About pseudo-flaw.net

This site is where I post my independent research, demonstrations and utilities. The opinions expressed are my own, and not necessarily those of my employer. Hopefully this information will be of use to people. None of the information or utilities comes with any warranty, and I certainly cannot be responsible for what other people choose to do with them. In fact, I am not responsible for the content of any external sites that I link to and definitely do not own the trademarks of any third-party mentioned. See the Disclaimer.

Whiskey Tango Foxtrot?

The pseudo-flaw moniker is derived from the classic "Glossary of Computer Security Terms" (also known as the "Aqua Book" in the Rainbow Series). NCSC-TG-004-88 defines pseudo-flaw as:


      An apparent loophole deliberately implanted in an operating system
program as a trap for intruders.

The pseudo-flaw concept is important to both attackers and defenders. As an attacker I need to be suspicious of any information that I find on a system, because it may have been intentionally placed there. And as a defender, I need to be aware of steps that I can take to inject flaws and increase the likelihood of detecting an intrusion. The concept of a pseudo flaw is probably best understood in terms of a honeytoken. A real life example of this concept is the "seeds and decoys" addresses that were part of detecting Scott Levine in the Acxiom data breach.

Brought to you by...

This site is lovingly hand-coded in HTML using Emacs and then delivered piping hot to you by Perl.
made with emacs powered by perl