Monday, 28 July 2008

An Antidote to Class Breaks

This opening post is about the title of the the blog: Class Defenses: An Antidote to Class Breaks.

The notion of a class break is quite common and I am sure most readers have already heard of it.

Here are a couple of definitions

  • "Technological advances bring with them standardization, which also adds to security vulnerabilities, because they make it possible for attackers to carry out class breaks: attacks that can break every instance of some feature in a security system.
    Class breaks mean that you can be vulnerable simply because your systems are the same as everyone else’s. And once attackers discover a class break, they’ll exploit it again and again until the manufacturer fixes the problem (or until technology advances in favor of the defender again)."
    [Source: Bruce Schneier, “Beyond Fear“, 2003, pp 93-4]