When is the best time to catch security issues with your application? Before you’ve built it of course!

If you’re responsible for an application from a technical design perspective, the last thing you want to have happen is get all the way into the security testing process and find out that there is a major issue with your application and now the whole thing has to be redesigned!

Well, now your job is even easier, thanks to the Microsoft Threat Modeling tool, and the new 2014 version that has just been released recently.

This tool lets you map out your application flows and then it will automatically analyze it for security issues.

To be frank, I’m not a massive fan of the UI appearance, but I am certainly willing to put up with it because it definitely does a quality job.

Now, whilst I would like this to be a set and forget type of deal… i.e. just put the design in, make sure it says there are no issues and then give it the greenlight, in this interesting world we live in, the bad guys are always evolving… so I’ll still continue to manually review designs and use the tool as an initial quick up front check.

Go grab the tool here, now, it’s free!

What do the following movies have in common?

• Speed
• Entrapment
• Ocean’s 11

Well I think they were pretty enjoyable movies, and classic 90’s Sandra Bullock and Catherine Zeta Jones were certainly easy on the eye.  The key scene in common that I had in mind though is this:  Security camera’s being compromised – e.g. the ‘bad guys’ breaking into a camera and then having footage play on a “loop” so that they have their way.

Is this really possible though? How hard is it to compromise a security camera? Well, surprisingly and disconcertingly it turns out that cameras from a number of vendors are trivial to break into.

It seems the vendors of these cameras haven’t fully thought through the implications of their products being connected to the internet 24×7 and have therefore not placed much emphasis on the software security during their Quality Control processes. The more cynical view of course (and perhaps more accurate) is that in an effort to make a quick buck they don’t really care. Admittedly, if an attacker is determined and well funded enough they will find a way to break into any system online.  However, what is revealed in a recent security research whitepaper shows that these are trivial vulnerabilities to exploit such as:

• Blindly Evaluating arbitrary code
• Broken Access Controls

If they required more cutting edge exploits then fine. But these?? Come on. These are not challenging for a script kiddie to pull off. I think we all expect a lot better security around a product that has the word ‘security’ or ‘surveillance’ in its name.

If you’d like the link to the security paper please just contact me by posting a comment.

I love VMs – they make life so much easier in many regards all the way from development and spiking new technologies all the way through to being able to provide elastic production solutions.

Of course, they do have their frustrations – such as getting performance right and having the occasional corrupt VM every now and then.

However – let’s consider an issue of security – is it possible to break out of a VM and get direct access to the host? Well, if you’ve been following popular security blogs then you’ll know that yes – it has at least been possible in the past.  How has it been done in the past though? Well, there’s a great paper here. It is slightly old [2009] though it does demonstrate an interesting technique.

Also, back in June 2012 there was also a vulnerability warning published by US CERT that you can read about here.

If you’re security paranoid/skeptical like me then knowing that nothing is ever 100% secure, you’d probably expect that there are new ways to still do it.  However, I haven’t come across any recent papers that illustrate new VM attacks.

So what does this really show and what is the point of posting this?

Well it highlights the need to practice defense in depth – i.e. it’s important to avoid thinking that a VM can never break out of another VM and therefore its ok to be blasé about additional security mechanisms.