(Ebook) Security for Web Developers - Using

JavaScript, HTML, and CSS (Early Release, Raw &

Unedited) by John Paul Mueller ISBN
9781491928646, 1491928646 download
https://ebooknice.com/product/security-for-web-developers-using-
javascript-html-and-css-early-release-raw-unedited-5152788

Explore and download more ebooks at ebooknice.com

Here are some recommended products that we believe you will be
interested in. You can click the link to download.

(Ebook) Biota Grow 2C gather 2C cook by Loucas, Jason; Viles, James

ISBN 9781459699816, 9781743365571, 9781925268492, 1459699815,
1743365578, 1925268497

https://ebooknice.com/product/biota-grow-2c-gather-2c-cook-6661374

(Ebook) Matematik 5000+ Kurs 2c Lärobok by Lena Alfredsson, Hans

Heikne, Sanna Bodemyr ISBN 9789127456600, 9127456609

https://ebooknice.com/product/matematik-5000-kurs-2c-larobok-23848312

(Ebook) SAT II Success MATH 1C and 2C 2002 (Peterson's SAT II Success)

by Peterson's ISBN 9780768906677, 0768906679

https://ebooknice.com/product/sat-ii-success-
math-1c-and-2c-2002-peterson-s-sat-ii-success-1722018

(Ebook) Master SAT II Math 1c and 2c 4th ed (Arco Master the SAT
Subject Test: Math Levels 1 & 2) by Arco ISBN 9780768923049,
0768923042

https://ebooknice.com/product/master-sat-ii-math-1c-and-2c-4th-ed-
arco-master-the-sat-subject-test-math-levels-1-2-2326094
(Ebook) Cambridge IGCSE and O Level History Workbook 2C - Depth Study:
the United States, 1919-41 2nd Edition by Benjamin Harrison ISBN
9781398375147, 9781398375048, 1398375144, 1398375047

https://ebooknice.com/product/cambridge-igcse-and-o-level-history-
workbook-2c-depth-study-the-united-states-1919-41-2nd-edition-53538044

(Ebook) JavaScript for Modern Web Development: Building a Web

Application Using HTML, CSS, and Javascript by ALOK RANJAN, ABHILASHA
SINHA, RANJIT BATTEWAD

https://ebooknice.com/product/javascript-for-modern-web-development-
building-a-web-application-using-html-css-and-javascript-49177184

(Ebook) Using SVG with CSS3 and HTML5: Vector Graphics for Web Design
(Early Release, Raw & Unedited) by Amelia Bellamy-Royds, Kurt Cagle,
Dudley Storey ISBN 9781491921975, 1491921978

https://ebooknice.com/product/using-svg-with-css3-and-html5-vector-
graphics-for-web-design-early-release-raw-unedited-6761666

(Ebook) Amazon Web Services for Developers For Dummies by John Paul
Mueller ISBN 9781119371892, 1119371899

https://ebooknice.com/product/amazon-web-services-for-developers-for-
dummies-50195924

(Ebook) Learning React: Functional Web Development with React and

Redux [Early Release, Raw & Unedited] by Alex Banks, Eve Porcello ISBN
9781491954621, 1491954620

https://ebooknice.com/product/learning-react-functional-web-
development-with-react-and-redux-early-release-raw-unedited-5771042
O’Reilly Media, Inc. 7/21/2015

I
Developing a Security Plan

1
O’Reilly Media, Inc. 7/21/2015

1
Defining the Application
Environment

Data is the most important resource that any business owns. It’s literally possible to
replace any part of a business except the data. When the data is modified, corrupted,
stolen, or deleted, a business can suffer serious loss. In fact, a business that has enough go
wrong with its data can simply cease to exist. The focus of security, therefore, is not
hackers, applications, networks, or anything else someone might have told you—it’s data.
Therefore, this book is about data security, which encompasses a broad range of other
topics, but it’s important to get right to the point of what you’re really looking to protect
when you read about these other topics.
Unfortunately, data isn’t much use sitting alone in the dark. No matter how fancy your
server is, no matter how capable the database that holds the data, the data isn’t worth
much until you do something with it. The need to manage data brings applications into
the picture and the use of applications to manage data is why this introductory chapter
talks about the application environment.
However, before you go any further, it’s important to decide precisely how applications
and data interact because the rest of the chapter isn’t very helpful without this inside. An
application performs just four operations on data, no matter how incredibly complex the
application might become. You can define these operations by the CRUD acronym:
• Create
• Read
• Update
• Delete
The sections that follow discuss data, applications, and CRUD as they relate to the web
environment. You discover how security affects all three aspects of web development,
keeping in mind that even though data is the focus, the application performs the required
CRUD tasks. Keeping your data safe means understanding the application environment
and therefore the threats to the data the application manages.

1
O’Reilly Media, Inc. 7/21/2015

Specifying Web Application Threats

You can find lists of web application threats all over the Internet. Some of the lists are
quite complete and don’t necessarily have a bias, some address what the author feels are
the most important threats, some lists tell you about the most commonly occurring
threats, and you can find all sorts of other lists out there. The problem with all these lists
is that the author doesn’t know your application. A SQL injection attack is only useful if
your application uses SQL in some way—perhaps it doesn’t.
Obviously, you need to get ideas on what to check from somewhere and these lists do
make a good starting place. However, you need to consider the list content in light of
your application. In addition, don’t rely on just one list—use multiple lists so that you
obtain better coverage of the threats that could possibly threaten your application. With
this need in mind, here is a list of the most common threats you see with web applications
today:
• Buffer Overflow: An attacker manages to send enough data in an input buffer to
overflow an application or output buffer. As a result, memory outside the buffer
becomes corrupted. Some forms of buffer overflow allow the attacker to perform
seemingly impossible tasks because the affected memory contains executable code.
The best way to overcome this problem is to perform range and size checks on any
data, input or output, that your application handles.
• Code Injection: An entity adds code to the data stream flowing between a server and
a client (such as a browser). The target often views the added code as part of the
original page, but it could contain anything. Of course, the target may not even see
the injected code. It might be lurking in the background ready to cause all sorts of
problems for your application. A good way to overcome this attack is to ensure you
use encrypted data streams, the HTTPS protocol, and code verification (when
possible). Providing a client feedback mechanism is also a good idea.

Code injection occurs more often than you might think. In some cases,
the code injection isn’t even part of an attack, but it might as well be. A
recent article (see http://www.infoworld.com/article/2925839/net-
neutrality/code-injection-new-low-isps.html) discusses how Internet
Service Providers (ISPs) are injecting JavaScript code into the data
stream in order to overlay ads on top of a page. In order to determine
what sort of ad to provide, the ISP also monitors the traffic.

• Cross-site Scripting (XSS): An attacker injects JavaScript or other executable code

into the output stream of your application. The recipient sees your application as the
source of the infection, even when it isn’t. In most cases, you don’t want to allow
users to send data directly to each other through your application without strict
verification. A moderated format for applications such as blogs is a must to ensure
your application doesn’t end up serving viruses or worse along with seemingly
benign data.

Few experts remind you to check your output data. However, you don’t
actually know that your own application is trustworthy. A hacker could
modify it to allow tainted output data. Verification checks should
include output data as well as input data.

2
O’Reilly Media, Inc. 7/21/2015

• File Uploads: Every file upload, even those that might seem otherwise innocuous, is
suspect. If possible, disallow file uploads to your server. Of course, it isn’t always
possible to provide this level of security, so you need to allow just certain types of
file and then scan the file for problems. Authenticating the file as much as is possible
is always a good idea. For example, some files contain a signature at the beginning
that you can use to ensure the file is legitimate. Don’t rely on file extension
exclusion alone—hackers often make one file look like another type in order to
bypass server security.
• Hard Coded Authentication: Developers often place authentication information in
application initialization files for testing purposes. It’s essential to remove these hard
coded authentication entries and rely on a centralized data store for security
information instead. Keeping the data store in a secure location, off the server used
for web applications, is essential to ensuring that hackers can’t simply view the
credentials used to access the application in certain ways. If you do need
initialization files for the application, make sure these files reside outside the
webroot directory to ensure that hackers can’t discover them accidentally.
• Hidden or Restricted File/Directory Discovery: When your application allows input
of special characters such as the forward slash (/) or backslash (\), it’s possible for a
hacker to discover hidden or restricted files and directories. These locations can
contain all sorts of information that a hacker can find useful in attacking your
system. Disallowing use of special characters whenever possible is a great idea. In
addition, store critical files outside the webroot directory in locations that the
operating system can control directly.
• Missing or Incorrect Authentication: It’s important to know whom you’re dealing
with, especially when working with sensitive data. Many web applications rely on
common accounts for some tasks, which means it’s impossible to know who has
accessed the account. Avoid using guest accounts for any purpose and assign each
user a specific account to use.
• Missing or Incorrect Authorization: Even if you know the person you’re dealing
with, it’s important to provide only the level of authorization needed to perform a
given task. In addition, the authorization should reflect the user’s method of access.
A desktop system accessing the application from the local network is likely more
secure than a smartphone accessing the application from the local coffee shop.
Relying on security promotion to assist in sensitive tasks lets you maintain minimal
rights the rest of the time. Anything you can do to reduce what the user is authorized
to do helps maintain a secure environment.
• Missing or Incorrect Encryption: Use encryption to transmit data of any sort between
two endpoints to help keep hackers from listening in on your communication. It’s
important to keep track of the latest encryption techniques and rely on the best
encryption supported by the user’s environment. For example, Triple Data
Encryption Standard (3DES) isn’t secure any longer, yet some organizations
continue to use it. The current Advanced Encryption Standard (AES) remains mostly
secure, but you want to use the largest key possible to help make it harder to crack.
• Operating System Command Injection: An attacker modifies an operating system
command your application uses to perform specific tasks. Your web-based
application probably shouldn’t use operating system calls in the first place. However,
if you absolutely must make operating system calls, make sure the application runs
in a sandbox.

3
O’Reilly Media, Inc. 7/21/2015

Some experts will emphasize validating input data for some uses and
leave the requirement off for other uses. Always validate any data you
receive from anywhere. You have no way of knowing what vehicle a
hacker will use to obtain access to your system or cause damage in
other ways. Input data is always suspect, even when the data comes
from your own server. Being paranoid is a good thing when you’re
performing security-related tasks.

• Parameter Manipulation: Hackers can experiment with parameters passed as part of

the request header or URL. For example, when working with Google, you can
change the URL and the results of your search. Make sure you encrypt any
parameters you pass between the browser and the server. In addition, use secure web
page protocols, such as HTTPS, when passing parameters.
• Remote Code Inclusion: Most web applications today rely on included libraries,
frameworks, and APIs. In many cases, the include statement contains a relative path
or uses a variable containing a hard coded path to make it easier to change the
location of the remote code later. When a hacker is able to gain access to the path
information and change it, it’s possible to point the remote code inclusion to any
code the hacker wants, giving the hacker full access to the application. The best way
to avoid this particular problem is to use hard coded full paths whenever possible,
even though this action makes it harder to maintain the code.

