• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

UDP and Security in applications.

vhx

vhx

Golden Member
I have a friend currently developing an application. Currently she is using UDP and using the socket to identify what data belongs to who. However she is very paranoid about security. Since UDP is connectionless, the source address can be manipulated (if the ISP even allows it). So she is afraid someone could send data as an administrator, while she is online by spoofing the IP.

I have made the following arguments, that for them to send data as an administrator they'd need to know the port she is on. Then if they did somehow find the correct port, they would have to find out the session ID generated by the server, and then run administrative commands. Since the IP is spoofed, they would be doing all of this blind since they can't receive anything.

I can see that this may be POSSIBLE, but it sounds to me like she is being wayy too paranoid. What do you all think? And what would be the best recommendation at this point?
 
Why not sign some data in the packet and use that as proof it came from the admin computer. A little pub/private key digital signature stuff.
 
Last edited:
1. Look at this thread:
http://forums.anandtech.com/showthread.php?t=2057747

2. The salient points of that thread were:
- Security needs to be weighted against risk
- Security is hard
- There is a difference between authentication and secrecy

3.
I have made the following arguments, that for them to send data as an administrator they'd need to know the port she is on. Then if they did somehow find the correct port, they would have to find out the session ID generated by the server, and then run administrative commands. Since the IP is spoofed, they would be doing all of this blind since they can't receive anything.
Click to expand...
All of that can be done with network sniffiing. I'm not sure what your physical security situation is, of course.

Since UDP is connectionless, the source address can be manipulated (if the ISP even allows it)
Click to expand...
TCP sessions can be hijacked too. And the ISP isn't able to police traffic that comes into their network from external carriers (i.e., the ISP is only capable of helping security if both attacker and target reside within the ISP's network).
 
Last edited:
What type of app is this? I can't think of too many occurences where UDP is better than TCP except where data loss is OK and speed is of the utmost like multiplayer gaming. Can you use UDP for data transfer and TCP for the authentication?
 
🙂 you just made the security through obscurity argument.

As I stated in the other thread (I think, this has come up at least twice). The best security measures are a result of total paranoia. When programming securely, the assumption should always be that the impossible and unlikely has happened.

So if it COULD happen, and the data, or the system/network that it is stored on, is somewhat valuable, then you SHOULD eliminate the COULD. The level of valuableness will determine how completely you do this.
 
I can see that this may be POSSIBLE, but it sounds to me like she is being wayy too paranoid. What do you all think? And what would be the best recommendation at this point?
Click to expand...

I think that more people need to think like your friend. Way too many programmers don't even consider security until an exploit happens.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top