Fixing C's Biggest Mistake
H. S. Teoh
hsteoh at qfbox.info
Thu Jan 12 00:07:09 UTC 2023
On Wed, Jan 11, 2023 at 03:39:50PM -0800, Walter Bright via Digitalmars-d wrote:
> On 1/11/2023 5:35 AM, Don Allen wrote:
> > 1. Steal your password
> > 2. Produce the "secret key", which they won't be able to
> > 3. Get past 2FA, which they won't be able to
>
> Those are all good things. But it doesn't help you if you download a
> trojan version of the manager, or a trojan masquerading as an update.
> I've also seen several schemes that outmaneuver 2FA.
Indeed, there are (at least) 11 ways to defeat 2FA:
https://www.knowbe4.com/hubfs/KB4-11WaystoDefeat2FA-RogerGrimes.pdf
> Allow me to explain the framing. At Boeing, it was never "that part
> cannot fail". It is always framed as "when that part fails, how do we
> land safely?"
>
> So, *when* your password manager fails, what are you going to do about
> it?
>
> I'm not singling you out, I'm trying to make a point. Far too many
> software developers develop a hubris that they can write software that
> cannot fail. Unfortunately, usually someone else is going to have to
> pay for that mistake.
We've had several decades of industry experience proving that all
non-trivial software is inevitably buggy and has failure modes,
oftentimes ugly ones. :-) It's only a matter of time before yet another
software tower of cards come crashing down, and all your precious data
with it.
This is why I'm a big skeptic of cloud-based services (or indeed,
anything that relies on some remote network resource being always
available / secure). There's a time and place for it, but if you follow
the bandwagon in putting *everything* on it even when you really
shouldn't be, then you should be prepared for the catastrophic failure
that's inevitably coming.
T
--
Why can't you just be a nonconformist like everyone else? -- YHL
More information about the Digitalmars-d
mailing list