Many experts will recommend that you use vetted libraries and
frameworks to perform dangerous tasks. However, these add-ons are
simply more code. Hackers find methods for corrupting and
circumventing library and framework code on a regular basis. You still
have a need to ensure your application and any code it relies upon
interacts with outside elements safely, which means performing
extensive testing. Using libraries and frameworks does reduce your
support costs and ensures that you get timely fixes for bugs, but the
bugs still exist and you still need to be on guard. There is no security
silver bullet. Chapter 6 contains more information about working with
libraries and frameworks.

• Session Hijacking: Every time someone logs into your web server, the server gives
that user a unique session. A session hijacker jumps into the session and intercepts
data transferred between the user and the server. The three common places to look
for information used to hijack a session are: cookies, URL rewriting, and hidden
fields. Hackers look for session information in these places. By keeping the session
information encrypted, you can reduce the risk of someone intercepting it. For
example, make sure you rely on the HTTPS protocol for logins. You also want to
avoid doing things like making your session IDs predictable.
• SQL Injection: An attacker modifies a query that your application creates as the
result of user or other input. In many cases, the application requests query input data,
but it receives SQL elements instead. Other forms of SQL injection attack involve
the use of escape or other unexpected characters or character sequences. A good way
to avoid SQL injection attacks is to avoid dynamically generated queries.
This may look like a lot of different threats, but if you search long enough online, you
could easily triple the size of this list and not even begin to scratch the surface of the

4
O’Reilly Media, Inc. 7/21/2015

ways in which a hacker can make your life interesting. As this book progresses, you’ll
encounter a much larger number of threat types and start to discover ways to overcome
them. Don’t worry, in most cases the fixes end up being common sense and a single fix
can resolve more than one problem. For example, look through the list again and you’ll
find that simply using HTTPS solves a number of these problems.

Considering the Privacy Aspect of Security

When delving into security, an organization tends to focus first on its own data
security. After all, if the organization’s data becomes lost, corrupted, modified,
or otherwise unusable, the organization could go out of business. The next level
of scrutiny usually resides with third parties, such as partners. Often, the security
of user data comes last and many organizations don’t think too much about
customer data security at all. The problem is that many users and customers see
the safety of their data as paramount. The whole issue of privacy comes down to
the protection of user data such that no one misuses or exposes the information
without the user’s knowledge and consent. In short, when building an
application, you must also consider the privacy of user data as a security issue
and an important one at that.
A recent article points out that users and customers view the tech industry as
poor trustees of their data (http://www.infoworld.com/article/2925292/internet-
privacy/feds-vs-silicon-valley-who-do-you-trust-less.html). In fact, the tech
industry has actually fallen behind the government—people trust the
government to safeguard their information more often. Many tech companies
publicly support enhanced security policies for other entities (such as the
government) and privately build more ways to thwart any notion of privacy that
the user or customer might have. This duality makes the situation even worse
than it might otherwise be if the tech industry were open about the
encroachment on user and customer data.
In order to create a truly secure application, you must be willing to secure every
aspect of it, including user and customer data. This act requires that the
application only obtain and manage the data necessary to perform its task and
that it discard that data when no longer needed. Trust is something that your
application can gain only when it adheres to the same set of rules for working
with all data, no matter its source.

Understanding Software Security Assurance

(SSA)
The purpose of software is to interact with data. However, software itself is a kind of
data. In fact, data comes in many forms that you might not otherwise consider and the
effect of data is wider ranging that you might normally think. With the Internet of Things
(IoT), it’s now possible for data to have both abstract and physical effects in ways that no
one could imagine even a few years ago. A hacker gaining access to the right application
can do things like damage the electrical grid or poison the water system. On a more
personal level, the same hacker could potentially raise the temperature of your home to
some terrifying level, turn off all the lights, spy on you through your webcam, or do any
of a number of other things. The point of SSA is that software needs some type of
regulation to ensure it doesn’t cause the loss, inaccuracy, alteration, unavailability, or

5
O’Reilly Media, Inc. 7/21/2015

misuse of the data and resources that it uses, controls, and protects. This requirement
appears as part of SSA. The following sections discuss SSA in more detail.

SSA isn’t an actual standard at this time. It’s a concept that many
organizations quantify and put into writing based on that organization’s
needs. The same basic patterns appear in many of these documents and
the term SSA refers to the practice of ensuring software remains secure.
You can see how SSA affects many organizations, such as Oracle
(http://www.oracle.com/us/support/assurance/overview/index.html) and
Microsoft
(https://msdn.microsoft.com/library/windows/desktop/84aed186-1d75-
4366-8e61-8d258746bopq.aspx) by reviewing that organizations SSA
documentation online. In fact, many large organizations now have
some form of SSA in place.

Considering the OSSAP

One of the main sites you need to know about in order to make SSA a reality in web
applications is the Open Web Application Security Project (OWASP)
(https://www.owasp.org/index.php/OWASP_Software_Security_Assurance_Process)
(see Figure 1-1). The site breaks down the process required to make the OWASP Security
Software Assurance Process (OSSAP) part of the Software Development Lifecycle
(SDLC). Yes, that’s a whole bunch of alphabet soup, but you need to know about this
group in order to create a process for your application that matches the work done by
other organizations. In addition, the information on this site helps you develop a security
process for your application that actually works, is part of the development process, and
won’t cost you a lot of time in creating your own process.

6
O’Reilly Media, Inc. 7/21/2015

Figure 1-1. The OWASP site tells you about SSA for web applications.

Even though OSSAP does provide a great framework for ensuring your
application meets SSA requirements, there is no requirement that you
interact with this group in any way. The group does license its approach
to SSA. However, at this time, the group is just getting underway and
you’ll find a lot of TBDs on the site will the group plans to fill in as
time passes. Of course, you need a plan for today, so OWASP and its
OSSAP present a place for you to research solutions for now and
possibly get additional help later.

The whole reason to apply SSA to your application as part of the SDLC is to ensure that
the software is as reliable and error free as you can make it. When talking with some
people, the implication is that SSA will fix every potential security problem that you
might encounter, but this simply isn’t the case. SSA will improve your software, but you
can’t find any pieces of software anywhere that are error free. Assuming that you did
manage to create a piece of error free software, you still have user, environment, network,
and all software of other security issues to consider. Consequently, SSA is simply one
piece of a much larger security picture and implementing SSA will only fix so many
security issues. The best thing to do is to continue seeing security as an ongoing process.

7
O’Reilly Media, Inc. 7/21/2015

Defining SSA Requirements

The initial step in implementing SSA as part of your application is to define the SSA
requirements. These requirements help you determine the current state of your software,
the issues that require resolution, and the severity of those issues. After the issues are
defined, you can determine the remediation process and any other requirements needed to
ensure that the software remains secure. In fact, you can break SSA down into eight
steps:
1. Evaluate the software and develop a plan to remediate it.
2. Define the risks that the security issues represent to the data and categorize these
risks to remediate the worst risks first.
3. Perform a complete code review.
4. Implement the required changes.
5. Test the fixes you create and verify that they actually do work on the production
system.
6. Define a defense for protecting application access and therefore the data that the
application manages.
7. Measure the effectiveness of the changes you have made.
8. Educate management, users, and developers in the proper methods to ensure good
application security.

Categorizing Data and Resources

This process involves identifying the various pieces of data that your application touches
in some way, including its own code and configuration information. Once you identify
every piece of data, you categorize it to identify the level of security required to protect
that data. Data can have many levels of categorization and the way in which you
categorize the data depends on your organization’s needs and the orientation of the data.
For example, some data may simply inconvenience the organization, while other data
could potentially cause harm to humans. The definition of how data security breaches
affects the security environment as a whole is essential.
After the data categorization process is complete, it’s possible to begin using the
information to perform a variety of tasks. For example, you can consider how to reduce
vulnerabilities by:
• Creating coding standards
• Implementing mandatory developer training
• Hiring security leaders within development groups
• Using automated testing procedures that specifically locate security issues
All of these methods point to resources that the organization interacts with and relies
upon to ensure the application manages data correctly. Categorizing resources means
determining how much emphasis to place on a particular resource. For example, denying
developers training will have a bigger impact than denying individual application users
training because the developers work with the application as a whole. Of course, training
is essential for everyone. In this case, categorizing resources of all sorts helps you

8
O’Reilly Media, Inc. 7/21/2015

determine where and how to spend money in order to obtain the best Return on
Investment (ROI), while still meeting application security goals.

Performing the Required Analysis

As part of SSA, you need to perform an analysis on your application. It’s important to
know precisely what sorts of weaknesses your code could contain. The operative word
here is “could.” Until you perform analysis in depth, you have no way of knowing the
actual security problems in your code. Web applications are especially adept at hiding
issues because, unlike desktop applications, the code can appear in numerous places and
scripts tend to hide problems that compiled applications don’t have because the code is
interpreted at runtime, rather than compile time.

It’s important to understand that security isn’t just about the code—it’s
also about the tools required to create the code and the skill of the
developers employing those tools. When an organization chooses the
wrong tools for the job, the risk of a security breach becomes much
higher because the tools may not create code that performs precisely as
expected. Likewise, when developers using the tool don’t have the
required skills, it’s hardly surprising that the software has security holes
that a more skilled developer would avoid.
Some experts claim that there are companies that actually allow
substandard work. In most cases, the excuse for allowing such work is
that the application development process is behind schedule or that the
organization lacks required tools or expertise. The fact that an
organization may employ software designed to help address security
issues (such as a firewall), doesn’t alieve the developer of the
responsibility to create secure code. Organizations need to maintain
coding standards to ensure a good result.

Logic
Interacting with an application and the data it manages is a process. Even though users
might perform tasks in a seemingly random fashion, specific tasks follow patterns that
occur because the user must follow a procedure in order to obtain a good result. By
documenting and understanding these procedures, you can analyze application logic from
a practical perspective. Users rely on a particular procedure because of the way in which
developers design the application. Changing the design will necessarily change the
procedure.
The point of the analysis is to look for security holes in the procedure. For example, the
application may allow the user to remain logged in, even if it doesn’t detect activity for
an extended period. The problem is that the user might not even be present—someone
else could access the application using the users credentials and no one would be the
wiser because everyone would think that the user is logged in using the same system as
always.
However, data holes can take other forms. A part number might consist of various
quantifiable elements. In order to obtain a good part number, the application could ask for
the elements, rather than the part number as a whole, and build the part number from
those elements. The idea is to make the procedure cleaner, clearer, and less error prone so
that the database doesn’t end up containing a lot of bad information.

9
O’Reilly Media, Inc. 7/21/2015

Data
It may not seem like you can perform much analysis on data from a security perspective,
but there really are a lot of issues to consider. In fact, data analysis is one of the areas
where organizations fall down most because the emphasis is on how to manage and use
the data, rather than on how to secure the data (it’s reasonable to assume you need to
address all three issues). When analyzing the data, you must consider these issues:
• Who can access the data
• What format is used to store the data
• When the data is accessible
• Where the data is stored
• Why each data item is made available as part of the application
• How the data is broken into components and the result of combining the data for
application use
For example, some applications fail to practice data hiding, which is an essential feature
of any good application. Data hiding means giving the user only the amount of
information actually needed to perform any given task.
Applications also format some data incorrectly. For example, storing passwords as text
will almost certainly cause problems should someone break in. A better route is to store
the password hash. The hash isn’t at all valuable to someone who has broken in because
the application needs the password on which the hash is based.
Making all data accessible all the time is also a bad idea. Sensitive data should only
appear on screen when someone is available to monitor its use and react immediately
should the user do something unexpected.
Storing sensitive data in the cloud is a particularly bad idea. Yes, using cloud storage
makes the data more readily available and faster to access as well, but it also makes the
data vulnerable. Store sensitive data on local servers when you have direct access to all
the security features used to keep the data safe.
Application developers also have a propensity for making too much information
available. You use data hiding to keep manager-specific data hidden from other kinds of
users. However, some data has no place in the application at all. If no one actually needs
a piece of data to perform a task, then don’t add the data to the application.
Many data items today are an aggregation of other data elements. It’s possible for a
hacker to learn a lot about your organization by detecting the form of aggregation used
and taking the data item apart to discover the constituent parts. It’s important to consider
how the data is put together and to add safeguards that make it harder to discover the
source of that data.
Interface
A big problem with software today is the inclusion of gratuitous features. An application
is supposed to meet a specific set of goals, perform a specific set of tasks. Invariably,
someone gets the idea that the software might be somehow better if it had certain features
that have nothing to do with the core goals the software is supposed to meet. The term
feature bloat has been around for a long time. You normally see it discussed in a
monetary sense—as the source of application speed problems, the elevator of user

10
O’Reilly Media, Inc. 7/21/2015

training costs, and the wrecker of development schedules. However, application interface
issues, those that are often most affected by feature bloat, have a significant impact on
security in the form of increased attack surface. Every time you increase the attack
surface, you provide more opportunities for a hacker to obtain access to your
organization. Getting rid of gratuitous features or moving them to an entirely different
application, will reduce the attack surface—making your application a lot more secure.
Of course, you’ll save money too.
Another potential problem is the hint interface—one that actually gives the security
features of the application away by providing a potential hacker with too much
information or too many features. Even though the password used to help a user retrieve a
lost password is necessary, some implementations actually make it possible for a hacker
to retrieve the user’s password and become that user. The hacker might even lock the real
user out of the account by changing the password (although, this action would be
counterproductive because an administrator could restore the user’s access quite easily).
A better system is to ensure that the user actually made the request before doing anything
and then ensuring that the administrator sends the login information in a secure manner.
Constraint
A constraint is simply a method of ensuring that actions meet specific criteria before the
action is allowed. For example, disallowing access to data elements unless the user has a
right to access them is a kind of constraint. However, constraints have other forms that
are more important. The most important constraint is determining how any given user can
manage data. Most users only require read access to data, yet applications commonly
provide read/write access, which opens a huge security hole.
Data has constraints to consider as well. When working with data, you must define
precisely what makes the data unique and ensure the application doesn’t break any rules
regarding that uniqueness. With this in mind, you generally need to consider these kinds
of constraints:
• Ensure the data is the right type
• Define the range of values the data can accept
• Specify the maximum and minimum data lengths
• List any unacceptable data values

Delving into Language-specific Issues

The application environment is defined by the languages use to create the application.
Just as every language has functionality that makes it perform certain tasks well; every
language also has potential problems that make it a security risk. Even low-level
languages, despite their flexibility, have problems induced by complexity. Of course,
web-based applications commonly rely on three particular languages: HTML, CSS, and
JavaScript. The following sections describe some of the language specific issues related
to these particular languages.

Defining the Key HTML Issues

HTML5 has become extremely popular because it supports an incredibly broad range of
platforms. The same application can work well on a user’s desktop, tablet, and

11
O’Reilly Media, Inc. 7/21/2015

smartphone without any special coding on the part of the developer. Often, libraries,
APIs, and microservices provide content in a form that matches the host system
automatically, without any developer intervention. However, the flexibility that HTML5
provides can also be problematic. The following list describes some key security issues
you experience when working with HTML5.
• Code Injection: HTML5 provides a large number of ways in which a hacker could
inject malicious code, including sources you might not usually consider suspicious,
such as a YouTube video or streamed music.
• User Tracking: Because your application uses code from multiple sources in most
cases, you might find that a library, API, or microservice actually performs some
type of user tracking that a hacker could use to learn more about your organization.
Every piece of information you give a hacker makes the process of overcoming your
security easier.
• Tainted Inputs: Unless you provide your own input checking, HTML5 lets any input
the user wants to provide through. You may only need a numeric value, but the user
could provide a script instead. Trying to check inputs thoroughly to ensure you really
are getting what you requested is nearly impossible on the client side, so you need to
ensure you have robust server-side checking as well.

Defining the Key CSS Issues

Applications rely heavily on CSS3 to create great looking presentations without hard
coding the information for every device. Libraries of pre-existing CSS3 code makes it
easy to create professional looking applications that a user can change to meet any need.
For example, a user may need a different presentation for a particular device or require
the presentation use a specific format to meet a special need. The following list describes
some key security issues you experience when working with CSS3.
• Overwhelming the Design: A major reason that CSS3 code causes security issues is
that the design is overwhelmed. The standards committee originally designed CSS to
control the appearance of HTML elements, not to affect the presentation of an entire
web page. As a result, the designers never thought to include security for certain
issues because CSS wasn’t supposed to work in those areas. The problem is that the
cascade part of CSS doesn’t allow CSS3 to know about anything other than its parent
elements. As a result, a hacker can create a presentation that purports to do one thing,
when it actually does another. Some libraries, such as jQuery, can actually help you
overcome this issue.
• Uploaded CSS: In some cases, an application designer will allow a user to upload a
CSS file to achieve a particular application appearance or make it work better with a
specific platform. However, the uploaded CSS can also contain code that makes it
easier for a hacker to overwhelm any security you have in place or to hide dirty
dealings from view. For example, a hacker could include URLs in the CSS that
redirect the application to unsecure servers.
• CSS Shaders: A special use of CSS can present some extreme problems by allowing
access to the user agent data and cross-domain data. Later chapters in the book will
discuss this issue in greater detail, but you can get a quick overview of the topic at
http://www.w3.org/Graphics/fx/wiki/CSS_Shaders_Security. The big thing is that
sometimes the act of rendering data on screen opens potential security holes you
might not have considered initially.

12
O’Reilly Media, Inc. 7/21/2015

Defining the Key JavaScript Issues

The combination of JavaScript with HTML5 has created the whole web application
phenomenon. Without the combination of the two languages, it wouldn’t be possible to
create applications that run well anywhere on any device. Users couldn’t even think about
asking for that sort of application in the past because it just wasn’t possible to provide it.
Today, a user can perform work anywhere using a device that’s appropriate for the
location. However, JavaScript is a scripted language that can have some serious security
holes. The following list describes some key security issues you experience when
working with JavaScript.
• Cross-site Scripting (XSS): This issue appears earlier in the chapter because it’s
incredibly serious. Any time you run JavaScript outside a sandboxed environment, it
becomes possible for a hacker to perform all sorts of nasty tricks on your application.
• Cross-site Request Forgery (CSRF): A script can use the user’s credentials that are
stored in a cookie to gain access to other sites. While on these sites, the hacker can
perform all sorts of tasks that the application was never designed to perform. For
example, a hacker can perform account tampering, data theft, fraud, any many other
illegal activities, all in the user’s name.
• Browser and Browser Plug-in Vulnerabilities: Many hackers rely on known browser
and browser-plug in vulnerabilities to force an application to perform tasks that it
wasn’t designed to do. For example, a user’s system could suddenly become a
zombie transmitting virus code to other systems. The extent of what a hacker can do
is limited by the vulnerabilities in question. In general, you want to ensure that you
install any updates and that you remain aware of how vulnerabilities can affect your
application’s operation.

Considering Endpoint Defense Essentials

An endpoint is a destination for network traffic, such as a service or a browser. When
packets reach the endpoint, the data they contain is unpacked and provided to the
application for further processing. Endpoint security is essential because endpoints
represent a major point of entry for networks. Unless the endpoint is secure, the network
will receive bad data transmissions. In addition, broken endpoint security can cause harm
to other nodes on the network. The following sections discuss three phases of endpoint
security: prevention, detection, and remediation.

It’s important not to underestimate the effect of endpoint security on

applications and network infrastructure. Some endpoint scenarios
become quite complex and their consequences hard to detect or even
understand. For example, a recent article discusses a router attack that
depends on the attacker directing an unsuspecting user to a special site:
http://www.infoworld.com/article/2926221/security/large-scale-attack-
hijacks-routers-through-users-browsers.html. The attack focuses on the
router that the user depends upon to make Domain Name System
(DNS) requests. By obtaining full control over the router, the attacker
can redirect the user to locations that the attacker controls.

13
O’Reilly Media, Inc. 7/21/2015

Preventing Security Breaches

The first step in avoiding a trap is to admit the trap exists in the first place. The problem
is that most companies today don’t think that they’ll experience a data breach—it always
happens to the other company—the one with lax security. However, according to the
Poneman Institute’s 2014 Cost of Cyber Crime report, the cost of cybercrime was $12.7
million in 2014, which is up from the $6.5 million in 2010
(http://info.hpenterprisesecurity.com/LP_CP_424710_Ponemon_ALL). Obviously, all
those break-ins don’t just happen at someone else’s company—they could easily happen
at yours, so it’s beneficial to assume that some hacker, somewhere, has targeted your
organization. In fact, if you start out with the notion that a hacker will not only break into
your organization, but also make off with the goods, you can actually start to prepare for
the real world scenario. Any application you build must be robust enough to:
• Withstand common attacks
• Report intrusions when your security fails to work as expected
• Avoid making assumptions about where breaches will occur
• Assume that, even with training, users will make mistakes causing a breach

Don’t assume that security breaches only happen on some platforms. A

security breach can happen on any platform that runs anything other
than custom software. The less prepared that the developers for a
particular platform are, the more devastating the breach becomes. For
example, many people would consider Point-of-Sale (POS) terminals
safe from attack. However, hackers are currently attacking these
devices vigorously in order to obtain credit card information access
(see
http://www.computerworld.com/article/2925583/security/attackers-use-
email-spam-to-infect-pos-terminals.html). The interesting thing about
this particular exploit is that it wouldn’t work if employees weren’t
using the POS terminals incorrectly. This is an instance where training
and strong policies could help keep the system safe. Of course, the
applications should still be robust enough to thwart attacks.

As the book progresses, you find some useful techniques for making a breach less likely.
The essentials of preventing a breach, once you admit a breach can (and probably will)
occur, are to:
• Create applications that users understand and like to use (see Chapter 2)
• Choose external data sources carefully (see the “Accessing External Data” section of
this chapter for details)
• Build applications that provide natural intrusion barriers (see Chapter 4)
• Test the reliability of the code you create, and carefully record both downtime and
causes (see Chapter 5)
• Choose libraries, APIs, and microservices with care (see the “Using External Code
and Resources” section of this chapter for details)
• Implement a comprehensive testing strategy for all application elements, even those
you don’t own (see Part III for details)

14
O’Reilly Media, Inc. 7/21/2015

• Manage your application components to ensure application defenses don’t languish

after the application is released (see Part IV for details)
• Keep up-to-date on current security threats and strategies for overcoming them (see
Chapter 16)
• Train your developers to think about security from beginning to end of every project
(see Chapter 17)

Detecting Security Breaches

The last thing that any company wants to happen is to hear about a security breach
second or third hand. Reading about your organization’s inability to project user data in
the trade press is probably the most rotten way to start any day, yet this is how many
organizations learn about security breaches. Companies that assume a data breach has
already occurred are the least likely to suffer permanent damage from a data breach and
most likely to save money in the end. Instead of wasting time and resources fixing a data
breach after it has happened, your company can detect the data breach as it occurs and
stop it before it becomes a problem. Detection means providing the required code as part
of your application and then ensuring these detection methods are designed to work with
the current security threats.
Your organization, as a whole, will need a breach response team. However, your
development team also needs individuals in the right places to detect security breaches.
Most development teams today will need experts in:
• Networking
• Database management
• Application design and development
• Mobile technology
• Cyber forensics
• Compliance
Each application needs such a team and the team should meet regularly to discuss
application-specific security requirements and threats. In addition, it’s important to go
over various threat scenarios and determine what you might do when a breach does
occur. By being prepared, you make it more likely that you’ll detect the breach early—
possibly before someone in management comes thundering into your office asking for an
explanation.

Remediating Broken Software

When a security breach does occur, whatever team your organization has in place must
be ready to take charge and work through the remediation process. The organization, as a
whole, needs to understand that not fixing the security breach and restoring the system as
quickly as possible to its pre-breach state could cause the organization to fail. In other
words, even if you’re a great employee, you may well be looking for a new job.
The person in charge of security may ask the development team to help locate the
attacker. Security Information and Event Management (SIEM) software can help review
logs that point to the source of the problem. Of course, this assumes your application

15
O’Reilly Media, Inc. 7/21/2015

actually creates appropriate logs. Part of the remediation process is to build logging and
tracking functionality into the application in the first place. Without this information,
trying to find the culprit so that your organization can stop the attack is often a lost cause.
Your procedures should include a strategy for checking for updates or patches for each
component used by your application. Maintaining good application documentation is a
must if you want to achieve this goal. It’s too late to create a list of external resources at
the time of a breach, you must have the list in hand before the breach occurs. Of course,
the development team will need to test any updates that the application requires in order
to ensure that the breach won’t occur again. Finally, you need to ensure that the data has
remained safe throughout the process and perform any data restoration your application
requires.

Dealing with Cloud Storage

Cloud storage is a necessary evil in a world where employees demand access to data
everywhere using any kind of device that happens to be handy. Users have all sorts of
cloud storage solutions available, but one of the most popular now is Dropbox
(https://www.dropbox.com/), which had amassed over 300 million users by the end of
2014. Dropbox (and most other cloud storage entities) have a checkered security history.
For example, in 2011, Dropbox experienced a bug where anyone could access any
account using any password for a period of four hours (see the article at
http://www.darkreading.com/vulnerabilities-and-threats/dropbox-files-left-unprotected-
open-to-all/d/d-id/1098442). Of course, all these vendors will tell you that your
application data is safe now that it has improved security. It isn’t a matter of if, but when,
a hacker will find a way inside the cloud storage service or the service itself will drop the
ball yet again.

A major problem with most cloud storage is that it’s public in nature.
For example, Dropbox for Business sounds like a great idea and it does
provide additional security features, but the service is still public. A
business can’t host the service within its own private cloud.
In addition, most cloud services advertise that they encrypt the data on
their servers, which is likely true. However, the service provider
usually holds the encryption keys under the pretense of having to allow
authorities with the proper warrants access to your data. Because you
don’t hold the keys to your encrypted data, you can’t control access to
it and the encryption is less useful than you might think.

Security of Web applications is a big deal because most applications tomorrow (if not all
of them) will have a web application basis. Users want their applications available
everywhere and the browser is just about the only means of providing that sort of
functionality on so many platforms in an efficient manner. In short, you have to think
about the cloud storage issues from the outset. You have a number of options for dealing
with cloud storage as part of your application strategy.
• Block Access: It’s actually possible to block all access to cloud storage using a
firewall, policy, or application feature. However, the ability to block access
everywhere a user might want to access cloud storage is extremely hard and users are
quite determined. In addition, blocking access can actually have negative effects on
meeting business needs. For example, partners may choose to use cloud storage as a

16
O’Reilly Media, Inc. 7/21/2015

method for exchanging large files. A blocking strategy also incurs user wrath so that
the users don’t work with your application or find ways to circumvent the
functionality you sought to provide. This is the best option to choose when your
organization has to manage large amounts of sensitive data, has legal requirements
for protecting data, or simply doesn’t need the flexibility of using cloud storage.
• Allow Uncontrolled Access: You could choose to ignore the issues involved in using
cloud storage. However, such a policy opens your organization to data loss, data
breaches, and all sorts of other problems. Unfortunately, many organizations
currently use this approach because controlling user access has become so difficult
and the organization lacks the means of using some other approach.
• Relying on Company Mandated Security Locations: If you require users to access
cloud storage using a company account, you can at least monitor file usage and have
the means to recover data when an employee leaves. However, the basic problems
with cloud storage remain. A hacker with the right knowledge could still access the
account and grab your data or simply choose to snoop on you in other ways. This
option does work well if your organization doesn’t manage data with legally required
protections and you’re willing to exchange some security for convenience.
• Control Access Within the Application: Many cloud services support an Application
Programming Interface (API) that allows you to interact with the service in unique
ways. Even though this approach is quite time consuming, it does offer the advantage
of letting you control where the user stores sensitive data, while still allowing the
user the flexibility to use cloud storage for less sensitive data. You should consider
this solution when your organization needs to interact with a large number of
partners, yet also needs to manage large amounts of sensitive or critical data.
• Rely on a Third Party Solution: You can find third party solutions, such as Accellion
(http://www.accellion.com/) that provide cloud storage connectors. The vendor
provides a service that acts as an intermediary point between your application and
the online data storage. The user is able to interact with data seamlessly, but the
service controls access using policies that you set. The problem with this approach is
that you now have an additional layer to consider when writing the application. In
addition, you must trust the third party providing the connector. This particular
solution works well when you need flexibility without the usual development costs
and don’t want to create your own solution the relies on API access.

Using External Code and Resources

Most organizations today don’t have the time or resources needed to build applications
completely from scratch. In addition, the costs of maintaining such an application would
be enormous. In order to keep costs under control, organizations typically rely on third
party code in various forms. The code performs common tasks and developers use it to
create applications in a Lego-like manner. However, third party code doesn’t come
without security challenges. Effectively you’re depending on someone else to write
application code that not only works well and performs all the tasks you need, but does so
securely. The following sections describe some of the issues surrounding the use of
external code and resources.

17
O’Reilly Media, Inc. 7/21/2015

Defining the Use of Libraries

A library is any code that you add into your application. Many people define libraries
more broadly, but for this book, the essentials are that libraries contain code and that they
become part of your application as you put the application in use. A commonly used
library is jQuery (https://jquery.com/). It provides a wealth of functionality for
performing common tasks in an application. The interesting thing about jQuery is that
you find the terms library and API used interchangeably as shown in Figure 1-2.

Figure 1-2. Many sites use library and API interchangeably

Looking at the jQuery site also tells you about optimal library configurations. In fact, the
way in which jQuery presents itself is a good model for any library that you want to use.
The library is fully documented and you can find multiple examples of each library call
(to ensure you can find an example that is at least close to what you want to do). More
importantly, the examples are live, so you can actually see the code in action using the
same browsers that you plan to use for your own application.

Like any other piece of software, jQuery has its faults too. As the book
progresses, you’re introduced to other libraries and to more details
about each one so that you can start to see how features and security go
hand-in-hand. Because jQuery is such as large, complex library it has a
lot to offer, but there is also more attack surface for hackers to exploit.

18
Exploring the Variety of Random
Documents with Different Content
and yet they were older than Miss Susan’s recollection could carry. The rest
of the furniture dated much further back. The fire-place, in which great logs
of wood blazed every Winter, was filled with branches of flowering shrubs,
and the larger old-fashioned garden flowers, arranged in some huge blue
and white China jars, which would have struck any collector with envy.
Miss Susan placed her young visitors on an old, straight-backed settle,
covered with stamped leather, which was extremely quaint, and very
uncomfortable. She took herself one of the heavy-fringed, velvet-covered
chairs, and began with deadly civility to talk. Everard placed himself
against the carved mantel-piece and the bank of flowers that filled the
chimney. The old room was so much the brighter to him for the presence of
the girls; he did not care much that Sophy was silly. Their pretty faces and
bright looks attracted the young man; perhaps he was not very wise himself.
It happens so often enough.
And thus they all sat down and talked—about the beautiful weather,
about the superiority, even to this beautiful weather, of the weather
“abroad;” of where they had been and what they had seen; of Mrs. Farrel-
Austin’s health, who was something of an invalid, and rarely came out; and
other similar matters, such as are generally discussed in morning calls.
Everard helped Miss Susan greatly to keep the conversation up, and carry
off the visit with the ease and lightness that were desirable, but yet I am not
sure that she was grateful to him. All through her mind, while she smiled
and talked, there kept rising a perpetual contrast. Why were these two so
bright and well, while the two children of the old house were in such sad
estate?—while they chattered and laughed what might be happening
elsewhere? and Everard, who had been like a brother to Herbert and Reine,
laughed too, and chattered, and made himself pleasant to these two girls,
and never thought—never thought! This was the sombre under-current
which went through Miss Susan’s mind while she entertained her callers,
not without sundry subdued passages of arms. But Miss Susan’s heart beat
high, in spite of herself, when Mr. Farrel-Austin lingered behind his
daughters, bidding Everard see them to the carriage.
“Cousin Susan, I should like a word with you,” he said.
 CHAPTER III.

T he girls went out into the old corridor, leaving the great carved door of
the dining-hall open behind them. The flutter of their pretty dresses
filled the picturesque passage with animation, and the sound of their
receding voices kept up this sentiment of life and movement even after they
had disappeared. Their father looked after them well pleased, with that
complacence on his countenance, and pleasant sense of personal well-being
which is so natural, but so cruel and oppressive to people less well off. Miss
Susan, for her part, felt it an absolute insult. It seemed to her that he had
come expressly to flaunt before her his own happiness and the health and
good looks of his children. She turned her back to the great window, that
she might not see them going across the lawn, with Everard in close
attendance upon them. A sense of desertion, by him, by happiness, by all
that is bright and pleasant in the world, came into her heart, and made her
defiant. When such a feeling as this gets into the soul, all softness, all
indulgence to others, all favorable construction of other people’s words or
ways departs. They seemed to her to have come to glory over her and over
Herbert dying, and Reine mourning, and the failure of the old line. What
was grief and misery to her was triumph to them. It was natural perhaps, but
very bitter; curses even, if she had not been too good a woman to let them
come to utterance, were in poor Miss Susan’s heart. If he had said anything
to her about his girls, as she expected, if he had talked of them at all, I think
the flood must have found vent somehow; but fortunately he did not do this.
He waited till they were out of the house, and then rose and closed the door,
and reseated himself facing her, with something more serious in his face.
“Excuse me for waiting till they had gone,” he said. “I don’t want the
girls to be mixed up in any family troubles; though, indeed, there is no
trouble involved in what I have to tell you—or, at least, so I hope.”
The girls were crossing the lawn as he spoke, laughing and talking,
saying something about the better training of the roses, and how the place
might be improved. Miss Susan caught some words of this with ears
quickened by her excited feelings. She drew her chair further from the
window, and turned her back to it more determinedly than ever. Everard,
too! he had gone over to the prosperous side.
 “My dear cousin,” said Mr. Farrel-Austin, “I wish you would not treat
me like an enemy. Whenever there is anything I can do for you, I am always
glad to do it. I heard that you were making inquiries after our great-uncle
Everard and his descendants, if he left any.”
“You could not miss hearing it. I made no secret of it,” said Miss Susan.
“We have put advertisements in the newspapers, and done everything we
possibly could to call everybody’s attention.”
“Yes; I know, I know; but you never consulted me. You never said,
‘Cousin, it is for the advantage of all of us to find these people.’ ”
“I do not think it is for your advantage,” said Miss Susan, looking
quickly at him.
“You will see, however, that it is, when you know what I have to tell
you,” he said, rubbing his hands. “I suppose I may take it for granted that
you did not mean it for my advantage. Cousin Susan, I have found the
people you have been looking for in vain.”
The news gave her a shock, and so did his triumphant expression; but
she put force upon herself. “I am glad to hear it,” she said. “Such a search
as mine is never in vain. When you have advantages to offer, you seldom
fail to find the people who have a right to those advantages. I am glad you
have been successful.”
“And I am happy to hear you say so,” said the other. “In short, we are in
a state of agreement and concord for once in our lives, which is delightful. I
hope you will not be disappointed, however, with the result. I found them in
Bruges, in a humble position enough. Indeed, it was the name of Austin
over a shop door which attracted my notice first.”
He spoke leisurely, and regarded her with a smile which almost drove
her furious, especially as, by every possible argument, she was bound to
restrain her feelings. She was strong enough, however, to do this, and
present a perfectly calm front to her adversary.
“You found the name—over a shop door?”
“Yes, a drapery shop; and inside there was an old man with the Austin
nose as clear as I ever saw it. It belongs, you know, more distinctly to the
elder branch than to any other portion of the family.”
“The original stock is naturally stronger,” said Miss Susan. “When you
get down to collaterals, the family type dies out. Your family, for instance,
all resemble your mother, who was a Miss Robinson, I think I have heard?”
This thrust gave her a little consolation in her pain, and it disturbed her
antagonist in his triumph. She had, as it were, drawn the first blood.
“Yes, yes; you are quite right,” he said; “of a very good family in Essex.
Robinsons of Swillwell—well-known people.”
“In the city,” said Miss Susan, “so I have always heard; and an excellent
thing, too. Blood may not always make its way, but money does; and to
have an alderman for your grandfather is a great deal more comfortable
than to have a crusader. But about our cousin at Bruges,” she added,
recovering her temper. How pleasant to every well-regulated mind is the
consciousness of having administered a good, honest, knock-down blow!
Mr. Farrel-Austin glanced at her out of the light gray eyes, which were
indisputable Robinsons’, and as remote in color as possible from the deep
blue orbs, clear as a Winter sky, which were one of the great points of the
Austins; but he dared not take any further notice. It was his turn now to
restrain himself.
“About our cousin in Bruges,” he repeated with an effort. “He turns out
to be an old man, and not so happy in his family as might be wished. His
only son was dying—”
“For God’s sake!” said Miss Susan, moved beyond her power of control,
and indeed ceasing to control herself with this good reason for giving way
—“have you no heart that you can say such words with a smile on your
face? You that have children yourself, whom God may smite as well as
another’s! How dare you? how dare you? for your own sake!”
“I don’t know that I am saying anything unbecoming,” said Mr. Farrel.
“I did not mean it. No one can be more grateful for the blessings of
Providence than I am. I thank Heaven that all my children are well; but that
does not hinder the poor man at Bruges from losing his. Pray let me
continue: his wife and he are old people, and his only son, as I say, was
dying or dead—dead by this time, certainly, according to what they said of
his condition.”
Miss Susan clasped her hands tightly together. It seemed to her that he
enjoyed the poignant pang his words gave her—“dead by this time,
certainly!” Might that be said of the other who was dearer to her? Two
dying, that this man might get the inheritance! Two lives extinguished, that
Farrel-Austin and his girls might have this honor and glory! He had no
boys, however. His glory could be but short-lived. There was a kind of
fierce satisfaction in that thought.
“I had a long conversation with the old man; indeed, we stayed in
Bruges for some days on purpose. I saw all his papers, and there can be no
doubt he is the grandson of our great-uncle Everard. I explained the whole
matter to him, of course, and brought your advertisements under his notice,
and explained your motives.”
“What are my motives?—according to your explanation.”
“Well, my dear cousin—not exactly love and charity to me, are they? I
explained the position fully to him.”
“Then there is no such thing as justice or right in the world, I suppose,”
she cried indignantly, “but everything hinges on love to you, or the reverse.
You know what reason I have to love you—well do you know it, and lose
no opportunity to keep it before me; but if my boy himself—my dying boy,
God help me!—had been in your place, Farrel-Austin, should I have let him
take possession of what was not his by right? You judge men, and women
too, by yourself. Let that pass, so far as you are concerned. You have no
other ground, I suppose, to form a judgment on; but you have no right to
poison the minds of others. Nothing will make me submit to that.”
“Well, well,” said Mr. Farrel-Austin, shrugging his shoulders with
contemptuous calm, “you can set yourself right when you please with the
Bruges shopkeeper. I will give you his address. But in the meantime you
may as well hear what his decision is. At his age he does not care to change
his country and his position, and come to England in order to become the
master of a tumble-down old house. He prefers his shop, and the place he
has lived in all his life. And the short and the long of it is, that he has
transferred his rights to me, and resigned all claim upon the property. I
agreed to it,” he added, raising his head, “to save trouble, more than for any
other reason. He is an old man, nearly seventy; his son dead or dying, as I
said. So far as I am concerned, it could only have been a few years’ delay at
the most.”
Miss Susan sat bolt upright in her chair, gazing at him with eyes full of
amazement—so much astonished that she scarcely comprehended what he
said. It was evidently a relief to the other to have made his announcement.
He breathed more freely after he had got it all out. He rose from his chair
and went to the window, and nodded to his girls across the lawn. “They are
impatient, I see, and I must be going,” he went on. Then looking at Miss
Susan for the first time, he added, in a tone that had a sound of mockery in
it, “You seem surprised.”
“Surprised!” She had been leaning toward the chair from which he had
arisen without realizing that he had left it in her great consternation. Now
she turned quickly to him. “Surprised! I am a great deal more than
surprised.”
He laughed; he had the upper hand at last. “Why more?” he said lightly.
“I think the man was a very reasonable old man, and saw what his best
policy was.”
“And you—accepted his sacrifice?” said Miss Susan, amazement taking
from her all power of expression;—“you permitted him to give up his
birthright? you—took advantage of his ignorance?”
“My dear cousin, you are rude,” he said, laughing; “without intending it,
I am sure. So well-bred a woman could never make such imputations
willingly. Took advantage! I hope I did not do that. But I certainly
recommended the arrangement to him, as the most reasonable thing he
could do. Think! At his age, he could come here only to die; and with no
son to succeed him, of course I should have stepped in immediately. Few
men like to die among strangers. I was willing, of course, to make him a
recompense for the convenience—for it was no more than a convenience,
make the most you can of it—of succeeding at once.”
Miss Susan looked at him speechless with pain and passion. I do not
know what she did not feel disposed to say. For a moment her blue eyes
shot forth fire, her lips quivered from the flux of too many words which
flooded upon her. She began even, faltering, stammering—then came to a
stop in the mere physical inability to arrange her words, to say all she
wanted, to launch her thunderbolt at his head with the precision she wished.
At last she came to a dead stop, looking at him only, incapable of speech;
and with that pause came reflection. No; she would say nothing; she would
not commit herself; she would think first, and perhaps do, instead of saying.
She gave a gasp of self-restraint.
“The young ladies seem impatient for you,” she said. “Don’t let me
detain you. I don’t know that I have anything to say on the subject of your
news, which is surprising, to be sure, and takes away my breath.”
 “Yes, I thought you would be surprised,” he said, and shook hands with
her. Miss Susan’s fingers tingled—how she would have liked, in an outburst
of impatience which I fear was very undignified, to apply them to his ear,
rather than to suffer his hand to touch hers in hypocritical amity! He was a
little disappointed, however, to have had so little response to his
communication. Her silence baffled him. He had expected her to commit
herself, to storm, perhaps; to dash herself in fury against this skilful
obstacle which he had placed in her way. He did not expect her to have so
much command of herself; and, in consequence, he went away with a secret
uneasiness, feeling less successful and less confident in what he had done,
and asking himself, Could he have made some mistake after all—could she
know something that made his enterprise unavailing? He was more than
usually silent on the drive home, making no answer to the comments of his
girls, or to their talk about what they would do when they got possession of
the manor.
“I hope the furniture goes with the house,” said Kate. “Papa, you must
do all you can to secure those old chairs, and especially the settee with the
stamped leather, which is charming, and would fetch its weight in gold in
Wardour street.”
“And, papa, those big blue and white jars,” said Sophy, “real old Nankin,
I am sure. They must have quantities of things hidden away in those old
cupboards. It shall be as good as a museum when we get possession of the
house!”
“You had better get possession of the house before you make any plans
about it,” said her father. “I never like making too sure.”
“Why, papa, what has come over you?” cried the eldest. “You were the
first to say what you would do, when we started. Miss Susan has been
throwing some spell over you.”
“If it is her spell, it will not be hard to break it,” said Sophy; and thus
they glided along, between the green abundant hedges, breathing the honey
breath of the limes, but not quite so happy and triumphant as when they
came. As for the girls, they had heard no details of the bargain their father
had made, and gave no great importance to it; for they knew he was the
next heir, and that the manor-house would soon cease to be poor Herbert’s,
with whom they had played as children, but whom, they said constantly,
they scarcely knew. They did not understand what cloud had come over
their father. “Miss Susan is an old witch,” they said, “and she has put him
under some spell.”
Meanwhile Miss Susan sat half-stupefied where he had left her, in a
draught, which was a thing she took precautions against on ordinary
occasions—the great window open behind her, the door open in front of her,
and the current blowing about even the sedate and heavy folds of the great
crimson curtains, and waking, though she did not feel it, the demon
Neuralgia to twist her nerves, and set her frame on an edge. She did not
seem able to move or even think, so great was the amazement in her mind.
Could he be right—could he have found the Austin she had sought for over
all the world; and was it possible that the unrighteous bargain he had told
her of had really been completed? Unrighteous! for was it not cheating her
in the way she felt the most, deceiving her in her expectations? An actual
misfortune could scarcely have given Miss Susan so great a shock. She sat
quite motionless, her very thoughts arrested in their course, not knowing
what to think, what to do—how to take this curious new event. Must she
accept it as a thing beyond her power of altering, or ought she to ignore it as
something incredible, impossible? One thing or other she must decide upon
at once; but in the meantime, so great was the effect this intimation had
upon her mind, she felt herself past all power of thinking. Everard coming
back found her still seated there in the draught in the old hall. He shut the
door softly behind him and went in, looking at her with questioning eyes.
But she did not notice his look; she was too much and too deeply occupied
in her own mind. Besides, his friendship with her visitors made Everard a
kind of suspected person, not to be fully trusted. Miss Susan was too deeply
absorbed to think this, but she felt it. He sat down opposite, where Mr.
Farrel-Austin had been sitting, and looked at her; but this mute questioning
produced no response.
“What has old Farrel been saying to you, Aunt Susan?” he asked at last.
“Why do you call him old Farrel, Everard? he is not nearly so old as I
am,” said Miss Susan with a sigh, waking up from her thoughts. “Growing
old has its advantages, no doubt, when one can realize the idea of getting
rid of all one’s worries, and having the jangled bells put in tune again; but
otherwise—to think of others who will set everything wrong coming after
us, who have tried hard to keep them right! Perhaps, when it comes to the
very end, one does not mind; I hope so; I feel sore now to think that this
man should be younger than I am, and likely to live ever so much longer,
and enjoy my father’s house.”
Everard sat still, saying nothing. He was unprepared for this sort of
reply. He was slightly shocked too, as young people so often are, by the
expression of any sentiments, except the orthodox ones, on the subject of
dying. It seemed to him, at twenty-five, that to Miss Susan at sixty, it must
be a matter of comparatively little consequence how much longer she lived.
He would have felt the sentiments of the Nunc Dimittis to be much more
appropriate and correct in the circumstances; he could not understand the
peculiar mortification of having less time to live than Farrel-Austin. He
looked grave with the fine disapproval and lofty superiority of youth. But
he was a very gentle-souled and tender-hearted young man, and he did not
like to express the disapproval that was in his face.
“We had better not talk of them,” said Miss Susan, after a pause; “we
don’t agree about them, and it is not likely we should; and I don’t want to
quarrel with you, Everard, on their account. Farrel thinks he is quite sure of
the estate now. He has found out some one whom he calls our missing
cousin, and has got him to give up in his own favor.”
“Got him to give up in his own favor!” repeated Everard amazed. “Why,
this is wonderful news. Who is it, and where is he, and how has it come
about? You take away one’s breath.”
“I cannot go into the story,” said Miss Susan. “Ask himself. I am sick of
the subject. He thinks he has settled it, and that it is all right; and waits for
nothing but my poor boy’s end to take possession. They had not even the
grace to ask for him!” she cried, rising hastily. “Don’t ask me anything
about it; it is more than I can bear.”
“But, Aunt Susan—”
“I tell you we shall quarrel, Everard, if we talk more on this subject,” she
cried. “You are their friend, and I am their—no; it is they who are my
enemies,” she added, stopping herself. “I don’t dictate to you how you are
to feel, or what friends you are to make. I have no right; but I have a right to
talk of what I please, and to be silent when I please. I shall say no more
about it. As for you,” she said, after another pause, with a forced smile, “the
young ladies will consult with you what changes they are to make in the
house. I heard them commenting on the roses, and how everything could be
improved. You will be of the greatest use to them in their new
arrangements, when all obstacles are removed.”
“I don’t think it is kind to speak to me so,” said Everard, in his surprise.
“It is not generous, Aunt Susan. It is like kicking a fellow when he is down;
for you know I can’t defend myself.”
“Yes, I suppose it is unjust,” said Miss Susan, drying her eyes, which
were full of hot tears, with no gratefulness of relief in them. “The worst of
this world is that one is driven to be unjust, and can’t help it, even to those
one loves.”
 CHAPTER IV.

E VERARD AUSTIN remained at Whiteladies for the rest of the afternoon—

he was like one of the children of the house. The old servants took him
aside and asked him to mention things to Miss Susan with which they
did not like to worry her in her trouble, though indeed most of these
delicacies were very much after date, and concerned matters on which Miss
Susan had already been sufficiently worried. The gardener came and told
him of trees that wanted cutting, and the bailiff on the farm consulted him
about the laborers for the approaching harvest. “Miss Susan don’t like
tramps, and I don’t want to go against her, just when things is at its worst. I
shouldn’t wonder, sir,” said the man, looking curiously in Everard’s face, “if
things was in other hands this time next year?” Everard answered him with
something of the bitterness which he himself had condemned so much a
little while before. That Farrel-Austin should succeed was natural; but thus
to look forward to the changing of masters gave him, too, a pang. He went
indoors somewhat disturbed, and fell into the hands of Martha and Jane
fresh from the almshouse. Martha, who was Miss Susan’s maid and half-
housekeeper, had taken charge of him often enough in his boyish days, and
called him Master Everard still, so that she was entitled to speak; while the
younger maid looked on, and concurred—“It will break my lady’s heart,”
said Martha, “leaving this old house; not but what we might be a deal more
comfortable in a nice handy place, in good repair like yours is, Master
Everard; where the floors is straight and the roofs likewise, and you don’t
catch a rheumatism round every corner; but my lady ain’t of my way of
thinking. I tell her as it would have been just as bad if Mr. Herbert had got
well, poor dear young gentleman, and got married; but she won’t listen to
me. Miss Augustine, she don’t take on about the house; but she’s got plenty
to bother her, poor soul; and the way she do carry on about them
almshouses! It’s like born natural, that’s what it is, and nothing else. Oh me!
I know as I didn’t ought to say it; but what can you do, I ask you, Master
Everard, when you have got the like of that under your very nose? She’ll
soon have nothing but paupers in the parish if she has her way.”
“She’s very feeling-hearted,” said Jane, who stood behind her elder
companion and put in a word now and then over Martha’s shoulder. She had
been enjoying the delights of patronage, the happiness of recommending
her friends in the village to Miss Augustine’s consideration; and this was
too pleasant a privilege to be consistent with criticism. The profusion of her
mistress’s alms made Jane feel herself to be “feeling-hearted” too.
“And great thanks she gets for it all,” said Martha. “They call her the
crazy one down in the village. Miss Susan, she’s the hard one; and Miss
Augustine’s the crazy one. That’s gratitude! trailing about in her gray gown
for all the world like a Papist nun. But, poor soul, I didn’t ought to grudge
her gray, Master Everard. We’ll soon be black and black enough in our
mourning, from all that I hear.”
Again Everard was conscious of a shiver. He made a hasty answer and
withdrew from the women who had come up to him in one of the airy
corridors upstairs, half glass, like the passages below, and full of corners.
Everard was on his way from a pilgrimage to the room, in which, when
Herbert and he were children, they had been allowed to accumulate their
playthings and possessions. It had a bit of corridor, like a glazed gallery,
leading to it—and a door opened from it to the musicians’ gallery of the
hall. The impulse which led him to this place was not like his usual care to
avoid unpleasant sensations, for the very sight of the long bare room, with
its windows half choked with ivy, the traces of old delights on the walls—
bows hung on one side, whips on the other—a heap of cricket-bats and pads
in a corner; and old books, pictures, and rubbish heaped upon the old creaky
piano on which Reine used to play to them, had gone to his heart. How
often the old walls had rung with their voices, the old floor creaked under
them! He had given one look into the haunted solitude, and then had fled,
feeling himself unable to bear it. “As if I could do them any good thinking!”
Everard had said to himself, with a rush of tears to his eyes—and it was in
the gallery leading to this room—the west gallery as everybody called it—
that the women stopped him. The rooms at Whiteladies had almost every
one a gallery, or an ante-room, or a little separate staircase to itself. The
dinner-bell pealed out as he emerged from thence and hurried to the room
which had been always called his, to prepare for dinner. How full of
memories the old place was! The dinner-bell was very solemn, like the bell
of a cathedral, and had never been known to be silent, except when the
family were absent, for more years than any one could reckon. How well he
recollected the stir it made among them all as children, and how they would
steal into the musicians’ gallery and watch in the centre of the great room
below, in the speck of light which shone amid its dimness, the two ladies
sitting at table, like people in a book or in a dream, the servants moving
softly about, and no one aware of the unseen spectators, till the irrepressible
whispering and rustling of the children betrayed them! how sometimes they
were sent away ignominiously, and sometimes Aunt Susan, in a cheery
mood, would throw up oranges to them, which Reine, with her tiny hands,
could never catch! How she used to cry when the oranges fell round her and
were snapped up by the boys—not for the fruit, for Reine never had
anything without sharing it or giving it away, but for the failure which made
them laugh at her! Everard laughed unawares as the scene came up before
him, and then felt that sudden compression, constriction of his heart—
serrement du cœur, which forces out the bitterest tears. And then he hurried
down to dinner and took his seat with the ladies, in the cool of the Summer
evening, in the same historical spot, having now become one of them, and
no longer a spectator. But he looked up at the gallery with a wistful sense of
the little scuffle that used to be there, the scrambling of small feet, and
whispering of voices. In Summer, when coolness was an advantage, the
ladies still dined in the great hall.
“Austine, you have not seen Everard since he returned from America,”
said Miss Susan. “How strong and well he looks!”—here she gave a sigh;
not that she grudged Everard his good looks, but the very words brought the
other before her, at thought of whom every other young man’s strength and
health seemed cruel.
“He has escaped the fate of the family,” said Miss Augustine. “All I can
pray for, Everard, is that you may never be the Austin of Whiteladies. No
wealth can make up for that.”
“Hush, hush!” said Miss Susan with a smile, “these are your fancies. We
are not much worse off than many other families who have no such curse as
you think of, my dear? Are all the old women comfortable—and
grumbling? What were you about to-day?”
“I met them in chapel,” said the younger sister, “and talked to them. I
told them, as I always do, what need we have of their prayers; and that they
should maintain a Christian life. Ah, Susan, you smile; and Everard,
because he is young and foolish, would laugh if he could; but when you
think that this is all I can do, or any one can do, to make up for the sins of
the past, to avert the doom of the family—”
 “If we have anything to make up more than others, I think we should do
it ourselves,” said Miss Susan. “But never mind, dear, if it pleases you. You
are spoiling the people; but there are not many villages spoiled with
kindness. I comfort myself with that.”
“It is not to please myself that I toil night and day, that I rise up early and
lie down late,” said Miss Augustine, with a faint gleam of indignation in her
eyes. Then she looked at Everard and sighed. She did not want to brag of
her mortifications. In the curious balance-sheet which she kept with heaven,
poor soul, so many prayers and vigils and charities, against so many sinful
failings in duty, she was aware that anything like a boast on her part
diminished the value of the compensation she was rendering. Her
unexpressed rule was that the, so to speak, commercial worth of a good
deed disappeared, when advantage was taken of it for this world; she
wanted to keep it at its full value for the next, and therefore she stopped
short and said no more. “Some of them put us to shame,” she said; “they
lead such holy lives. Old Mary Matthews spends nearly her whole time in
chapel. She only lives for God and us. To hear her speak would reward you
for many sacrifices, Susan—if you ever make any. She gives up all—her
time, her comfort, her whole thoughts—for us.”
“Why for us?” said Everard. “Do you keep people on purpose to pray for
the family, Aunt Augustine? I beg your pardon, but it sounded something
like it. You can’t mean it, of course?”
“Why should not I mean it? We do not pray so much as we ought for
ourselves,” said Miss Augustine; “and if I can persuade holy persons to pray
for us continually—”
“At so much a week, a cottage, and coals and candles,” said Miss Susan.
“Augustine, my dear, you shall have your way as long as I can get it for
you. I am glad the old souls are comfortable; and if they are good, so much
the better; and I am glad you like it, my dear; but whatever you think, you
should not talk in this way. Eh, Stevens, what do you say?”
“If I might make so bold, ma’am,” said the butler, “not to go against
Miss Augustine; but that hold Missis Matthews, mum, she’s a hold—”
“Silence, sir!” said Miss Susan promptly, “I don’t want to hear any
gossip; my sister knows best. Tell Everard about your schools, my dear; the
parish must be the better with the schools. Whatever the immediate motive
is, so long as the thing is good,” said this casuist, “and whatever the
occasional result may be, so long as the meaning is charitable—There,
there, Everard, I won’t have her crossed.”
This was said hastily in an undertone to Everard, who was shaking his
head, with a suppressed laugh on his face.
“I am not objecting to anything that is done, but to your reasoning,
