# Computer Security - lesson 6
#### Federico Maggi
###### 7 April 2016
## Software Security

There is nothing really __secure__, there is something __secure enough__.
__Software security__ is a problem of design, but designing a software
in a secure way is __very hard__.
An unmet specification about security is a __security issue__.

## Disclosure
Until the end of 1990' software vulnerabilities were not disclosed,
instead they were traded between security experts or they were sold.
At one point people began using __full disclosure__ to press software
vendors to fix vulnerabilities, that consists in making public information
about the vulnerabilities so that the vendors were forced to fix it
before someone takes advantage of it.

## Anti Disclosure
After the full disclosure movement vendors realizes that offering visibility
to people disclosing bugs was a way of making them work for you instead of
against you, But then a new movement rose: the __Anti full disclosure__
that states that after the peoples gained visibility they have no
more reasons of giving vulnerabilities for free.
And this made the security expert role a paid job.

The last developement in the sector was the introduction of __bug bounties__

## Principles of secure design
- KISS
- Discard privileges as soon as possible
- Open design
- Concurrency and race conditions: __race conditions__ is an entire category of issues.

## Key Issues of secure design
- fail-safe and default deny: programs should __fail-close__ and not fail-open
- use of shared-resources or untrusted libraries
- filter the input and outputs
- don't write crypto code, use tested libraries.

## Conclusion
Volnerabilities may be __dense__ so taking out one vulnerability does not make the software
more secure.