Open Source Security Concerns

vidroth · **Joined:** Tue Oct 03, 2006 3:25 am **Posts:** 869

Open source is (like any other choice) a curse and a blessing, security-wise.

The curse part is that, because the source is publicly available, you don't need sophisticated tools to attack it. You just read the source and look for holes.

The blessing part is, in the long run, this is WAY more secure. Only a small percentage of people reading the source are out to cause harm. The vast majority are there to use and improve it. And the obvious weaknesses get shored up very quickly.

But the general principle is a security term popularly called "security through obscurity," the hope that by keeping something secret you can keep it safe. That's an amazingly popular fiction, a principle that only barely works with three or four people, and works terribly with several thousand. What's the old phrase? "Three can keep a secret, if two are dead."

The reality of the situation is, every place you depend on a secret, is a place where your security is vulnerable. You can't eliminate all secrets from security, but the fewer of them you depend on, the better. Everywhere you think something is secret, you tend to have "trust." And if the secret gets out, your "trust" lets bad people do bad things.

The first several months of the open source release will see a little bit of attacking and a LOT of security updating, that's just the nature of the thing. But once the first wave dies down, we'll have a very solid system, at least as solid as any other MMO out there, and probably moreso.

MustardJeep · **Posted:** Tue Apr 21, 2009 4:42 am

My only worry is that in the short term we will have a spat of UbiBeta silly scripting from people trying to prove a point.

From everything I understand MOUL updated a lot of the easy routes that were popular back then but there are still openings. A lot of the short term answers all involve better fan based game administration then UU had with, a couple people acting as ResEng's, atleast one good DBA per shard, someone able enough to take a Shard down for Maintenance before it crashes.

Really in truly I don't expect there to be anything as spectacular as UbiBeta was for silly scripting fun but as a matter of principal I worry about a few diehard traditionalists that still hang around. As long as it's fun I don't think to many will care one way or the other where the fun came from, but I am glad we have MOUL instead of UbiUru.

Karkadann · **Posted:** Mon Sep 07, 2009 6:30 pm

Nalates · **Posted:** Tue Sep 08, 2009 12:51 am

Paradox · **Posted:** Tue Sep 08, 2009 1:40 am

As some examples of open-source programs which seem to have the security aspect handled quite well include , , , and pretty much the entire Linux kernel.

The thing about open-source is not that it is less vulnerable, but when vulnerabilities are pointed out they are often fixed within a day or two. Whereas proprietary software can knowingly leave issues unpatched for years (and actively pursue legal action against those who point out such issues) :roll:

Telbere · **Posted:** Tue Sep 08, 2009 3:48 am

It will all just boil down to sound and fury in the end.

Paradox is right, while I wouldn't rank the Uru Fan Programmer base as able to fix a major problem in a day or two (There just aren't enough programmers here with that kind of time.) I would however think a game ruining bug could be diagnosed and worked around until there is time to fix it.

Karkadann · **Posted:** Tue Sep 08, 2009 4:07 am

Nalates · **Posted:** Wed Sep 09, 2009 5:42 pm

agrif · **Joined:** Wed May 31, 2006 4:09 am **Posts:** 20

I am really glad that this discussion steered away from viruses (or other malicious code) in Python files. First of all, while the Python distributed with ages is fairly obscured, it can be unobscured and read, so any funny business will be apparent to anyone who bothers to look. A GoMa check is all that's needed, really. Additionally, the worst a Python file can do, even if malicious code gets through, is fill up the hard drive with random junk. This can be easily avoided (if it isn't already) by hooking the Python "open file" function with some sort of check.

Python (as found in MOUL) cannot sneakily open sockets. The socket functionality in Python is provided by a compiled DLL (on windows) that is not present in MOUL. This functionality cannot be replicated in pure Python, as it needs to be bound directly to operating system calls. The only way an age could use sockets would be if it installed a DLL to the MOUL directory, which no age has any right to do. It would raise a red flag immediately.

Ages are not a concern here.

The client and server security is, but the code we end up getting will not be any more or less secure than the same code that Cyan ran. Just because there may be multiple servers running does not change that. Just make sure you trust where your code is coming from, and who operates the server, and it'll be just as secure as before. We could even implement a simple key system so you can verify you're actually connecting to the server you think you are, really simply, and there may already be such a system in place.

It's really the same situation as browsing the web with Firefox. Do you trust the Mozilla Foundation? Do you trust the HTTP server? Do you trust the web site author? One of these is open-source, the other often is as well, and the last is usually some stranger. We browse anyway.

Deledrius · **Posted:** Fri Feb 19, 2010 2:08 am

agrif · **Joined:** Wed May 31, 2006 4:09 am **Posts:** 20

Nalates · **Posted:** Fri Feb 19, 2010 6:56 pm

Keikoku · **Posted:** Fri Feb 19, 2010 9:01 pm

belford · **Joined:** Thu Jun 08, 2006 7:01 pm **Posts:** 1890

Keikoku · **Posted:** Sat Feb 20, 2010 11:41 am

Open Source Security Concerns

Who is online