which is defective,” he said.
“Oh, my reasoning! is that all? I don’t stand upon my reasoning,” said
Miss Susan. And then there was a pause in the conversation, for Miss
Susan’s mind was perturbed, and she talked but in fits and starts, having
sudden intervals of silence, from which she would as suddenly emerge into
animated discussion, then be still again all in a moment. Miss Augustine, in
her long limp gray dress, with pale hands coming out of the wide hanging
sleeves, talked only on one subject, and did not eat at all, so that her
company was not very cheerful. And Everard could not but glance up now
and then to the gallery, which lay in deep shade, and feel as if he were in a
dream, seated down below in the light. How vividly the childish past had
come upon him; and how much more cheerful it had been in those old days,
when the three atoms in the dusty corner of the gallery looked down with
laughing eyes upon the solemn people at table, and whispered and rustled in
their restlessness till they were found out!
At last—and this was something so wonderful that even the servants
who waited at table were appalled—Miss Augustine recommenced the
conversation. “You have had some one here to-day,” she said. “Farrel-
Austin—I met him.”
“Yes!” said Miss Susan, breathless and alarmed.
“It seemed to me that the shadow had fallen upon them already. He is
gray and changed. I have not seen him for a long time; his wife is ill, and
his children are delicate.”
“Nonsense, Austine, the girls are as strong and well as a couple of young
hoydens need be.” Miss Susan spoke almost sharply, and in a half-
frightened tone.
“You think so, Susan; for my part I saw the shadow plainly. It is that
their time is drawing near to inherit. Perhaps as they are girls, nothing will
happen to them; nothing ever happened to us; that is to say, they will not
marry probably; they will be as we have been. I wish to know them, Susan.
Probably one of them would take up my work, and endeavor to keep further
trouble from the house.”
“Farrel’s daughter? you are very good, Austine, very good; you put me
to shame,” said Miss Susan, bending her head.
“Yes; why not Farrel’s daughter? She is a woman like the rest of us and
an Austin, like the rest of us. I wish the property could pass to women, then
there might be an end of it once for all.”
“In that case it would go to Reine, and there would not in the least be the
end of it; quite the reverse.”
“I could persuade Reine,” said Miss Augustine. “Ah, yes; I could
persuade her. She knows my life. She knows about the family, how we have
all suffered. Reine would be led by me; she would give it up, as I should
have done had I the power. But men will not do such a thing. I am not
blaming them, I am saying what is the fact. Reine would have given it up.”
“You speak like a visionary,” said Miss Susan sighing. “Yes, I daresay
Reine would be capable of a piece of folly, or you, or even myself. We do
things that seem right to us at the moment without taking other things into
consideration, when we are quite free to do what we like. But don’t you see,
my dear, a man with an entailed estate is not free? His son or his heir must
come after him, as his father went before him; he is only a kind of a tenant.
Farrel, since you have spoken of Farrel—I would not have begun it—dare
not alienate property from Everard; and Everard, when it comes to him,
must keep it for his son, if he ever has one.”
“The thing would be,” said Miss Augustine, “to make up your mind
never to have one, Everard.” She looked at him calmly and gravely,
crossing her hands within her long sleeves.
“But, my dear Aunt Augustine,” said Everard, laughing, “what good
would that do me? I should have to hand it on to the next in the entail all the
same. I could not do away with the estate without the consent of my heir at
least.”
“Then I will tell you what to do,” said Miss Augustine. “Marry; it is
different from what I said just now, but it has the same meaning. Marry at
once; and when you have a boy let him be sent to me. I will train him, I will
show him his duty; and then with his consent, which he will be sure to give
when he grows up, you can break the entail and restore Whiteladies to its
right owner. Do this, my dear boy, it is quite simple; and so at last I shall
have the satisfaction of feeling that the curse will be ended one day. Yes; the
thing to be done is this.”
Miss Susan had exclaimed in various tones of impatience. She had
laughed reluctantly when Everard laughed; but what her sister said was
more serious to her than it was to the young man. “Do you mean to live
forever,” she said at last, “that you calculate so calmly on bringing up
Everard’s son?”
“I am fifty-five,” said Miss Augustine, “and Everard might have a son in
a year. Probably I shall live to seventy-five, at least,—most of the women of
our family do. He would then be twenty, approaching his majority. There is
nothing extravagant in it; and on the whole, it seems to me the most hopeful
thing to do. You must marry, Everard, without delay; and if you want
money I will help you. I will do anything for an object so near my heart.”
“You had better settle whom I am to marry, Aunt Augustine.”
Everard’s laughter made the old walls gay. He entered into the joke
without any arrière pensée; the suggestion amused him beyond measure; all
the more that it was made with so much gravity and solemnity. Miss Susan
had laughed too; but now she became slightly alarmed, and watched her
sister with troubled eyes.
“Whom you are to marry? That wants consideration,” said Miss
Augustine. “The sacrifice would be more complete and satisfying if two
branches of the family concurred in making it. The proper person for you to
marry in the circumstances would be either—”
“Austine!”
“Yes! I am giving the subject my best attention. You cannot understand,
no one can understand, how all-important it is to me. Everard, either one of
Farrel’s girls, to whom I bear no malice, or perhaps Reine.”
“Austine, you are out of your senses on this point,” said Miss Susan,
almost springing from her seat, and disturbing suddenly the calm of the
talk. “Come, come, we must retire; we have dined. Everard, if you choose
to sit a little, Stevens is giving you some very good claret. It was my
father’s; I can answer for it, much better than I can answer for my own, for I
am no judge. You will find us in the west room when you are ready, or in
the garden. It is almost too sweet to be indoors to-night.”
She drew her sister’s arm within hers and led her away, with peremptory
authority which permitted no argument, and to which Augustine
instinctively yielded; and Everard remained alone, his cheek tingling, his
heart beating. It had all been pure amusement up to this point; but even his
sense of the ludicrous could not carry him further. He might have known, he
said to himself, that this was what she must say. He blushed, and felt it
ungenerous in himself to have allowed her to go so far, to propose these
names to him. He seemed to be making the girls endure a humiliation
against his will, and without their knowledge. What had they done that he
should permit any one even to suggest that he could choose among them?
This was the more elevated side of his feelings; but there was another side, I
am obliged to allow, a fluttered, flattered consciousness that the suggestion
might be true; that he might have it in his power, like a sultan, to choose
among them, and throw his princely handkerchief at the one he preferred. A
mixture, therefore, of some curious sense of elation and suppressed
pleasure, mingled with the more generous feeling within him, quenching at
once the ridicule of Miss Augustine’s proposal, and the sense of wrong done
to those three girls. Yes, no doubt it is a man’s privilege to choose; he, and
not the woman, has it in his power to weigh the qualities of one and
another, and to decide which would be most fit for the glorious position of
his wife. They could not choose him, but he could choose one of them, and
on his choice probably their future fate would depend. It was impossible not
to feel a little pleasant flutter of consciousness. He was not vain, but he felt
the sweetness of the superiority involved, the greatness of the position.
When the ladies were gone Everard laughed, all alone by himself, he
could not help it; and the echoes took up the laughter, and rang into that
special corner of the gallery which he knew so well, centring there. Why
there, of all places in the world? Was it some ghost of little Reine in her
childhood that laughed? Reine in her childhood had been the one who
exercised choice. It was she who might have thrown the handkerchief, not
Everard. And then a hush came over him, and a compunction, as he thought
where Reine was at this moment, and how she might be occupied. Bending
over her brother’s death-bed, hearing his last words, her heart contracted
with the bitter pang of parting, while her old playfellow laughed, and
wondered whether he should choose her out of the three to share his
grandeur. Everard grew quite silent all at once, and poured himself out a
glass of the old claret in deep humiliation and stillness, feeling ashamed of
himself. He held the wine up to the light with the solemnest countenance,
trying to take himself in, and persuade himself that he had no lighter
thoughts in his mind, and then having swallowed it with equal solemnity, he
got up and strolled out into the garden. He had so grave a face when Miss
Susan met him, that she thought for the first moment that some letter had
come, and that all was over, and gasped and called to him, what was it?
what was it? “Nothing!” said Everard more solemnly than ever. He was
impervious to any attempt at laughter for the rest of the evening, ashamed
of himself and his light thoughts, in sudden contrast with the thoughts that
must be occupying his cousins, his old playmates. And yet, as he went
home in the moonlight, the shock of that contrast lessened, and his young
lightness of mind began to reassert itself. Before he got out of hearing of the
manor he began to whistle again unawares; but this time it was not one of
Reine’s songs. It was a light opera air which, no doubt, one of the other
girls had taught him, or so, at least, Miss Susan thought.
 CHAPTER V.

