Yet Another Security Code Smell Because Nobody Ever Reads the Documentation TL;DR: Ignoring constant replacement leads to severe security risks. Problems Vulnerable endpoints
Lack of Testing
Documentation Nobody Reads Solutions Enforce constant key replacement
Audit upstream vendors
Automate security checks
Enforce your Documentation with tests
Use invalid defaults to ensure they are always replaced Context A major security flaw, PKfail, persisted unnoticed for 12 years, compromising hundreds of devices. The vulnerability stems from vendors failing to replace a "DO NOT TRUST" Secure Boot master key, a critical step that was neglected despite clear instructions. This oversight left countless devices open to exploitation, allowing threat actors to bypass security measures and install malicious software. Sample Code Wrong fn generate_pk() -> String {
    "DO NOT TRUST".to_string()
}

// Vendor forgets to replace PK
fn use_default_pk() -> String {
    let pk = generate_pk();
    pk // "DO NOT TRUST" PK used in production
} Right fn generate_pk() -> String {
    "DO NOT TRUST".to_string()
    // The documentation tells vendors to replace this value
}

fn use_default_pk() -> String {
    let pk = generate_pk();

    if pk == "DO NOT TRUST" {
        panic!("Error: PK must be replaced before use.");
    }

    pk // Valid PK used in production
} Detection [x]Automatic You can detect this smell by checking for default values that must be replaced before deployment. Tools like static analyzers and manual code reviews help you identify hardcoded or placeholder keys that should be updated. Tags Security Level [x]Intermediate AI Generation AI generators might create this smell unless instructed for context-specific security steps. You must provide clear instructions to ensure proper key replacement. AI Detection AI tools can catch this smell with rules that flag placeholder values through testing and reviews. Conclusion Ignoring crucial steps in the security process, such as replacing default keys, can lead to severe vulnerabilities. This long-lasting flaw emphasizes the need for diligent security practices. Replace all your documentation with acceptance tests. Relations https://hackernoon.com/how-to-find-the-stinky-parts-of-your-code-part-i-xqz3evd?embedable=true https://maximilianocontieri.com/refactoring-011-replace-comments-with-tests?embedable=true More Info https://www.techradar.com/pro/security/secure-boot-has-a-major-security-issue-hundreds-of-devices-from-dell-supermicro-and-more-all-affected-heres-what-we-know?embedable=true Disclaimer Code Smells are my opinion. Credits Photo by Jason Leung on Unsplash It takes 20 years to build a reputation and a few minutes of cyber-incident to ruin it. Stephane Nappo https://hackernoon.com/400-thought-provoking-software-engineering-quotes?embedable=true This article is part of the CodeSmell Series. How to Find the Stinky Parts of your Code Yet Another Security Code Smell Because Nobody Ever Reads the Documentation Yet Another Security Code Smell Because Nobody Ever Reads the Documentation TL;DR: Ignoring constant replacement leads to severe security risks. TL;DR: Ignoring constant replacement leads to severe security risks. Problems Vulnerable endpoints Lack of Testing Documentation Nobody Reads Vulnerable endpoints Lack of Testing Documentation Nobody Reads Solutions Enforce constant key replacement Audit upstream vendors Automate security checks Enforce your Documentation with tests Use invalid defaults to ensure they are always replaced Enforce constant key replacement Audit upstream vendors Automate security checks Enforce your Documentation with tests tests Use invalid defaults to ensure they are always replaced Context A major security flaw, PKfail, persisted unnoticed for 12 years, compromising hundreds of devices. The vulnerability stems from vendors failing to replace a "DO NOT TRUST" Secure Boot master key, a critical step that was neglected despite clear instructions. This oversight left countless devices open to exploitation, allowing threat actors to bypass security measures and install malicious software. Sample Code Wrong fn generate_pk() -> String {
    "DO NOT TRUST".to_string()
}

