[kwlug-disc] DuckDuckGo.com -- an alternate search engine
cdfrey at foursquare.net
Wed Jul 28 03:54:05 EDT 2010
On Tue, Jul 27, 2010 at 09:15:57PM -0400, Ralph Janke wrote:
Not necessarily bad, just more risky.
The one is data interpreted by known code. The other is unknown code
interpreting unknown data.
By "unknown" I mean that the data and the code is not something I've
vetted before it hits my browser.
Secure code treats data as an untrusted payload. Something to be parsed
and analyzed, where sizes and lengths are double checked at all times,
etc. The data might indicate some action to be taken, but it is the code
that is already on my system, installed by known means, that does the
but it is data in the form of Turing complete code. It is one thing to
double check that the TCP header size field is correct. It's a whole
code is safe.
I'm not saying it's impossible, just that the level of difficulty is
orders of magnitude higher, and therefore so is the risk.
data, there's more risk: VB script in Word documents, ActiveX controls,
Flash games, rm commands in man pages, embedded SQL in application code,
scripts in PDF files (Adobe has had its share of headaches with this), etc.
More information about the kwlug-disc