. In class our teacher demonstrated classic software vulnerability, a buffer overflow on a Linux machine. He exploited the fact that functions in C that accept a string as an argument do not have a limit on how long the string can be. So, to fully use this exploit, the goal was to fill the memory buffer and overflow into the System memory. Once the string entered into the system memory space, the string is needed to match the location of the return address with the location of the start of the teachers shell code. The shell code just so happens to be contained in the string passed along as part of the initial argument. I though this was a great example of implementing an easy and quick software vulnerability.
This is not the only example buffer overflows can be seen. Buffer overflows are common and without adequate protection can have devastating results. For more information on buffer overflows, the wiki site is here.
Incomplete mediation is another type of software vulnerability. This software vulnerability is exploited by the user being able to change the data once it has been authorized. For example, a website that requires the total value of the shopping cart to be passed in the address as an argument. A hypothetical example could be something like this. If I went to a website call shophere and spent 300 dollars on junk, and the website validated the information like this:
www.shophere.com/checkout/total=300.
What would prevent the user from changing the total to 30 dollars to make their order look something like this:
www.shophere.com/checkout/total=30.
With this poor software design, this software vulnerability can occur. Software vulnerabilities, while in a perfect world wouldn't exist, appear everywhere. But this idea also relates to the main aspects of software security. Would it be more cost effective to create a perfect piece of software, spending millions of dollars, or is it more effective to repair and fix any exploit that occurs?
No comments:
Post a Comment