Liquid Bomb gave me an Idea..
Bruce Schneier wrote a few days back about "Liquid Bomb" - something he wanted to know better about.
Mr Schneier read this article about A television documentary team said it had made a bomb by mixing a series of odourless and colourless chemicals that could be brought into an aircraft by passengers.
While everyone that read that post commented on the bombs and chemicals, I thought about plugins.
Why Plugins?
I think that if you’ll create plugin or add-on to any software or web site that allow it, this piece of software can be checked for malicious code inside of it.
If you’ll write some plugins, each contains a part of a malicious code, a single function or procedure, that can work only if a user add a few more plugins - it can pass the detection procedure for problematic code (If there is one).
A single function that is hiding in a few hundred lines of code is not so simple to detect.
So let’s say you’ll create a series of plugins for wordpress or maybe some facebook applications and you’ll cut your malicious code to separate functions and distribute this - There can be a way to create an attack using this distributed code.
Yes, we don’t have bottles and liquid here but it looks the same to me..
My name is Guy Mizrahi and I am a Security Specialist from Israel.
Go to the About page to read more about me.