Privacy Definition

An excellent definition of privacy in the context of autonomy and security:

  • Autonomy Privacy is an individual’s ability to conduct activities without concern of or actual observation (i.e., surveillance).
  • Information Security is the protection of information resources from unauthorized access, which could compromise their confidentiality, integrity, and availability.  This includes, but is not limited to networks, hardware, software and information (some of which is confidential).
  • Information Privacy is the intersection of autonomy privacy and information security — it is the appropriate protection, use, and dissemination of information about individuals

Source: Autonomy Privacy, Information Privacy and Information Security

Shodan Search Shortcuts

Use Shodan to discover which of your devices are connected to the Internet, where they are located and who is using them.

Listed below are some popular search shortcuts/search keywords to help with narrowing your search results:

Keyword Values Description Example
port Any Numeric Value Specific Ports port:554
has_screenshot True/False Has Screenshot has_screenshot:true
org Organization Value Organization org:”Microsoft”
ssl Organization Value SSL Certificates for Organizatio ssl:edellroot
ssl:Some University
ssl.version SSL Version Value SSL Version ssl.version:sslv2 -ssl.version:sslv3,tlsv1,tlsv1.1,tlsv1.2

Search Examples

Example Search Query Used For
port:9100 product:”LaserJet” Finding HP LaserJet printers on the network
ssl:edellroot Finding devices with SSL certificates issued by eDellRoot

 

Explicit vs. Transparent Proxy

A proxy server is a server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource available from a different server and the proxy server evaluates the request as a way to simplify and control its complexity. Proxies were invented to add structure and encapsulation to distributed systems. Today, most proxies are web proxies, facilitating access to content on the World Wide Web and providing anonymity.1

In an explicit proxy configuration, the client (e.g. browser, desktop application etc.) is explicitly configured to use a proxy server, meaning the client knows that all requests will go through a proxy. The client is given the hostname/IP address and port number of the proxy service. When a user makes a request, the client connects to the proxy service and sends the request. The disadvantage to explicit proxy is that each client must be properly configured to use the proxy.

In a transparent proxy configuration, the proxy is typically deployed at the Internet gateway and the proxy service is configured to intercept traffic for a specified port. The client (e.g. browser, desktop application etc.) is unaware that traffic is being processed by a proxy. For example, a transparent HTTP proxy is configured to intercept all traffic on port 80/443. The typical benefits of a transparent proxy include a standard enterprise configuration where all clients routed to the internet will always be filtered and protected no matter what the end users do, or change, on their machines and the added benefit of reduction in typical user’s client-proxy configuration troubleshooting.

A better way to ask the “What do I want?” question

At the core of all human behavior, our needs are more or less similar. Positive experience is easy to handle. It’s negative experience that we all, by definition, struggle with. Therefore, what we get out of life is not determined by the good feelings we desire but by what bad feelings we’re willing and able to sustain to get us to those good feelings.

Source: You probably know to ask yourself, “What do I want?” Here’s a way better question

Top 25 Software Errors

SANS has produced the list of top 25 software errors:

Insecure Interaction Between Components

CWE ID Name
CWE-89 Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)
CWE-78 Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’)
CWE-79 Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
CWE-434 Unrestricted Upload of File with Dangerous Type
CWE-352 Cross-Site Request Forgery (CSRF)
CWE-601 URL Redirection to Untrusted Site (‘Open Redirect’)

Risky Resource Management

CWE ID Name
CWE-120 Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’)
CWE-22 Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
CWE-494 Download of Code Without Integrity Check
CWE-829 Inclusion of Functionality from Untrusted Control Sphere
CWE-676 Use of Potentially Dangerous Function
CWE-131 Incorrect Calculation of Buffer Size
CWE-134 Uncontrolled Format String
CWE-190 Integer Overflow or Wraparound

Porous Defenses

CWE ID Name
CWE-306 Missing Authentication for Critical Function
CWE-862 Missing Authorization
CWE-798 Use of Hard-coded Credentials
CWE-311 Missing Encryption of Sensitive Data
CWE-807 Reliance on Untrusted Inputs in a Security Decision
CWE-250 Execution with Unnecessary Privileges
CWE-863 Incorrect Authorization
CWE-732 Incorrect Permission Assignment for Critical Resource
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
CWE-307 Improper Restriction of Excessive Authentication Attempts
CWE-759 Use of a One-Way Hash without a Salt