// Vendor forgets to replace PK
fn use_default_pk() -> String {
    let pk = generate_pk();
    pk // "DO NOT TRUST" PK used in production
} fn generate_pk() -> String {
    "DO NOT TRUST".to_string()
}

// Vendor forgets to replace PK
fn use_default_pk() -> String {
    let pk = generate_pk();
    pk // "DO NOT TRUST" PK used in production
} Right fn generate_pk() -> String {
    "DO NOT TRUST".to_string()
    // The documentation tells vendors to replace this value
}

fn use_default_pk() -> String {
    let pk = generate_pk();

    if pk == "DO NOT TRUST" {
        panic!("Error: PK must be replaced before use.");
    }

    pk // Valid PK used in production
} fn generate_pk() -> String {
    "DO NOT TRUST".to_string()
    // The documentation tells vendors to replace this value
}

fn use_default_pk() -> String {
    let pk = generate_pk();

    if pk == "DO NOT TRUST" {
        panic!("Error: PK must be replaced before use.");
    }

    pk // Valid PK used in production
} Detection [x]Automatic [x] Automatic [x] You can detect this smell by checking for default values that must be replaced before deployment. Tools like static analyzers and manual code reviews help you identify hardcoded or placeholder keys that should be updated. Tags Security Security Level [x]Intermediate [x] Intermediate [x] AI Generation AI generators might create this smell unless instructed for context-specific security steps. You must provide clear instructions to ensure proper key replacement. AI Detection AI tools can catch this smell with rules that flag placeholder values through testing and reviews. Conclusion Ignoring crucial steps in the security process, such as replacing default keys, can lead to severe vulnerabilities. This long-lasting flaw emphasizes the need for diligent security practices. Replace all your documentation with acceptance tests. Relations https://hackernoon.com/how-to-find-the-stinky-parts-of-your-code-part-i-xqz3evd?embedable=true https://hackernoon.com/how-to-find-the-stinky-parts-of-your-code-part-i-xqz3evd?embedable=true https://maximilianocontieri.com/refactoring-011-replace-comments-with-tests?embedable=true https://maximilianocontieri.com/refactoring-011-replace-comments-with-tests?embedable=true More Info https://www.techradar.com/pro/security/secure-boot-has-a-major-security-issue-hundreds-of-devices-from-dell-supermicro-and-more-all-affected-heres-what-we-know?embedable=true https://www.techradar.com/pro/security/secure-boot-has-a-major-security-issue-hundreds-of-devices-from-dell-supermicro-and-more-all-affected-heres-what-we-know?embedable=true Disclaimer Code Smells are my opinion . opinion Credits Photo by Jason Leung on Unsplash Jason Leung Unsplash It takes 20 years to build a reputation and a few minutes of cyber-incident to ruin it. Stephane Nappo Stephane Nappo https://hackernoon.com/400-thought-provoking-software-engineering-quotes?embedable=true https://hackernoon.com/400-thought-provoking-software-engineering-quotes?embedable=true This article is part of the CodeSmell Series. How to Find the Stinky Parts of your Code How to Find the Stinky Parts of your Code

Code Smell 263 - Squatting

Code Smell 261 - DigiCert Underscores

Buy My Book

Share your ideas with me!

Read My Stories

Buy Me a Coffee

Too Long; Didn't Read

Make resilience your competitive advantage

Code Smell 262 - Not Replaced Constants

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Untitled Story

Code Smell 309 - Query Parameter API Versioning

106 Stories To Learn About Clean Code

100 Pieces of Programming Advice from the Book Clean Code by Robert Martin

110 Stories To Learn About Refactoring

3 Things Coding And Prose Writing Have In Common According To Cory House

Code Smell 309 - Query Parameter API Versioning

106 Stories To Learn About Clean Code

100 Pieces of Programming Advice from the Book Clean Code by Robert Martin

110 Stories To Learn About Refactoring

3 Things Coding And Prose Writing Have In Common According To Cory House

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps