Saturday, May 10, 2008

Security is hard

Security is hard.

When you're trying to build something secure, you have to consider everything.

When you're breaking the security, you just have to think of one thing that the other guy didn't think of. Not to mention the person creating security is normally vastly outnumbered.

I like security. I like locks (designing locks and dreaming up ways to defeat them). I like security protocols (analyzing them anyway, following them can be a pain). I like security related algorithms (encryption, one-way hashing, etc). I like security in software development.

These days I've been revisiting the security of Java's sandbox while running in applets. It's wildly intriguing, because of the complexity involved. Even a simple login screen can be complicated to get just right, in terms of security. And the applet sandbox is a whole different beast. The applets need to be able to do almost anything.. and then there are a few, handful of things that the applet absolutely must not be able to do. Add to the mix Java's system of access modifiers, inheritance, threads, serialization, bytecode, etc. It's a complicated thing. I can't believe they've got it 100% right. Can't believe it. It doesn't seem probable. So often, when I have spare time I go about looking at the Java core code, doing tests, trying to be creative.

No comments: