Databases Reference
In-Depth Information
flying are very safe and there are multiple safeguards. By the time an aircraft crashes, several safeguards
have likely failed. Our approach to computer security must take a similar approach.
This single APEX application included functionality for both self-registered users and
administrators. The same username and password could access both levels of functionality. The
potential for security breaches could be reduced by segregating administrative users and functionality
into another application or adding additional authentication factors.
While there were several easy fixes to the specific problem of updating another user's password, a
real solution involves a more comprehensive approach to security. Finding the balance between
convenience, development costs, and security can be challenging. Some applications and associated
data warrant a greater focus on security. Establishing security expectations early on, and coding to those
standards, is more effective than attempting to retrofit security into an existing application.
Denial of Service
WikiLeaks, Amazon, MasterCard, and Visa all suffered from Denial of Service (DoS) attacks. Unknown
assailants attacked WikiLeaks for posting hundreds of thousands of sensitive US Government
documents. After WikiLeaks posted the documents, Amazon removed WikiLeaks from the Amazon
Cloud servers, and MasterCard and Visa stopped processing donations to WikiLeaks. An Internet group
known as Anonymous retaliated against Amazon, MasterCard, and Visa using multiple hijacked
computers to flood them with requests, overwhelming their capacity and disturbing the Internet traffic
in many areas.
The architecture of web servers and browsers makes DoS both possible and easy to accomplish.
HTTP requests are stateless: a web browser makes a request, the web server processes the request,
responds with HTML and then the connection is severed, allowing both to continue without
maintaining a persistent connection. If a browser moves on to another page, it does not let the web
server know; the web server continues to process and respond to the original request. Hence a single
computer can rapidly generate huge numbers of requests with little processing overhead, while the
server expends significantly more computing power responding to those requests.
Denial of Service in an APEX Environment
Most large scale DoS attacks utilize computers that have been hijacked for this purpose. The owners of
these zombie computers often don't know that they are involved in the attacks even after they have
occurred. While it may require hundreds of zombies to overwhelm MasterCard or Visa, a single desktop
computer can typically generate sufficient requests to impact a typical departmental or medium-sized
business server.
In many cases, systems experience denial of service without any malicious intent. I recently
investigated two such cases in APEX environments. In one case a user had gone to lunch after placing a
spiral-bound notebook on the keyboard. The notebook landed in such a way that it was pressing the
enter key. The browser window was in the foreground and had a link to an APEX page active. Pressing
the enter key caused a request for the page. The spiral-bound notebook, holding down the enter key,
fired off requests for that page nonstop until the server was overwhelmed. In the second case, the APEX
application had a particular page that made a web service request that was occasionally slow. Impatient
users would click on a link to the slow page, wait a few seconds and then start clicking and clicking,
stacking up requests for the page.
The Details
While most, perhaps all, HTML-generating technologies are susceptible to DoS attacks, the APEX
architecture and engine demonstrate a specific set of behaviors when suffering from this kind of attack.
