[Esapi-user] [Esapi-dev] Why ESAPI crypto uses a custom serialization scheme

Kevin W. Wall kevin.w.wall at gmail.com
Sat May 1 19:16:01 EDT 2010


Jim Manico wrote:
> I call cryto-bs here. Compromise of a client always always leads to data
> loss for that user.  As soon as a keylogger, malicious browser plugin or
> other client compromise is in effect - it's game over for that user -
> and potentially all other users that the victim has adminstrative access
> over.
> 
> What am I missing here Kevin?

You need to re-read the (contrived) scenario. As I described it, this doesn't
merely lead to the compromise of the 100K users that a specific accountant
is otherwise able to see, but rather it can potentially lead to the compromise
of all 10M CC#s. Last time I checked, 10M >> 100K.

So what I am talking about goes beyond the single user whose PC may have
been compromised. Kapish?

-kevin
P.S.- I always secretly knew that you dozed off while reading my long-winded
      tomes. My bad. I forgot the up-front "May induce drowsiness" warning. ;-)
-- 
Kevin W. Wall
"The most likely way for the world to be destroyed, most experts agree,
is by accident. That's where we come in; we're computer professionals.
We cause accidents."        -- Nathaniel Borenstein, co-creator of MIME


More information about the Esapi-user mailing list