Re: Updated: Security in Unicode

[Gaspar Sinai <gsinai@xxxxxxxxx>]

Hi Linux Guys,
On Wed, 6 Feb 2002, Edmund GRIMLEY EVANS wrote:

> Pablo Saratxaga <pablo@xxxxxxxxxxxxxxxx>:
>
> > >   What if the software we are using would have built in sanity checks
> > >   using reversible algorithms to convert the bitstream to a view, and
> > >   convert it back to check if we get back the same stream? What
> >
> > I don't understand the usefulness of that.
>
> It checks that no information is being thrown away by the viewing
> software.

I happy that you recognized that what I see the
real problem with bi-di is  - the non-reversability.

I have to admit I was a bit nasty with the screen-shots,
I just wanted to emphasize the seriousness of the
problem, and how easy it is to write exploits and make
people feel unsecure.

I will rearrage the the page soon remove some nastiness.
(Thanks for the comments).

Yes, the problem is: what could happen? There is no real-life
example yet. Only a proof that it exists. But it may come
any time  Do we feel secure?

I think nothing is more dangerous than tempering with
the algorithm that projects you the bits from logical
buffer to to the screen in non-linear order. And nothing is
easier to sanity check - just apply the reverse algorithm.

Requiring and freezing algorithms in a standard is even
more dangerous today's good algorithm is tomorrow's bad
algorthm.

I think not having bi-bi alrogithm, or having a revised
bi-di algorthm, or an advisory secure one would solve a
lot of issues. If there is a revised bi-di algorithm
old documents might even be converted to the secure one
somehow - algorithmically to the same view.

It would make the RL people feel better too - they would
feel they were asked when the standard was made for them.
Some of them are fighting against it since the current
one was made.

It would be a nice favour.

Cheers
gaspar


--
Linux-UTF8:   i18n of Linux on all levels
Archive:      http://mail.nl.linux.org/linux-utf8/