Make It Easy to Do Things Right

Security features of the dominant thick-client platform are "usually trivial to implement, [but are] overlooked by a large number of application developers," according to a study (view the PDF) published at the end of last month by vulnerability analysts at Denmark's Secunia ApS.

Blogger Brian Krebs discusses the implications in a blog post published last week, documenting his follow-up research with Secunia's rogues' gallery. In a comment on the resulting discussion thread, Krebs said that none of those vendors has tried to justify failure to use those protections. Really, though, is there reason to expect any excuse other than "it's not the default"? Or some variation on that theme?

Secunia's findings demonstrate a basic difference between a modern platform like, and a platform that tries to add modern security and other essential attributes to a foundation that doesn't have those behaviors built in. When a developer builds a application, the trust model is always part of the context in which that application is deployed. When a developer builds and ships a legacy thick-client application, the default is something much closer to "you ask for it, you get it": for example, one sysadmin told me about a label-printing application that required Administrator privileges to run correctly. In general, legacy platform developers have not had a compelling reason to learn and use correct least-privilege techniques.

This is why it's simply a bad idea to compare one platform against another on the basis of things that a developer could do, if the developer knew how, and if developers on each platform consistently chose to take as much trouble as needed to do things right.

It's more realistic to assess the kind of application that's going to appear on one platform, compared to the kind of application you'll find on another, when developers only do the amount of work that's needed to make an application handle well-formed input correctly. Anything more is a gift from heaven — and the gods aren't always in a giving mood. Platforms will offer users superior applications when the easiest thing for the developer to do is also the right thing to do.

July 7, 2010