![Page 1: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/1.jpg)
T H E N E T I S D A R K A N D F U L L O F T E R R O R S
J A M E S B E N N E T T · D J A N G O C O N E U R O P E · 3 R D J U N E 2 0 1 5
![Page 2: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/2.jpg)
W H O I A M
Working with Django 9 years, 5 at Lawrence Journal-World
Commit bit since 2007
Involved in Django’s release and security process ~8 years
![Page 3: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/3.jpg)
W H AT T H I S I S
History of Django and security
How Django tries to protect you
Some ways we’ve screwed up and what you can learn from that
![Page 4: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/4.jpg)
S E C U R I T Y I S H A R D
![Page 5: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/5.jpg)
I N T H E B E G I N N I N G …
![Page 6: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/6.jpg)
D J A N G O ’ S F I R S T V U L N E R A B I L I T Y
1 6 T H A U G U S T 2 0 0 6 C V E - 2 0 0 7 - 0 4 0 4
![Page 7: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/7.jpg)
N I N E Y E A R S A N D 4 8 M O R E S E C U R I T Y I S S U E S L AT E R …
![Page 8: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/8.jpg)
D J A N G O ’ S L AT E S T V U L N E R A B I L I T Y
2 0 T H M A Y 2 0 1 5 C V E - 2 0 1 5 - 3 9 8 2
![Page 9: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/9.jpg)
Security issues are archived in the documentation: https://docs.djangoproject.com/en/dev/
releases/security/
![Page 10: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/10.jpg)
2 0 0 7 · P R E - 1 . 0
I N F O R M A L S E C U R I T Y P R O C E S S2 0 0 8 · D J A N G O 1 . 0
T E M P L AT E A U T O E S C A P I N G2 0 1 0 · D J A N G O 1 . 2
M O D E R N C S R F P R O T E C T I O N2 0 1 2 · D J A N G O 1 . 4
H A S H I N G , C R Y P T O , S I G N E D C O O K I E S , C L I C K J A C K I N G , S E N S I T I V E E R R O R S , F O R M A L S E C U R I T Y P R O C E S S
![Page 11: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/11.jpg)
2 0 1 3 · D J A N G O 1 . 5 · D J A N G O 1 . 6
H O S T H E A D E R H A R D E N I N G , I N C R E A S E D H A S H I T E R AT I O N S , H A S H T R U N C AT I O N2 0 1 4 · D J A N G O 1 . 7
S Y S T E M C H E C K F R A M E W O R K2 0 1 5 · D J A N G O 1 . 8
S E C U R I T Y M I D D L E W A R E , D E P L O Y M E N T C H E C K
![Page 12: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/12.jpg)
D J A N G O ’ S S E C U R I T Y P R O C E S S
![Page 13: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/13.jpg)
TL;DR: email [email protected] if you think you’ve found a security issue in Django.
Full security policy always accessible at https://www.djangoproject.com/security/
![Page 14: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/14.jpg)
S E C U R I T Y I S S U E V E R I F I C AT I O N
Try out a proof-of-concept, if provided
Coordinate with reporter for more info if needed
Once verified, begin tracking issue (privately)
![Page 15: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/15.jpg)
S E C U R I T Y PAT C H I N G P R O C E S S
Patches submitted in private tracker (only core team has access)
Reviewed and, if needed, ported to multiple versions of Django
![Page 16: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/16.jpg)
S E C U R I T Y N O T I F I C AT I O N P R O C E S S
Request a CVE identifier for the issue
One week prior to release, send to our security notification list
Pre-notification can be abbreviated for issues already public/exploited
![Page 17: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/17.jpg)
S E C U R I T Y R E L E A S E P R O C E S S
Patches merged from private security branches to public GitHub repository
Releases issued with blog post containing details of issue(s) and CVE identifier(s)
Spam ALL the social media sites!
![Page 18: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/18.jpg)
The goals of our process are to ensure responsible reporting and disclosure of security issues.
![Page 19: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/19.jpg)
D J A N G O V S . T H E O W A S P T O P T E N
![Page 20: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/20.jpg)
https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
![Page 21: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/21.jpg)
Injection attacks ✅
Authentication and session management ✅
Cross-site scripting (XSS) ✅
Direct object references ✅
Misconfiguration ✅
![Page 22: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/22.jpg)
Sensitive data exposure ✅
Function level access control ✅
Cross-site request forgery (CSRF) ✅
Components with known vulnerabilities ✅
Unvalidated redirects and forwards ✅
![Page 23: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/23.jpg)
A B O V E A N D B E Y O N D
![Page 24: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/24.jpg)
Django tries very hard to be secure-by-default, and to offer the tools you need to harden your applications beyond the common cases.
