Re: .NET Smart Clients, transparency and security
From: Michel Gallant (neutron_at_NOSPAMistar.ca)
Date: 04/07/04
- Next message: Ken Schaefer: "Re: Windows Auth -- double hop issue??"
- Previous message: karursvijay_at_-NOSPAM-hotmail.com: "Re: web.config and forms authentication problem"
- In reply to: Doug Barlow: "Re: .NET Smart Clients, transparency and security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 7 Apr 2004 13:58:30 -0400
Thanks Doug (and others) for insights.
I completely agree with your "ridiculously fragmented" comment!
I guess one response to your comment about " ... afterthought ..." from MS
might be that Longhorn will be the first Win release to truly integrate
the Win security config?
I am not a systems programmer/architect, and it seems to me that there
should be some built-in architected SECURITY BY DEFAULT infrastructure
provided that makes it easier to safely deploy trusted applications to clients
without needing intensive training in all aspects of CAS, code-groups etc..
I think one of the biggest threats going is not so much bad-code or malicious
use therein, but more from intelligent (and as of yet unseen) socially-engineered
attacks against end users who are empowered with the ability to make critical
security decisions (like Click-Once dialogs, Signed Java applet dialogs ..).
I however like the "default all exes sandboxed" approach coming in Longhorn.
- Mitch
"Doug Barlow" <soft_pedal@hotmail.com> wrote in message news:K4Lcc.80437$gA5.1010707@attbi_s03...
> I'll add my two cents. I'm very experienced with security concepts, but I'm
> just now investigating .NET security features for the first time. Several
> things stand out:
>
> * .NET security is horribly unintuitive. Security operations should be
> blatently obvious to the most casual of end users if it has any chance of
> being used at all. So far, I've been trying to use the .NET Configuration
> Utilities and wizards with almost no success. The on-line help is usually
> meaningless, if it's there at all. Checkboxes offer unintelligible options.
> It is almost impossible to really tell what is being controlled.
>
> * .NET security is practically non-operational. So far, the only way I've
> gotten my client-side web controls to load at all is to grant full trust to
> both their strong name and to the system from which they load. No other
> subset will work, including ones with all security options enabled. In one
> instance, I had to re-install Windows when the .NET Configuration Utility
> began crashing whenever it was invoked.
>
> * .NET security is ridiculously fragmented. There are three wizards and a
> configuration utility, and you also need to use the Internet Settings
> control panel. Then there's Windows security settings to deal with.
> Security should be integrated. The more places that need tweaking to set
> security, the less chance of security being set up right, and the greater
> chance of breaking something the user really wants to be able to do.
>
> * .NET security is implemented as an afterthought. Good security is
> designed in at the start. .NET security is clearly a second-rate citizen in
> the developer tools group, since most of it's development tools seem to be
> strange command line utilities, as opposed to true integration with
> Development Studio.
>
> Now I don't mean to imply that .NET security should be abandoned. I'd argue
> for exactly the opposite. The architecture looks like a really good idea.
> With the Internet becoming a standard piece of modern applications, security
> needs to consider the user, the application components, and the source of
> the executables. (It should even consider the source of the data.) The
> .NET Framework architecture seems to be a good step in that direction.
>
> What's needed is to elevate the priority of security within the development
> groups, so that the security UI can and will be used by the vast majority of
> Windows users. Similarly, it should be integrated with Dev Studio, so that
> it is automatically a part of .NET development (not relegated to a bunch of
> hidden command line utilities). Microsoft has stated that it wants security
> to be a primary goal of its products; this message needs to be taken to
> heart by the .NET Framework development team.
>
> Doug Barlow
> The Soft Pedal Shop
> http://www.softpedal.net
>
>
- Next message: Ken Schaefer: "Re: Windows Auth -- double hop issue??"
- Previous message: karursvijay_at_-NOSPAM-hotmail.com: "Re: web.config and forms authentication problem"
- In reply to: Doug Barlow: "Re: .NET Smart Clients, transparency and security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
