 Okay, last video of this module. We now go a bit into security and Programming, how do we program in a secure way? And the issue we're having here is that The answer depends very much on what programming language you use Certain languages have More things that might be relevant like memory management or direct access to the operating system It depends what kind of frameworks or libraries you use in your programming because again They could have specific ways of handling security. They could have specific Vulnerabilities, so depends again here. It does depend quite a lot on what domain you're in whether you are implementing a airplane or a web service or an information system and And very often these things of course interact in certain domains. You have a preference for certain languages for certain frameworks. You have specific problems, so This leads to that advice for programming is very often specific So you can't give general advice saying this is how you do secure programming But you need to look up how do I do secure Python programs if I implement something in Django For a web-based information system, so there might be very specific Guidelines for that and very often you have these domain or language specific things that pop up somewhere for example Some of you might be familiar with the all wasp top 10 So that's a nonprofit organization looking at web security and they publish the all wasp Top 10 list of the most common web security issues. They also have a list for mobile applications So advice specific for these kind of domains And they usually don't talk much about the language in the framework They try to be general enough if you then use a specific language You might have different ways of addressing these problems a Similar one that is maybe not as known is the meter Attack list which is spelled in this funny way This is a US nonprofit organization that among other things deals with cyber security And they also have a they have like a matrix of different attacks or threats that typically happen independent of language framework domain and You can basically look these up and you can look at what are successful attacks that have happened Maybe some information of how to avoid them. So these kind of guidelines exist and then there are specific Programming guidelines. So if you look at for example secure programming For C you will find websites. You'll find resources that give you specific advice for C Can do the same for python. There are some things that are Fairly general that are fairly common. I'll just list them here And then how exactly you do that or whether they're really relevant depends again on your context. So a common principle is the visibility of your assets or your data and What you should always try is to make it as limited as possible if you don't need to be able to read or write Variables from outside a class. Well, then don't make them visible. So that's a general principle If something should not be accessible from outside a component. Well, then don't put it into the interface hide it So limit and encapsulate your data on your operations as much as needed, basically Always check inputs So some of the most common attacks have to do with user input being prepared in a special way that Something goes wrong in the application So there are lots and lots of different attack scenarios around this probably the most Well-known one is SQL injection. So in the web system you insert special database code that then Basically leads the program to give you back some kind of information That you shouldn't have access to or maybe modify the information and this applies to I think almost Every single context where you have some kind of input coming in either the user directly writing something like the user name or Your reading files that a user has access to or anything like that So as soon as something comes from the outside that you don't have control of check whether it's correct or not Another one is handle all exceptions So don't just assume that certain exceptions don't happen But make sure you have exception handlers so that if something ever goes wrong There is sort of a fallback your application doesn't just crash. So that's another Really important thing now You want to provide restart capabilities in many cases so Many applications are of course not supposed to crash, but it might still happen And then there should be ways to restart this automatically Or manually it should be feasible somehow that the system restarts So that it's not made unavailable Remember one of the security dimensions we're looking at is availability So you don't just want to have something crashing and it's gone, but you should have some way to restart another very common source of attacks is Overflow attacks so you should always check the boundaries of Your data for example if you are expecting an integer and number as an input Integers are bounded. We don't have infinite numbers in the computer So it's very common to provide some kind of attack Where a very high or very low value is provided and then if you do some kind of calculations It overflows and suddenly instead of being very large the value is very low And depending on what you do with this value this can have consequences So a case this was not an attack But a very popular case of an integer overflow that lead led to catastrophic effects Was the the area in five? accident where the rocket exploded because the Acceleration value overflowed so suddenly from a very large acceleration it went to a reverse And that caused the spaceship the rocket to basically break apart because of the forces so overflow attacks very common check those those are sort of General rules that apply to almost all languages and as I said there can be concrete guidelines I just have a handful of them for Python They are rather high level, but it's nevertheless something you might want to look at so in for example the Python case Many things we're talking about are For example that the version of Python that in all their versions in two dots something there were certain Errors certain vulnerabilities that related to the interpreter so the tool the Command line tool interpreting running your code had vulnerabilities that could lead to for example overflows And that's why one of the things is always check the versions of what you're actually running are there any security issues it's not just People for fun updating versions and coming up with new versions of for example, Python, but there might be security reasons for that So keep track of the versions Try to avoid the assert statements unless you're doing testing or you want to provide some kind of debug information But people in the past have used this to for example check authentication So assert that the user is an administrator for example The problem is that the assert statement is ignored if the debug flag is removed So if your code goes to production mode If that's set in there in the interpreter then the assert statements are simply ignored Which could have severe consequences Talking about checking the input Issues are for example if you use tools like Jamel or pickle So you read in configuration files you deserialize input files and if these files come from a user Theoretically they could put some kind of code in there that is being executed So you need to take care when you use these files from outside that you read them in the right way and check That it's actually correct code and it's not an attack So that's something to be very careful about and then finally a popular case Not only in Python also very common in web frameworks like NodeJS are the Dependencies so nowadays we have so many nice libraries and frameworks that we use but we shouldn't forget that these are written by someone else and Theoretically someone can put in a vulnerability there intentionally or not And of course dependencies themselves have dependencies. So this can be a trickle-down effect So essentially if you are having something that is security relevant or safety relevant check Your dependencies check the versions of them check their history Are they having a large user base? Are they having a large deployment base? Is it trustworthy? But also are you actually downloading the right ones? Do stuff like check the the check sums of these very often if you download something there is a Hashcode that you can check whether you are downloading the right thing or someone has replaced it and you're accidentally Downloading something that has backdoors built in so these are some security specific guidelines for Python What happens with these guidelines and these more general guidelines is that very often in companies? They are included in the coding guidelines. So it's not only about we are indenting our code by one tab We are using camel case for formatting our functions, but it's also things like that whenever you introduce a dependency Check this this and this Only use this version of Python to run the code Don't use assert statements and some of these things like the assert statement or maybe other insecure statements to load Jamal you can automatically check with for example linter tools So it's not like you have to have a checklist where you go through this But many of these things you can actually also check automatically so This is usually where it comes into place in companies programming guidelines that are them specific to language you're using the frameworks are using and the domain you are in So this concludes the security lecture the security module I hope this gave you some kind of input on top of the typical very low-level advice that you get for for example web programming But it gives you a bit of the bigger picture What kind of dimensions there are in security when you look at applications and what you need to consider?