Sunday, February 25, 2007
Positive Security: a security policy based on modeling of the application or the system that is being defended. Things that agree with the model are considered legal while all other things are suspicious to be illegal.
Negative Security: a security policy based on modeling of the malicious things (e.g., attacks, worms, viruses, and so on). So that things that agree with the model are considered suspicious to be illegal while all other things are considered as legal.
One person claimed that this is forbidden, and I got curious and started asking questions.
Monday, February 19, 2007
The resulting discussion yields that:
* xml parsers know nothing about namespaces
* namespace processing should be done by the application that uses the XML parser
* a validating XML parser should be namespace aware
Saturday, February 17, 2007
Today while walking and touring in a field we saw mating Coccinella septempunctata beatles.
Aviv was enjoying himself not only with his new discoveries in the field, but also by stepping into every possible puddle we came across.
Wednesday, February 14, 2007
Wei Zhang and R. van Engelen: "A Table-Driven Streaming XML Parsing Methodology for High-Performance Web Services". ICWS '06. International Conference on Web Services, 2006. September 2006. pp 197-204David F. Bacon. Realtime Garbage Collection. IBM Research. ACM Queue Vol 5. No. 1 - February 2007.
Automata theory for XML researchers. F. Neven. ACM SIGMOD Record. Volume 31 , Issue 3 (September 2002). Pages: 39 - 46. 2002.
Bryan Ford. Packrat Parsing: a Practical Linear-Time Algorithm with Backtracking. Master's Thesis. Massachusetts Institute of Technology.
Sunday, February 11, 2007
Viola hederacea plants
and a few more types.
I'll try and place some images of them soon.
The garden in front of the entrance to our house is now fully planted.
The garden in the back still needs a lot of work:
* removal of many branches that I pruned from the neighbors' trees which invaded our garden while casting shade -- too much shade
* re-new the grass: replace the al-toro grass with a derben grass
* continue planting in shaded places.
Friday, February 9, 2007
Wednesday, February 7, 2007
Tuesday, February 6, 2007
I will probably have a few revisions on it sometime in the future.
Monday, February 5, 2007
Let's wait and see what the verdict will be...
Sunday, February 4, 2007
Lately, I'm thinking about a swimming course for Aviv. Last year he really enjoyed attending swimming classes.
As soon as the season starts, I'll check the local swimming pool for possibilities.
In the picture you can see Aviv in a swimming lesson. This picture was taken last June.
I was very impressed with them and I'm sure they will be great.
It turns out that with these two, 10% of the workers in our R&D center were recruited through me :-)
I'm trying to get at least 3 additional people in the following weeks.
Saturday, February 3, 2007
Friday, February 2, 2007
Thursday, February 1, 2007
David Megginson says that:
* XML REC does not specify or limits any name, literal lengths, number of attributes, depth of nested elements and so on. As a result these are a target for DoD attack on the XML processor. He suggests a few tests that can be used on an XML processor to make sure whether or not it can terminate processor prior to running out of its resources and make a graceful exit rather than crash. He states that any XML parser should have built in limitations on such properties.
* He also lists the risks in allowing processing of external fragments.
* He explains how access to an external resource, e.g., a schema or DTD, can be subject to a DoS if the location has been compromised.
derek denny-brown says that:
* a naive implementation of duplicate attribute detection or a namespace prefix lookup, e.g., using a stack implementation where the Nth string is being matched against the other N-1 strings, has an O(N^2) complexity. He also suggests that if the implementation is hash based and the attacker can guess your hashing algorithm, then the O(N^2) complexity for processing time can also be imposed on the parser.
* he also estimates that it would be quite hard to craft an attack that leverages these vulnerabilities to do much damage since the scan is extremely fast, so by limiting the size of the accepted document such attacks can be practically blocked.
Richard Salz says that:
* it should be pretty easy to cause a DoS with short messages with a very large (he gives 1 million as an example) elements depth. Another example would be badly fragmented nested elements. He further gives examples of very long element names, attribute names, namespace prefixes, and excessively long attribute or namespace declarations values.
* he states that the a-symmetrical nature gives advantage to the attacker as producing an attack is as simple as printing text while processing the received documents in such cases yields expensive computation.
I'm still collecting material and organizing it, and I hope that I will be able in the next few days to write a detailed and more organized summary on the subject. I'll post it here on my blog and will probably also announce its availability on xml-dev at least to be polite and write back my conclusions and contributions to the discussion.