Gary McGraw is CTO of Cigital, a software security and quality consulting firm. He recently spoke with Dr. Dobb's editor-in-chief Jonathan Erickson about security in the age of Twitter and cloud computing.
Dr. Dobb's: Does Twitter pose security-related problems?
McGraw: Twitter presents a perfect vector for malicious code and phishing, especially since most users use bit.ly or tinyurl to fit clickable URLs into their messages. Twitter allows dingbats to cash in their last remaining privacy chit with a coolness factor that often overrides common sense.
In fact, the last point applies equally well to Facebook and MySpace. The big problem is many users of these systems seem to have little understanding that postings, tweets, tequila drinking photos, and everything they post in the Web 2.0 world is public. Before Tweeting whatever occurs to you, think about whether you would want your mom to read it. Also note that the Tweet will be around basically forever! Will your future potential employers search Twitter? Why wouldn't they?
Dr. Dobb's: And virtualization?
McGraw: Some easy questions turn out to open various cans of worms. How can I tell if I am running on a VM? Can I figure out what chip I'm actually on? These questions get particularly hairy when it comes to mobile computing. There is an important class of problems in security called "interposition" attacks. Virtualization opens up all new places to get these classic old dinosaur attacks all gussied up for the future.
Dr. Dobb's: Does security have a role in cloud computing?
McGraw:There are many different types of clouds -- public cloud computing is a world away from private cloud computing. Who owns what cycles and what runs where? Equally important for security are infrastructure as service clouds versus software apps as service clouds. Most effort seems to be based around securing data, both in transit and at rest. The different cloud models imply different application architectures, and different architectures (as we all know) imply different security solutions.
Dr. Dobb's: Distributed systems are the norm these days. Has security kept pace with technology implementation in this regard?
McGraw: There are some real challenges with securing massively distributed systems. If you want a good example of what we can expect when a majority of apps are distributed, just take a look at MMORPGs (or "massively multi-player online role playing games"). Greg Hoglund and I wrote a book calledExploiting Online Games that is really a case study for the future of software security.
Probably the most important issue developers and architects need to understand when it comes to distributed systems is the notion of trust boundaries. As an example, it is a really bad idea to include code running on a user's PC or phone or whatever (that is, client code) on the "trusted" side of the trust boundary. Instead, think about that code being completely and utterly exposed, rewired, hacked, etc. In Exploiting Online Games, we do plenty of work disassembling the client code for World of Warcraft with amusing but scary security results.
Don't disregard trust bioundaries.