Do you have any favourite security tools? Which are they?
A lot of tools that are considered 'security' tools are excellent for general network connectivity testing and debugging. For example I use both nmap every day in a non-security-specific context, yet it is generally considered a security tool.
If I were stranded alone on a desert island with only one tool from the major security categories, I'd use Nmap for port scanning, P0f for passive OS detection, Nessus for vulnerability testing, Snort for intrusion detection, Hogwash for inline intrusion filtering, GnuPG for file encryption, OpenSSL for crypto libraries, OpenSSH for file transfer / remote login / remote execution / X11 forwarding / secure port forwarding, Netfilter/iptables for firewall/acls, vi for file editing, and Netcat and Perl for everything else.
You have suddenly been given the ultimate power to change the world in one of two ways: either you can make all programmers into perfect coders, or you can make all users knowledgeable about the security implications of their actions. Which do you choose?
This is a tough question. Even if all software is completely secure, then you still have a VEBKAC situation. (Vulnerability exists between keyboard and chair.) How many people click 'ok' when their browser says the remote site's SSL certificate isn't valid? How many use the same password for their home email as their work accounts, type it over unencrypted connections, and it's probably 'password' anyway?
Then again, if the user knows the correct response to any security-related action, that does no good if the underlying software is built poorly. Their only available response would be to not use any software at all.
So I'd need to pick the former. Magically modify all programmers to be flawless security geniuses. However, the best of both worlds could still be achieved. These uber-programmers will prevent user cluelessness from subverting security. The user will no longer have the opportunity to just click 'ok', instead you'll get a dialog box like this:
"The site to which you've connected does not have a certificate that is signed by a trusted CA. If you'd like to continue anyway, please explain the security ramifications of this decision and why you consider it necessary."
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.