Security
Date 18/11/2014
Fourth and last assignment is given.
Security is probably the most important aspect of any software development.
Discussion items
During the lecture, we had a discussion about the security aspects of 3rd party packages. In summarise the following points were brought up when considering what should be checked before taking any 3rd party code in use:
Validate te code, lint
Check the origin, who made it, is it public and how active, where is it downloaded from, suspicious web site
.exe
suffixDoes it do what it is supposed to
Does it do something that it is not supposed to do
Suspicious instructions, such as using
sudo
or giving access to passwordsCollects information, surveillance traffic
Amount of downloads
Tools that could help in checking the above criteria:
plato
nsp
Links related to the lecture subject
Example for creating brute force passwords
... in order to prove how easy it is and why should sensitive data be handled with special care.
In order to improve the example and its efficiency, the iteration should be done first against all characters in the first index, than second and third, as opposed now iterating whole maximum length with first index being at the first character.
That is why the running time increases when the maximum length is increased, even while the matching password is somewhat short.
Last updated
Was this helpful?