Because of their size programs always contain mistakes. These mistakes are called ‘bugs’. Bugs are dangerous because they may allow an attacker to give the program some data which is unexpected or will confuse its instructions. This
could stop the program from working, allow access to your files, run another program, or in the worst case make the program treat the data as if it were part of its own program and run it. Apparently harmless data can become a dangerous program that the attacker has managed to run on your computer because of a bug in your program.
To defend yourself you need to know a little more about bugs. Programs are written as short lines of text, called ‘source code’ or just ‘code’, and are often measured roughly in terms of the number of these lines. A very small program might only have 10 lines, but an ordinary program could have 10,000 lines and a very large set of programs 2,000,000. Every 1,000 or so lines a mistake will be made when the program is being written, so the larger the program the more bugs it is likely to contain, and you could guess there might be 2,000 bugs in our very large set of programs. From this, you can see that the larger the programs you allow an attacker to feed data into, the more bugs are available for them to use against you.
A bug that can be used in some way by an attacker is called a ‘vulnerability’. When a new vulnerability is discovered a race starts between the attackers and the defenders. The attackers want to use the vulnerability and the defenders
want to prevent it from being used. To use the vulnerability the attackers need an ‘exploit’. An exploit might be a small program embedded in some data that will be run when that data is fed into the vulnerable program. The defenders must either find some way of stopping the bug from being accessible to the attackers or get the bug corrected and replace the faulty program with a fixed version. When the bug is fixed you may be able to get the fix in the form of a ‘patch’ which can be ‘applied’ to the original program to solve the problem rather than having to download a whole new copy of the program. The latest version of a program will have all the patches already applied. By using recent versions of any programs that are accessible to attackers you reduce the number of exploits that can be used against you.
This leads us to consideration of which programs are accessible to an attacker. Which programs can an attacker most easily feed data into? By far the most accessible and therefore dangerous place to put a program is in a place where everyone on the internet can feed data into it whenever they want. Much less accessible, but still exposed to places you obtain information from, are the programs you use to read internet information such as your web browser. And fairly safely positioned are all the other programs which never talk to the internet, but may occasionally be fed some data you have been sent or downloaded.
Thus large accessible programs are dangerous even if they are updated every week, but small or inaccessible programs can be used quite safely for years. For safety purposes, your objective is to minimise the accessibility, size and age of
the programs running on your computer.
Cybersecurityworld 