A vulnerability is a possible location of a bug. There's no evidence to suggest a bug exists, but based on experience, knowledge of the system, discussion with colleagues, use of oracles, its an indicator of where bugs may lie. Its not a coverage map, though I could see the vulnerability map being used in conjunction with the product map. How does this tie in with a risk list? A risk list is also a list of possible vulnerabilities but its only based on investigation of the product. Vulnerabilities are broader than that as they include conversations, looking at support and reading documentation (though a risk list could come from that too I g uess)
Where in the product have I detected or imagined vulnerability?
Validity of the algorithm
It's complicated - how can that have been tested well?
how easy would this be to test?
Is it third party software (opensource?)
Interaction with other systems
It didn't seem to work with website
what about email?
Networks?
and the other groups?
Subtopic 1
How does it interact if you register with facebook?
does it have plugins
Input Fields
Traditional Area of potential vulnerability
Also coupled with database - can lead to db crash?
Importing
As I toured I thought about what possible vulnerabilities
for import - importing from a different password system - that may cause problems
large files
different configurations
Password character length
How can I make it go negative?
accepts negative numbers
allows you to create excessively long password that's not accepted by other systems
Test Password Expiration
Time typically has bugs in it becaused its used in different ways that people imagine
Password Repeat
What if when you repeat the password differently its fine with that?
fails to ensure the password is correct by being entered twice
allows copy and paste of 2nd password so user may enter incorrect password twice
Database Vulnerabilities
data not properly encrypted
database easily corrupted
can't backup database and passwords
database fields have no boundary limits
Installation
admin rights?
no recourse if you are not admin
no proper feedback if you are not admin
different operating systems
fails to install
requires additional software without giving prior notice
Stress:
What's the limit for passwords? How many can I enter before it fails to accept any more?
what if I export the contents onto a different computer with less memory and hardware and it fails to allow me to import?
What have I heard about the product that suggests vulnerability
Andrei mentioned he had used it once and it was sluggish
Mac requires additional software
Test performance?
After reading the specification what vulnerabilities are suggested to me?
After releasing what vulnerabilities are detected?
Typical Vulnerabilities
Risk List
Bug Taxonomy
Preconceptions
What makes me trust the product?
Good Version Control
Active Site
Its got requirements (a certain sense of rigour?)
Its got help documents
What Makes me doubt the product?
Its opensource
Its hard to test
Its free
Poor Usability
My knowledge of an existing product that is slick
What Andrei said about the product on Mac
unfamiliarity
Do I trust this product?
I suspect I trust the algorithmn
It seems complex
I would imagine its hard to break
No proof of this
Don't trust the security
Was able to paste my password into a word doc
what other things are insecure?
Don't trust the reliability
It crashed
This is the biggie for me, I dont want to lose all my passwords
It's not well thought out from a system perspective
what other things are not well thought out?
Performed 90 minutes survey testing
Imagine all the things that could go wrong
My data is corrupted
Crash
Too large a password generated?
Username to long for database?
url to long for database?
password generation corrupts my data
dummy .key file corrupts the system
My data is stolen
You can find an easy way to access my passwords if my laptop is stolen
temporary files?
.key files?
It becomes too hard to use with other products
Hard to use on websites, email systems and networking products
It's too difficult to use
the interface is too unfamiliar
It's not easily portable
Ipad, Iphone? (non usb)
I download on onto a usb but can't use on apple products as there is no usb
What do I know about other similar products that help me identify vulnerability?