News broke today that Amazon remotely erased copies of some George Orwell books from Kindle devices. Putting aside the irony of Orwell's books being erased, the question we must all ask ourselves is what the ramifications are of putting our data on devices and systems controlled by others. In our increasingly connected world of always on, wired and wireless access to everything from our books to our pesonal information, we should all ask a very central philosphical question - who owns our data?

Whether the issue is Amazon deleting a book you paid for on a device you own, government workers improperly accessing private records, private industry workers improperly accessing records of public figures,  companies attempting to assert ownership over data you place in their hands, or hackers stealing data from public and private databases, the twin issues of data ownership and security have become central themes in an emerging threat to the success of the Internet as a trusted medium. We believe that users own their data, and we are working on an exciting new product set that will address these fundamental issues in ways that put data ownership and security in the hands of users. 

As related by various news outlets, Google today experienced a one hour outage because an employee inadvertently marked the entire Internet as "malware". While the immediate story may be the inconvenience to users everywhere who were unable to use the Google search engine to view web sites during the outage, the bigger - and far more troubling - issue is the power a single company has over such a central component of the Internet, and how that power, in the wrong hands, could lead (intentionally or otherwise) to Very Bad Things happening on the Internet.

 How many people were aware, prior to today, that a single Google employee could label the entire Internet malware with such ease - or at all, for that matter? If there are such poor controls in place at Google that something so damaging could be done by accident, what kind of damage could malicious employees or hackers do on purpose? 

This issues raises the very real and very worrying prospect of the potential for corruption at Google and other companies with such market power. Want to get ahead of your competitors? Forget about buying ads, that's too expensive. Why not try to bribe a Google engineer to finess your search ranking to the top? Is that possible? What safeguards are in place to prevent it? Does anyone outside Google know? Does anyone inside Google know? 

Lastly, this story makes me even more wary of cloud computing. Sure, cloud computing offers some very cool upside- virtually unlimited scaling, relatively simple management of applications (as system hardware and services like clustering are abstracted away from the user), and good pricing. Still, I worry about the downside - that's part of my job, after all. What happens if an employee of the cloud provider makes a mistake that removes a bunch of applications from the cloud? Who is responsible for economic losses sustained because of such a mistake? CIOs might want to read the fine print on that cloud computing contract before jumping in with both feet.

One of the nifty conveniences of ColdFusion is its built-in ability to communicate with other systems in a variety of Internet protocols, inclusing mail protocols like POP and SMTP. In general, setting up ColdFusion to work with a mail server is a simple affair:

1. Log into the ColdFusion Administrator.
2. Click the Mail entry under Server Settings.
3. Fill out the form with the name or IP address of your mail server.
4. Change the SMTP port, if appropriate.
5. Click Submit.

For years, setting up a mail server in CF worked pretty much like this. More recently, though, mail servers have started to widely adopt encryption technology, reverse DNS checking, and other measures designed to enhance security and combat spam. This change of affairs has forced companires like Adobe to add features to their products to support these new technologies. In the case of mail connections with ColdFusion, the current solution works but is not always easy to implement.

At Emergent Path, we recently added a publicly signed SSL certificate to our mail server to enable encryption for all mail traffic. Immediatley, we noticed that our corporate web site (and yes, this blog) could not send email out because the ColdFusion server could not talk to the mail server.

After some research and a quick check around the CF/Java blogsphere,I got an opinion from Jeff Smallwood that I should try importing the mail server cert into ColdFusion to see if that would resolve the issue. Importing a cert into the keystore in ColdFusion's JVM isn't that dificult, but it is the sort of exacting task that is easy to get wrong, especially if you have not done it before. For a couple of threads on that topic, check Terry Ryan's blog entry on importing certs with the keytool.

I imported the cert and restarted ColdFusion, but the system would still not connect to our mail server. Hmm. 

Next, I dropped to the command line on the CF server to try and debug the connection to the mail server that way.

telnet mailserver.emergentpath.com 25
Service not available (-37) 
connection closed by foreign host

A search for the error condition along with the name of our mail server (XMail), yielded this thread about DNS checking on the XMail Forum. Ah, now I was getting somewhere. The mail server is set up to run reverse DNS checks on all peers, and it couldn't verify the identity of the CF server, so it would not accept the connection. A quick trip to the console of the internal DNS server to add the internal IP address mapping of the server to its hostname fixed that problem, and I was ready to test again, but I still got an error. 

A little further searching about ColdFusion and TLS mail settings led me to a blog post from TACFUG about connecting to GMail from ColdFusion. I copied the settings, changed the appropriate bits for my server, and the system were finally able to communicate.

The lesson to take away from our experience is how many variables there are now in connecting to a mail server. If you are trying to connect to a simlarly locked down mail server from your CF server, remember all the security measures mail administrators put in place to block bad traffic, and account for all the possible sources of connection failures.I would also recommend a conversation ahead of time with your mail server administrator and internal DNS administrator. Researching the issues ahead of time could save you a whole lot of trouble later on.

UPDATE: Jared Rypa-Hauer brought to my attention an add-on tool for CF Admin that enables you to work with the CF keystore in the Admin rather than on the command line.  The tool is an open source project on RIAForge called CertMan.

There is a new bout of SQL injection attacks making the rounds on the Internet right now, and some of these attacks are specifically targeted at sites running on ColdFusion. Check out a post from Ben Forta on the latest SQL injection attacks for more background.

What can you do to protect yourself? The best thing you can do is secure all of the variables in your database queries inside CF with the <cfqueryparam> tag. Using <cfqueryparam> will shut the door on random SQL strings being injected into your applications.

Yesterday, Foundstone security consultant Dean Saxe gave a great talk on web application security. Dean covered well-known security vulnerabilities like SQL injection and XSS attacks, and he covered less well-known issues like man-in-the-middle SSL certificate attacks that could expose users to hacks on a seemingly secure site.

Software developers need to know about these issues so they can learn to build applications with a focus on security. Business users need to know about these issues so they can understand potential threats to their businesses.

Security is a set of trade-offs based on risk level and risk tolerance, and everyone concerned should understand the risks in their applications.