Application Code and Input Data Don’t Mix

May 5, 2009

It has been a long, long time that I have wanted to write this post.

But I couldn’t. Quite simply, what had been done was so damned dangerous that I did not even want to mention it; until it was fixed.

Happy to say! It is finally complete.

There are many industries that publish and subscribe to what we call data feeds. These could be market data feeds, financial data feeds, any data that you write a bit of application code to receive and place into some context within your organization.

In our case, some of our suppliers crunch boatloads of data in mainframe computers, and pack it up and ship it to our servers. Our development team then has programming code to read that data feed information and update records in various databases.

Now, in order to dump that raw data on our servers, these suppliers need a key (user ID and password) to a piece of my IT server house

The Problem?

At some time in the past some of our developers put the programming code that grabs that data,tweaks it, beats it up, and squishes it into a database in the same location that the supplier was placing the data

And Why is this a problem?

Thanks for asking! Let me show you! 

I mentioned that to put that data on the server, the suppliers needed a user ID and password, plus the ability to write data into that area. In other words, they have a key to the house.

Imagine that our programming code runs automatically at 3 AM each and every day, and is called PROCESS_DATA_FEED.EXE, this little program does the following;

step 1: check to see if data feed has arrived

Step 2: If data feed has arrived then;

Step 3: squish the data into a database

Now – because that supplier has the key to my house, accidentally, or maliciously, they (or any one) could put anything on that server.

So imagine;

I write a program that does the following;

Step 1: Delete all data it can find

Step 2: go to hacker IP address and download malicious virus or trojan software

And imagine that I call that program the same name, PROCESS_DATA_FEED.EXE – and then I replace the real program on my server.

When that program automatically runs at 3 AM…….

The SMB Takeaway

There is a reason our mailboxes are on the outside of our houses.

When you need to open a mailbox to receive this type of data – keep any application code outside that mailbox. Somewhere that only you have the keys.

You can get updates to this blog by clicking the RSS icon on the Home Page!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s