David A. Wheeler's Blog

Fri, 08 Oct 2004

New Security Article on Race Conditions

Well, I’m happy to announce that another one of my developerworks article on secure development is now out for the public. Go take a look at Secure programmer: Preventing Race Conditions.

This was a trickier article to write, because race conditions are harder to describe in a simple way. No matter what, they always involve subtle timing interactions, and that makes them hard to describe. Even the conventional definitions are too complicated and don’t really help explain the issue. So, I ended up writing my own definition: A “race condition” occurs when a program doesn’t work as it’s supposed to because of an unexpected ordering of events that produces contention over the same resource. Notice that a race condition doesn’t need to involve contention between two parts of the same program; many security problems occur if an outside attacker can interfere with a program in unexpected ways.

And from there, it shows some of those big surprises. A whole bunch of race conditions have been found over the last few months, so this is certainly still a serious problem.

path: /security | Current Weblog | permanent link to this entry

End of September 2004 release of “Why OSS/FS? Look at the Numbers!”

I’ve made another release of my paper “Why Open Source Software / Free Software (OSS/FS)? Look at the Numbers!” Here are some highlights:
  1. Possibly most important long-term, I added a lot of material to appendix A to help people identify what is really OSS/FS. In particular, I added information about Debian’s tests, which are thought experiments they use to examine licenses. These are the “desert island”, “dissident”, and “tentacles of evil” tests. I added this information after reading Mark Shewmaker’s August 2004 examination of the Microsoft Royalty Free Sender ID Patent License. That analysis proved to me that a non-lawyer can carefully analyze and rationally argue about licensing and legal issues, especially when they’re given tools like these thought experiments to help them.
  2. I added a reference to the article “Open Source Software Development Should Strive for Even Greater Code Maintainability” by Ioannis Samoladas, Ioannis Stamelos, Lefteris Angelis, and Apostolos Oikonomou. It’s published by the highly-respected “Communications of the ACM” (CACM) in October 2004 (pp. 83-87). They studied almost 6 million lines of code, tracking several programs over time, using the maintainability index (chosen by the Software Engineering Institute as the most suitable tool for measuring the maintainability of systems). Using their measurements, they concluded that OSS/FS “code quality appears to be at least equal and sometimes better than the quality of [closed source software] code implementing the same functionality.” They conjectured that this “may be due to the motivation of skilled OSS programmers…”
  3. Added more information about security evaluations performed or being performed for OSS/FS, esp. Common Criteria and FIPS 140, in the security section. Novell SuSE, Red Hat, MandrakeSoft, Trusted Computer Solutions’ Secure Linux, and OpenSSL (2 different projects!). These are really important to some organizations. Although there’s a lot of information about this, there doesn’t seem to be any one place with it pulled together. Well, now there is. See my paper for more about formal security evaluations of OSS/FS products.
  4. Added a reference to CSC’s new report “Open Source: Open for Business”. In particular, they discuss some TCO issues which I added to the TCO section.

path: /oss | Current Weblog | permanent link to this entry