Stealing by the rules.

I use to have a very strong interest in security.  I went to cons, I followed the lists, I studied the texts.  I was hooked.  Then around 7 years ago I just started to lose interest in staying on the cutting edge.  That said I never lost my interest, just my drive in keeping up with the Jones’.

One of the things I was good at though was detecting process flaws.  It’s easy to focus on the coding flaws when working on computer security while missing the flaws built right into the process itself.  It’s a process flaw which is currently keeping OpenBounty from going live and the reason for this post.

In almost every system I build I spend a great deal of time trying to think of attack vectors that I would use if I wanted to break the system.  It was while doing this for OpenBounty that I realized I couldn’t put the site live and I’m still trying to figure out the best solution to the problem I found.  I have a few ideas but I’m being more careful in picking one this time so expect it to be a while before it goes live.

Alright enough background, on with the flaw.  OpenBounty worked by giving users votes based on how much money they contributed to a bounty.  This was done to make it fair so that someone contributing $500 would have more of a say in the final product than someone contributing $1.  The problem I realized is that this leaves the door open for users to buy bounties.

Say bounty A has $500 in it.  Ed comes along, contributes $501 to the bounty, submits a claim with no merit then accepts the claim.  Since he has more votes than everyone else the claim is accepted and Ed walks away with $1001 and everyone else walks away with a dirty taste in their mouth.

I realize now I should have seen this sooner.  Anyhow, for the solutions.  I’ve already disabled the ability to vote on your own claims.  I’ve also added a holding period to the end of voting so that should someone do this the others have a few days to file protests before the bounty is paid.

I’m working on a couple more ideas to preemptively stop this as oppose to the above solutions but I’ll let you know how it goes.

This entry was posted on Thursday, August 21st, 2008 at 8:47 pmand is filed under Development, Projects. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply