We should run the Internet like a proper infrastructure
The web should be subject to the same standards as air travel
By Kenneth van Wyk | Computerworld US | Published: 13:45, 01 November 2010
We don't take the Internet seriously. If we did, we'd be treating it a lot differently than we do. But as witnessed by our own actions the Net clearly isn't a serious thing; at least not an infrastructure to us. Maybe one day it will be, but that day hasn't come yet.
Seriously, we don't treat it like an infrastructure at all. So why should we be surprised when we see egregious security failures repeating themselves ad infinitum?
Don't believe me? Well, let's imagine for a moment that the Net was a for real infrastructure such as, say, commercial aviation. Now, let's further pretend that a commercial banking site has just experienced a major security compromise in which customer data was lost, and money was stolen out of customers' retirement accounts in huge volumes.
If that happened in my fictional scenario, no doubt the "National Web Safety Board" (NWSB) would be called in to investigate. It would take the site down and conduct a painstaking review of every aspect of the compromise. No needle would be lost in that haystack, to be sure.
At the end of the investigation, let's imagine that the NWSB determined that the underlying cause of the attack was a mutable SQL call in some middleware software that enabled the attackers to execute a successful SQL injection attack. (Yes, we all know about SQL injection already and it holds the No. 1 position on the 2010 OWASP Top 10 list for good reason.)
In its report, the NWSB would most certainly note how SQL injection attacks can be thwarted by using immutable SQL APIs, such as parameterised queries (e.g. PreparedStatement and stored procedures), and it would recommend that every web application be thus upgraded in order to be safe.
Next, every single site on the net, at least every one that is considered to be in the public interest, would be grounded until all of their SQL interfaces could be converted to parameterised queries. This upgrade process would include certifying that every single such vulnerability had been removed and tested to ensure that the weakness no longer exists.
It could then be quite safely assumed that that problem has been vanquished, and that we could then move on to new problems instead of making the same mistakes repeatedly.
