Understanding the Enemy by Inviting them in
One of our recent articles about the ethics of Information Security research mentioned a diminutive XSS worm replication contest being operated by noted researcher RSnake. On initial impression, the idea of running a contest to build a better worm sounds ludicrous and liable to result in greater problems for those who are trying to organise defences against these nasty threats.
That may certainly be true, but it is the opportunity to learn about the mechanics of XSS worm construction and the limitations that force attackers into certain pathways of development that makes the contest worthwhile. The risk of something going wrong always exists, such as having unexpected discoveries of malicious attack vectors that are kept quiet by the discoverer, but having some of the best people in the Information Security industry working on the problem minimises the risk that this will take place.
Because Information Security is such a black art to many, they find it difficult to comprehend where the difference lies between the researchers and the attackers (and in some cases there isn't much difference at all), and publicised efforts such as this, especially the inconsistent reporting and initial reactions that make all of the news coverage only contributes to the problem.
Now that the contest has been over and the analysis of the problem underway for a while, the research benefit gained is surely going to outweigh the risk introduced by publicising the initial contest.
18 January 2008
Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis
Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.
Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.
Comments will soon be available for registered users.