I recently sent a request to my employer's IT department asking for access to Python 3.6.3. The request was denied with the justification "Python is dangerous to have on a pc. It is a useful attack vector."
Can anyone provide insight on what this might mean? Does simply having Python installed on your computer make you more susceptible to attacks? I can't tell if my employer has a valid concern here or if they are just taking the easy route.
EDIT: Spelling
No, there is nothing inherently insecure about python.
However Python can be used to make a vulnerability. For instance it would be easy to make a web portal that executes anything that is typed in. This is true for any programming language, but python makes it extra easy.
And I know, you would know better, but IT departments see all their users as idiots (often with good reason).
Every Macintosh and a lot of Linux distributions for desktop have Python installed by default. I don't think they are unsafe.
cryptanalysis - Is python a secure programming language for cryptography? - Cryptography Stack Exchange
Is it use python 2.7 version safe for security and other things. if not how much risk there
Python Security Question
Potential Security Risks of using Python at Work
Why is Python security important in software development?
What is Python secure coding and why is it important?
How does Binmile ensure the security of Python applications developed for clients?
Videos
Python is a scripting language, so if you've got the program, you usually also have the source code. So you don't even have to reverse-engineer. That doesn't matter much for two reasons:
- other languages are pretty easy to reverse engineer (or they are complex for both the programmer and the attacker);
- the algorithm does not have to be kept safe anyway, due to Kerckhoffs' principle
Now the above does not directly make Python suitable for cryptography. One of the main things about cryptography is security. Without a secure programming environment, you can have any strength of cryptography, and still not have a secure system.
Languages have many constructs that make them more or less suitable for security and cryptography, so I show a few and indicate how Python fares:
type system: it has a dynamic type system with strong typing - with regards to security this is not as good as a static type system but it is better than weak typing;
character encoding: not good, python may confuse bytes and characters if specialized classes are not used;
operations on bytes, 16 bit words, 32 bit words and 64 bit words: not good, python simply regards everything as an unbounded number;
operations on large integers: good; modular exponentiation can be done directly on numbers using pow();
destruction of keys & state: this is a problem for any language that doesn't directly manage it's memory; Python is not likely to fair better than the rest, it may be hard to prove that keys can be safely destroyed while the program is running.
Finally, in general people like their systems to be fast. Unfortunately, scripting languages are often not fast with regards to binary operations required for symmetric cryptography (SHA-256, AES). Interpreted languages such as Java are already much faster, but languages such as C and assembly are faster than that (when used correctly).
More important for regular use of cryptography is the maturity of cryptographic support provided in libraries. Python has a relatively well kept crypto libraries called PyCrypto, PyOpenSSL available; those libraries however are mainly implemented mainly in C. These and other libraries are discussed here. One advantage of PyOpenSSL is that it should be possible to securely store and use keys from a hardware module (for instance a smart card or HSM).
Note that side channels may apply when using Python for direct implementation of cryptographic primitives. I'd say that Python is especially OK for fast prototyping of cryptographic primitives rather than library creation.
All in all, I would summarize that Python is OK-ish, but not great for cryptography if such a generalist statement can be made at all.
The point of cryptography is having algorithms that are secure even when the attacker knows them. Google security by obscurity to see why it's bad.
I'll add the following based on otus comment. Python can be reverse engineered, so you can't hide your algorithms. Basically, if someone can run your code, they can reverse engineer the algorithms. The point of crypto is that you can publish all your algorithms to the world, and, unless you tell them some secret key, they won't be able to break the encryption.
However, in practice you'll have issues like side channel attacks, i.e. the code leaks information about the data it's processing. This includes secret keys. This will pop up in any programming language unless you really know what you're doing. If you use a crypto library in Python, then most of these issues are more or less a problem of the library writer, so you need to trust that they know what they're doing, but even the user can use the library in bad ways.
To conclude, Python is neither better or worse than any other programming language as long as you use a good crypto library. However, if you're thinking about implementing something like RSA yourself or some other crypto algorithm you found in a book/paper, then most probably the code will be vulnerable unless you're an expert and you really know what you're doing. This applies to any language.
Hi
First of all, I’m no software or programmer expert, but one of our users is wanting to use Python to write scripts to help with their “job” to test products (not IT related).
After looking into it, I have concerns over the use of Python as it can do and control a lot of things these employees should not have access too.
I have read it can communicate to Cisco Switches, Servers, or other PCs.
So, from a security point of view of protecting my network and not allowing access, how secure is the use of Python?
you’ll still creds to get into the infrastructure… what about Powershell? then AD only requires read access to get a huge amount of information about your company’s systems and users.
Not more of less an issues than anything else … imho
So I wanted to install Python, download Selenium library on it, and combine it with Webdriver to access web-driven accounting software to automate some stuff; mainly downloading reports from the accounting software since there are tones of reports to download every month, which the software does not have automation function for. I don't want to deal with any data.
Senior director and I went to IT for the request to download Python and they declined; they said there is a security risk.
Does anyone know what potential security risks they are referring to? I don't have cs background so I'm not very sure. And is there a way to mitigate those risks?