Buggy security software can make you less secure. Indeed, a growing number of intruders are exploiting bugs in security software to gain access to systems. Smart system administrators have known for a long time to be careful about deploying new “security” products.
A company called Audible Magic is trying to sell “content filtering” systems to universities and companies. The company’s CopySense product is a computer that sits at the boundary between an organization’s internal network and the Internet. CopySense watches the network traffic going by, and tries to detect P2P transfers that involve infringing content, in order to log them or block them. It’s not clear how accurate the system’s classifiers are, as Audible Magic does not allow independent evaluation. The company claims that CopySense improves security, by blocking dangerous P2P traffic.
It seems just as likely that CopySense makes enterprise networks less secure. CopySense boxes run general-purpose operating systems, so they are prone to security bugs that could allow an outsider to seize control of them. And a compromised CopySense system would be very bad news, an ideal listening post for the intruder, positioned to watch all incoming and outgoing network traffic.
How vulnerable is CopySense? We have no way of knowing, since Audible Magic doesn’t allow independent evaluation of the product. You have to sign an NDA to get access to a CopySense box.
This in itself should be cause for suspicion. Hard experience shows that companies that are secretive about the design of their security technology tend to have weaker systems than companies that are more open. If I were an enterprise network administrator, I wouldn’t trust a secret design like CopySense.
Audible Magic could remedy this problem and show confidence in their design by lifting their restrictive NDA requirements, allowing independent evaluation of their product and open discussion of its level of security. They could do this tomorrow. Until they do, their product should be considered risky.
There was a recent article in BusinessWeek saying just that. There are more security vulnerabilities and bugs in all the security software than in Microsoft. I wasn’t aware of the insecurity of content filtering solutions, but I am not surprised.
The sales pitch from Audible Magic is something else. It went something like:
“Do you want to stop P2P software on your network from trading copyrighted content?”
“No, sorry…”
“Oh! So you condone criminal copyright infringement!?”
I very much agree with the points you make in the abstract. But in practice, virtually nobody cares. Companies like this know marketing works much better than strong design. I’ve never gotten around to writing-up stories of my experiences back when I was trying to actually get demos of censorware products to evaluate, but some have been very unpleasant.
“CopySense boxes run general-purpose operating systems, so they are prone to security bugs that could allow an outsider to seize control of them. And a compromised CopySense system would be very bad news, an ideal listening post for the intruder, positioned to watch all incoming and outgoing network traffic.”
This has been seen empirically in related circumstances – one notable source of blog spam is misconfigured censorware boxes being used as open proxies.