Privacy of the Chart Image

Thread is closed for posting
6 posts, 0 answers
  1. Archis Gore
    Archis Gore avatar
    2 posts
    Member since:
    Jan 2010

    Posted 01 Apr 2010 Link to this post

    I noticed an interesting phenomenon. When the page is rendered, and if I copy the chart image PNG URL to another browser on another machine, it works for a few minutes. My pages are being served over HTTPS so there is little risk someone can directly copy the URL.

    I wanted to know if there is any chance this URL is guessable by third-parties, and what privacy risks there may be. I could be serving up potentially personal information in a chart and wanted to ensure there is no risk to user's data.
  2. Vladimir Milev
    Admin
    Vladimir Milev avatar
    1061 posts

    Posted 05 Apr 2010 Link to this post

    Hello Archis Gore,

    There is a unique GUID generated for each chart image. This GUID is updated during each control lifecycle (render stage). Once it is viewed it is stored in the Cache object for 5 minutes. When the cache expires it is lost forever. So unless the attacker can somehow guess the GUID generated for the image there is little chance to read the image.

    Best wishes,
    Vladimir Milev
    the Telerik team

    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items.
  3. Federico Raggi
    Federico Raggi avatar
    1 posts
    Member since:
    Apr 2010

    Posted 05 Apr 2010 Link to this post

    Is there aconfiguration option to alter this behavior so, for example, the image timeouts after 1 minute instead of 5?
  4. Vladimir Milev
    Admin
    Vladimir Milev avatar
    1061 posts

    Posted 07 Apr 2010 Link to this post

    Hi Federico Raggi,

    Unfortunately there is no API in place to control this setting. However, as customer you should have access to the source code and you can change the following line in the ProcessRequest method of the ChartHttpHandler class:
    context.Cache.Add(name, stream, null, Cache.NoAbsoluteExpiration, TimeSpan.FromMinutes(5.0), CacheItemPriority.Normal, null);

    We sincerely apologize for the inconvenience caused.

    All the best,
    Vladimir Milev
    the Telerik team

    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items.
  5. Chris W. Rea
    Chris W. Rea avatar
    1 posts
    Member since:
    Mar 2010

    Posted 21 May 2010 Link to this post

    Interesting note about the GUIDs.  But, does RadChart simply use built-in .NET methods to generate those GUIDs?  If so there may be a theoretical weakness due to the way GUIDs are generated.  Refer to Wikipedia at http://en.wikipedia.org/wiki/Guid#Algorithm :

               "V4 GUIDs use the later algorithm, which is a pseudo-random number. These have a "4" in the same position, for example {38a52be4-9352-453e-af97-5c3b448652f0}. More specifically, the 'data3' bit pattern would be 0001xxxxxxxxxxxx in the first case, and 0100xxxxxxxxxxxx in the second. Cryptanalysis of the WinAPI GUID generator shows that, since the sequence of V4 GUIDs is pseudo-random; given full knowledge of the internal state, it is possible to predict previous and subsequent values."

    GUIDs were designed to guarantee uniqueness, not un-guessability.  A much better approach would be to use a secure random number generator such as that provided by .NET's System.Security.Cryptography.RandomNumberGenerator ... the values generated by such an RNG ought to be less deterministic than GUIDs.

  6. Ves
    Admin
    Ves avatar
    2926 posts

    Posted 26 May 2010 Link to this post

    Hi Chris,

    Thank you for pointing this. I would not doubt System.Security.Cryptography.RandomNumberGenerator is more secure, but I just want to draw your attention to this part: "...since the sequence of V4 GUIDs is pseudo-random; given full knowledge of the internal state, it is possible..." While I am not really sure what "full knowledge" means in this case, I believe any attacker would have hard time retrieving it, given that they would only be able to collect a number of GUID's which are not guaranteed to be consecutive ones, and that makes RadChart secure enough. Nevertheless, I will make sure our developers are aware of your feedback.

    Best regards,
    Ves
    the Telerik team

    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items.
Back to Top