Default Placeholders, a security hole
Published: September 22nd 2016
Working recently with a range of AWS and domain pointers it became apparent how easy it is for people within your deployment chain to make dangerous default configurations that leave your site or code vulnerable.
We've all done it - put in a default piece of code or placeholder text that we intend to go back and change later before it goes to production. With the best intentions we set up our cloud formation code, domain pointers or software to be modified later and somehow we end up with defaults in production.
Surely things can't get too bad, right? Wrong. What if you created a fake pointer for your domain to a domain that you figured didn't exist. What if that domain actually DID exist and suddenly your sub domain was pointing to a competitor, malware or blog article slating your company?
Think this couldn't happen? FakeAlias.net is a perfect example of this. A loophole with some domain mapping that should never have been entered by a network provider allowed for the redirection of a whole swathe of client services to what could have easily ended up with systems being taken over by malware or redirected to competitors. Perhaps it even passes off as your own service and customers start paying OTHER PEOPLE for services you have.
If you have the correct change request processes and sign-off, you should not get to a situation where this would be an issue in production. If you're following ISO standards you should have steps in place to pick up on items, have @todo items in your codebase that you check before deployment or have a chain of command to verify settings before they go live.
If you are using default placeholders for items, always ensure you tag a note with items so that you can find where you have used any default placeholders.
We all make mistakes, make better mistakes
Let's face it, if you're going to make a mistake, make sure it's not a really bad one, especially if your clients will potentially be heavily impacted by it. Limit the problems you might cause and above all - check, check and re-check what you're pushing out on your configuration and mappings.
The computer industry moves fast, we all drop the ball from time to time (myself included) but we need to have a culture that puts security first and verifies any major changes with a pipeline of second-eyes and sanity checking.
Above all, watch out for those default placeholders people... they just might pwn your systems.
AWS Ephemeral Data re-instating