![Page 25: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/25.jpg)
However…
![Page 26: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/26.jpg)
![Page 27: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/27.jpg)
W H Y D O W E FA L L ?
![Page 28: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/28.jpg)
W H Y D O W E FA L L ?
![Page 29: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/29.jpg)
W H Y D O W E FA I L ?
![Page 30: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/30.jpg)
– T H E D J A N G O T E A M , C I R C A 2 0 0 7
“Parsing the Accept-Language header is expensive to do every time, let’s do it once per
unique value and cache the results!”
![Page 31: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/31.jpg)
– T H E D J A N G O T E A M , C I R C A 2 0 1 0
“Let’s use a one-time base36 token to do password resets!”
![Page 32: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/32.jpg)
– T H E D J A N G O T E A M , C I R C A 2 0 1 3
“Formsets need to dynamically grow the number of forms they use!”
![Page 33: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/33.jpg)
– T H E D J A N G O T E A M , C I R C A 2 0 1 3
“Restrictions on password length are dumb! Long passwords are better!”
![Page 34: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/34.jpg)
CVE-2007-5712
Denial-of-service via arbitrarily-large Accept-Language header
CVE-2010-4535
Denial-of-service in password-reset mechanism
CVE-2013-0306
Denial-of-service via formset max_num bypass
CVE-2013-1443
Denial-of-service via large passwords
![Page 35: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/35.jpg)
![Page 36: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/36.jpg)
CVE-2007-5712
Denial-of-service via arbitrarily-large Accept-Language header
CVE-2010-4535
Denial-of-service in password-reset mechanism
CVE-2013-0306
Denial-of-service via formset max_num bypass
CVE-2013-1443
Denial-of-service via large passwords
![Page 37: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/37.jpg)
P Y T H O N I S G R E AT
No buffer overflows
But you can still DoS yourself if you’re not careful
We learned this the hard way so you shouldn’t have to
![Page 38: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/38.jpg)
S T O P D O S ’ I N G Y O U R S E L F
Sanity-check your inputs for length before you start processing them
Yes, even passwords (when appropriate)!
Configure your web server to cap the length of HTTP headers and request bodies
![Page 39: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/39.jpg)
– T H E D J A N G O T E A M , C I R C A 2 0 0 6
“URLField should really check whether the URL exists before accepting the value!”
![Page 40: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/40.jpg)
– T H E D J A N G O T E A M , C I R C A 2 0 0 6
“URLField should accept anything that matches the format of a valid URL!”
![Page 41: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/41.jpg)
– T H E D J A N G O T E A M , C I R C A 2 0 0 6
“EmailField should accept anything that matches the format of a valid email address!”
![Page 42: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/42.jpg)
– T H E D J A N G O T E A M , C I R C A 2 0 1 2
“Checking for corrupt image files is easy, we can just use PIL’s routines for that!”
![Page 43: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/43.jpg)
– T H E D J A N G O T E A M , C I R C A 2 0 1 2
“Most image formats store metadata in a header, let’s find it by only reading a few bytes at a time!”
![Page 44: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/44.jpg)
CVE-2011-4137
Denial-of-service via URLField.verify_exists
CVE-2009-3965
Denial-of-service via pathological regular-expression performance
CVE-2012-3443
Denial-of-service via compressed image files
CVE-2012-3444
Denial-of-service via large image files
![Page 45: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/45.jpg)
![Page 46: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/46.jpg)
CVE-2011-4137
Denial-of-service via URLField.verify_exists
CVE-2009-3965
Denial-of-service via pathological regular-expression performance
CVE-2012-3443
Denial-of-service via compressed image files
CVE-2012-3444
Denial-of-service via large image files
![Page 47: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/47.jpg)
T H E B I G O
Expresses upper bound on your algorithm
Also, apparently, an anime
But more important is the “upper bound” bit
![Page 48: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/48.jpg)
– A C T U A L LY A V E R Y U S E F U L Q U E S T I O N
“What’s the worst that could happen?”
