[BALUG-Talk] [BALUG-Admin] balug.org DNS review

Rick Moen rick@linuxmafia.com
Fri Sep 29 09:11:58 PDT 2017

Quoting Todd Hawley (celticdm@gmail.com):

> I used to maintain a site that ran WordPress, we migrated it to DH and they
> insisted
> they could only run WP if our URL included the Dreamhost name in the URL.

How funny.

> Aha! I wondered why WP had so many security issues. Although from what
> I'd heard PHP was a nice scripting language and easy to learn. I had no idea
> it was prone to security issues.

Just for fun, here's a cranky rant giving a full rundown on the problems
with PHP:  https://eev.ee/blog/2012/04/09/php-a-fractal-of-bad-design/

I suspect it's difficult verging on impossible to write good and
reasonably secure public-facing PHP code if it does anything
significant.  In any event, for whatever reason, there are continual,
repeating security breakdowns in WordPress itself.  Troublingly, these
tend to keep occurring over and over in the same areas, suggesting that
there are deep architectural flaws that give rise to the recurring
implementation flaws, i.e., the underlying problems don't ever get truly
fixed, only this week's manifestation of the problem.

If you've been around software for a while, you learn to recognise that
pattern.  Fixed, this time for sure!  Oh darn, here's another one that's
technically different, and we've fixed that.  Wait, here's another one
and a fix for it....

I'm personally sympatico with security expert Marcus J. Ranum's take on
this:  If signs suggest that code is fundamentally not very good, then
the only reasonable remedy is to avoid running it, rather than
continually applying the patch du jour, from now unto eternity.  Here's
one of his several rants about that:


It's also idea #3 on his list of the Six Dumbest Ideas in Computer
Security: http://www.ranum.com/security/computer_security/editorials/dumb/

There's some keen thinking behind Ranum's views.  On a separate page,
http://www.ranum.com/editorials/must-read/ , Ranum singles out Nobel
Prize-winning physicist Richard Feynman's insight in his much-praised
separate 'Personal observations on the reliability of the Shuttle'
report, Feynman wrote as a member of the Rogers Commission investigating
the Challenger disaster:

  In "Observations", Feynman is careful to point out, in his discussion
  of "safety margin", that, if hot gasses are not _designed_ to jet past 
  and damage an O-ring, then there is no such thing as a "safe" flight in
  which that happens _to any degree_.  You could take "Observations" and
  staple a post-it note to the front of it reading, "...and if the design
  doesn't say that heat resistant tiles are _supposed_ to fall off, then
  there is no 'safety margin' that justifies flying the shuttle if they

  I have unashamedly paraphrased Feynman over and over again in the last
  few years, with respect to computer security:  "If the design of your
  operating doesn't _say_ that it's _supposed to be hack-able_, then it
  shouldn't be and it's not safe for use in an environment where there
  are hackers."  I wish I could boil that down to a Feynman-esque quip,
  or a Sun Tzu-style phrase - but it is no embarrassment for any man to
  admit that they aren't in that league of thinkers.

For context, as Feynman recounts, NASA administrators had written off 
the space shuttle's continual shedding of heat-shielding tiles as an 
acceptable risk (the estimated risk going down as one ascended the
management foodchain), despite the fact that (to pick one example among
several), according to the shuttle's engineering design, no tiles were
supposed to fall off at all.

By analogy, the recurring security problems in both PHP and Wordpress
are of the sort that make you ask 'Why are these happening at all, and 
why do they keep happening in the same areas?'  The natural suspicion is
thus that there are fundamental, deep flaws that aren't ever getting
fixed, just the cracks spackled over.

Ranum's so impressed by the profundity of Feynman's observations that he
mirrors a copy, here:

More information about the BALUG-Talk mailing list