Raw System Security

Excellent computer security is possible. A huge step towards achieving starts with a broad understanding of computer security research. Given the right information and awareness, people who write software have the potential (though not the guarantee) to produce software that is more respectful of privacy and security. A tremendous amount of information exists on computer security concepts and practices. The application of these concepts and practices can range from simple standards and techniques to extensive use of tools, procedures, auditing, and expert administrative management of systems. The simple standards are the most appealing as they may be more compatible with a functionality based view of software. As systems grow and requirements evolve, more rigorous methods may become necessary.

Continue reading

Advertisements

Raw Numerical Security

When writing software code, it is common practice (at least today) to use numbers to control how the program runs. Numbers are used to define loop counters, error codes, program options, and much more. Spend enough time with software code and you begin to apply numbers as easily as breathing. When you need to write the code to walk through a list of numbers or interpret input from databases, networks, files and so on, the numbers become second nature. Pulling out parts of a word or sequence of letters or arranging the placement of text, pictures, and form fields through relative distances becomes routine through exposure. Much of this though creates a security blind spot. Continue reading

Raw Code Security

Dozens of umbrella approaches are used to create computer programs. Despite all the different concepts, writing styles, languages, and tools for making source code, the result is a computer program file (or what would be in a file is in memory). Each operating system spells out what these files should look be organized. This way, the operating system can qualify and run computer programs according to the rules it has defined. Regardless of how the code is written, when it gets transformed into an actual computer program, the parts that hold information goes in one of a few areas and the parts that do things go into a few others. Programs that have flaws can be cracked partly because the finished computer program file can be inspected in a straightforward way.
Continue reading

Raw Data Security

Many people have had the unpleasant experience of viruses and malware on their computers. Sometimes among the most immediate solutions is to replace the computer, re-install software, and get higher grade security software. We live in a time where Web sites, government files, and business databases can be breached and the results can be damaging from a financial, legal, or social standpoint. Why does this happen?

Continue reading