![Page 49: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/49.jpg)
N O R E A L LY, S T O P D O S ’ I N G Y O U R S E L F !
Figure out how much work your code should do
Then figure out whether you can make it do more
Then figure out ways to ensure it does less
Some issues (compressed formats, incremental reads, pathological regex, etc.) have been around forever — read up on them!
![Page 50: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/50.jpg)
(?:(?:\r\n)?[ \t])*(?:(?:(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*|(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)*\<(?:(?:\r\n)?[ \t])*(?:@(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*)*:(?:(?:\r\n)?[ \t])*)?(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*\>(?:(?:\r\n)?[ \t])*)|(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)*:(?:(?:\r\n)?[ \t])*(?:(?:(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*|(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)*\<(?:(?:\r\n)?[ \t])*(?:@(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*)*:(?:(?:\r\n)?[ \t])*)?(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*\>(?:(?:\r\n)?[ \t])*)(?:,\s*(?:(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*|(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)*\<(?:(?:\r\n)?[ \t])*(?:@(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*)*:(?:(?:\r\n)?[ \t])*)?(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*\>(?:(?:\r\n)?[ \t])*))*)?;\s*)
![Page 51: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/51.jpg)
– T H E D J A N G O T E A M , C I R C A 2 0 1 0
“Values of cookies we’ve set can be trusted!”
![Page 52: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/52.jpg)
– T H E D J A N G O T E A M , C I R C A 2 0 1 0
“Admin users can be trusted with a bit of the lookup API!”
![Page 53: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/53.jpg)
– T H E D J A N G O T E A M , C I R C A 2 0 1 1
“We can trust the browser same-origin sandbox!”
![Page 54: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/54.jpg)
– T H E D J A N G O T E A M , C I R C A 2 0 1 3
“We can trust admin users with the history log!”
![Page 55: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/55.jpg)
– T H E D J A N G O T E A M , C I R C A 2 0 1 3
“Once we’ve validated a value and stored it, we can trust it!”
![Page 56: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/56.jpg)
CVE-2010-3082
XSS via trusting unsafe cookie value
CVE-2010-4534
Information leakage in administrative interface
CVE-2011-0696
CSRF via forged HTTP headers
CVE-2013-0305
Information leakage via admin history log
NO CVE, DISCLOSED 2013-08-13
XSS via admin trusting URLField values
![Page 57: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/57.jpg)
– T H E D J A N G O T E A M , O V E R A N D O V E R A G A I N …
“We can trust the HTTP Host header now!”
![Page 58: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/58.jpg)
CVE-2011-4139
Host header cache poisoning
CVE-2011-4140
Potential CSRF via Host header
CVE-2012-4520
Host header poisoning
ADVISORY, 2012-12-10
Additional hardening of Host header handling
ADVISORY, 2013-02-19
Additional hardening of Host header handling
![Page 59: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/59.jpg)
“I did warn you not to trust me.”
![Page 60: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/60.jpg)
![Page 61: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/61.jpg)
T H E R E I S N O S U C H T H I N G A S “ S E C U R E ”
![Page 62: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/62.jpg)
W H Y D O W E FA L L ?
![Page 63: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/63.jpg)
![Page 64: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/64.jpg)
❓
![Page 65: JUNE 2015 THE NET IS DARK AND FULL OF TERRORS...2007 · PRE-1.0 INFORMAL SECURITY PROCESS 2008 · DJANGO 1.0 TEMPLATE AUTOESCAPING 2010 · DJANGO 1.2 MODERN CSRF PROTECTION 2012 ·](https://reader033.vdocuments.us/reader033/viewer/2022043016/5f388a9b4b3335528e5e009f/html5/thumbnails/65.jpg)
Q U O T E S / I M A G E S
http://www.marriedtothesea.com/index.php?date=012710
http://en.wikipedia.org/wiki/File:Selfmade_Big_O.png
http://www.ex-parrot.com/pdw/Mail-RFC822-Address.html
http://highlighthollywood.com/2015/02/game-of-thrones-actor-aidan-gillen-lord-petyr-baelish-talks-season-5-sansa-and-little-finger-highlight-hollywood-news/
http://x-files.wikia.com/wiki/File:Trust_No_One_tagline.jpg
http://www.slideshare.net/ChristofHammel/process-iceberg-21703547