I n all relationships, as I have already said—and it is not an original saying

—there is one who is active and one who is passive,—“L’unqui baise et
l’autre qui tend la joue,” as the French say, with their wonderful half-
pathetic, half-cynic wisdom. Between the two sisters of Whiteladies it was
Augustine who gave the cheek and Susan the kiss, it was Augustine who
claimed and Susan who offered sympathy; it was Augustine’s affairs, such
as they were, which were discussed. The younger sister had only her own
fancies and imaginations, her charities, and the fantastic compensations
which she thought she was making for the evil deeds of her family, to
discuss and enlarge upon; whereas the elder had her mind full of those
mundane matters from which our cares spring—the management of
material interests—the conflict which is always more or less involved in the
government of other souls. She managed her nephew’s estate in trust for
him till he came of age,—if he should live to come of age, poor boy; she
managed her own money and her sister’s, which was not inconsiderable;
and the house and the servants, and in some degree the parish, of which
Miss Susan was the virtual Squire. But of all this weight of affairs it did not
occur to her to throw any upon Augustine. Augustine had always been
spared from her youth up—spared all annoyance, all trouble, everybody
uniting to shield her. She had been “delicate” in her childhood, and she had
sustained a “disappointment” in youth—which means in grosser words that
she had been jilted, openly and disgracefully, by Farrel-Austin, her cousin,
which was the ground of Susan Austin’s enmity to him. I doubt much
whether Augustine herself, whose blood was always tepid and her head
involved in dreams, felt this half so much as her family felt it for her—her
sister especially, to whom she had been a pet and a plaything all her life,
and who had that half-adoring admiration for her which an elder sister is
sometimes seen to entertain for a younger one whom she believes to be
gifted with that beauty which she knows has not fallen to her share. Susan
felt the blow with an acute sense of shame and wounded pride, which
Augustine herself was entirely incapable of—and from that moment
forward had constituted herself, not only the protector of her sister’s
weakness, but the representative of something better which had failed her,
of that admiration and chivalrous service which a beautiful woman is
supposed to receive from the world.
It may seem a strange thing to many to call the devotion of one woman
to another chivalrous. Yet Susan’s devotion to her sister merited the title.
She vowed to herself that, so far as she could prevent it, her sister should
never feel the failure of those attentions which her lover ought to have
given her—that she should never know what it was to fall into that neglect
which is often the portion of middle-aged women—that she should be
petted and cared for, as if she were still the favorite child or the adored wife
which she had been or might have been. In doing this Susan not only
testified the depth of her love for Augustine, and indignant compassion for
her wrongs, but also a woman’s high ideal of how an ideal woman should
be treated in this world. Augustine was neither a beautiful woman nor an
ideal one, though her sister thought so, and Susan had been checked many a
time in her idolatry by her idol’s total want of comprehension of it; but she
had never given up her plan for consoling the sufferer. She had admired
Augustine as well as loved her; she had always found what she did
excellent; she had made Augustine’s plans important by believing in them,
and her opinions weighty, even while, within herself, she saw the plans to
be impracticable and the opinions futile. The elder sister would pause in the
midst of a hundred real and pressing occupations, a hundred weighty cares,
to condole with, or to assist, or support, the younger, pulling her through
some parish imbroglio, some almshouse squabble, as if these trifling
annoyances had been affairs of state. But of the serious matters which
occupied her own mind, she said nothing to Augustine, knowing that she
would find no comprehension, and willing to avoid the certainty that her
sister would take no interest in her proceedings. Indeed, it was quite
possible that Augustine might have gone further than mere failure of
sympathy; Susan knew very well that she would be disapproved of, perhaps
censured, for being engrossed by the affairs of this world. The village
people, and everybody on the estate, were, I think, of the same opinion.
They thought Miss Susan “the hard one”—doing her ineffable injustice, one
of those unconsidered wrongs that cut into the heart. At first, I suppose, this
had not been the state of affairs—between the sisters, at least; but it would
be difficult to tell how many disappointments the strong and hard Susan had
gone through before she made up her mind never to ask for the sympathy
which never came her way. This was her best philosophy, and saved her
much mortification; but it cost her many trials before she could make up her
mind to it, and had not its origin in philosophy at all, but in much wounding
and lacerating of a generous and sensitive heart.
Therefore she did not breathe a word to her sister about the present
annoyance and anxiety in her mind. When it was their hour to go upstairs—
and everything was done like clock-work at Whiteladies—she went with
Augustine to her room, as she always did, and heard over again for the third
or fourth time the complaint of the rudeness of the butler, Stevens, who did
not countenance Augustine’s “ways.”
“Indeed, he is a very honest fellow,” said Miss Susan, thinking bitterly of
Farrel-Austin and of the last successful stroke he had made.
“He is a savage, he is a barbarian—he cannot be a Christian,” Miss
Augustine had replied.
“Yes, yes, my dear; we must take care not to judge other people. I will
scold him well, and he will never venture to say anything disagreeable to
you again.”
“You think I am speaking for myself,” said Augustine. “No, what I feel
is, how out of place such a man is in a household like ours. You are
deceived about him now, and think his honesty, as you call it, covers all his
faults. But, Susan, listen to me. Without the Christian life, what is honesty?
Do you think it would bear the strain if temptation—to any great crime, for
instance—”
“My dear, you are speaking nonsense,” said Miss Susan.
“That is what I am afraid of,” said her sister solemnly. “A man like this
ought not to be in a house like ours; for you are a Christian, Susan.”
“I hope so at least,” said the other with a momentary laugh.
“But why should you laugh? Oh, Susan! think how you throw back my
work—even, you hinder my atonement. Is not this how all the family have
been—treating everything lightly—our family sin and doom, like the rest?
and you, who ought to know better, who ought to strengthen my hands!
perhaps, who knows, if you could but have given your mind to it, we two
together might have averted the doom!”
Augustine sat down in a large hard wooden chair which she used by way
of mortification, and covered her face with her hands. Susan, who was
standing by holding her candle, looked at her strangely with a half smile,
and a curious acute sense of the contrast between them. She stood silent for
a moment, perhaps with a passing wonder which of the two it was who had
done the most for the old house; but if she entertained this thought, it was
but for the moment. She laid her hand upon her sister’s shoulder.
“My dear Austine,” she said, “I am Martha and you are Mary. So long as
Martha did not find fault with her sister, our good Lord made no objection
to her housewifely ways. So, if I am earthly while you are heavenly, you
must put up with me, dear; for, after all, there are a great many earthly
things to be looked after. And as for Stevens, I shall scold him well,” she
added with sudden energy, with a little outburst of natural indignation at the
cause (though innocent) of this slight ruffling of the domestic calm.
The thoughts in her mind were of a curious and mixed description as she
went along the corridor after Augustine had melted, and bestowed, with a
certain lofty and melancholy regret, for her sister’s imperfections, her good-
night kiss. Miss Susan’s room was on the other side of the house, over the
drawing-room. To reach it she had to go along the corridor, which skirted
the staircase with its dark oaken balustrades, and thence into another
casemented passage, which led by three or four oaken steps to the ante-
room in which her maid slept, and from which her own room opened. One
of her windows looked out upon the north side, the same aspect as the
dining-hall, and was, indeed, the large casement which occupied one of the
richly-carved gables on that side of the house. The other looked out upon
the west side, over the garden, and facing the sunset. It was a large panelled
room, with few curtains, for Miss Susan loved air. A shaded night-lamp
burned faintly upon a set of carved oaken drawers at the north end, and the
moonlight slanting through the western window threw two lights, broken by
the black bar of the casement, on the broad oak boards—for only the centre
of the room was carpeted. Martha came in with her mistress, somewhat
sleepy, and slightly injured in her feelings, for what with Everard’s visits
and other agitations of the day, Miss Susan was half an hour late. It is not to
be supposed that she, who could not confide in her sister, would confide in
Martha; but yet Martha knew, by various indications, what Augustine would
never have discovered, that Miss Susan had “something on her mind.”
Perhaps it was because she did not talk as much as usual, and listened to
Martha’s own remarks with the indifference of abstractedness; perhaps
because of the little tap of her foot on the floor, and sound of her voice as
she asked her faithful attendant if she had done yet, while Martha,
aggrieved but conscientious, fumbled with the doors of the wardrobe, in
which she had just hung up her mistress’s gown; perhaps it was the tired
way in which Miss Susan leaned back in her easy chair, and the half sigh
which breathed into her good-night. But from all these signs together
Martha knew, what nothing could have taught Augustine. But what could
the maid do to show sympathy? At first, I am sorry to say, she did not feel
much, but was rather glad that the mistress, who had kept her half an hour
longer than usual out of bed, should herself have some part of the penalty to
pay; but compunctions grew upon Martha before she left the room, and I
think that her lingering, which annoyed Miss Susan, was partly meant to
show that she felt for her mistress. If so, it met the usual recompense of
unappreciated kindness, and at last earned a peremptory dismissal for the
lingerer. When Miss Susan was alone, she raised herself a little from her
chair and screwed up the flame of the small silver lamp on her little table,
and put the double eyeglass which she used, being slightly short-sighted, on
her nose. She was going to think; and she had an idea, not uncommon to
short-sighted people, that to see distinctly helped her faculties in
everything.
She felt instinctively for her eyeglass when any noise woke her in the
middle of the night; she could hear better as well as think better with that
aid. The two white streaks of moonlight, with the broad bar of shadow
between, and all the markings of the diamond panes, indicated on the gray
oaken board and fringe of Turkey carpet, moved slowly along the floor,
coming further into the room as the moon moved westward to its setting. In
the distant corner the night-light burned dim but steady. Miss Susan sat by
the side of her bed, which was hung at the head with blue-gray curtains of
beautiful old damask. On her little table was a Bible and Prayer Book, a
long-stalked glass with a rose in it, another book less sacred, which she had
been reading in the morning, her handkerchief, her eau-de-cologne, her
large old watch in an old stand, and those other trifles which every lady’s-
maid who respects herself keeps ready and in order by her mistress’s
bedside. Martha, too sleepy to be long about her own preparations, was in
bed and asleep almost as soon as Miss Susan put on her glasses. All was
perfectly still, the world out-of-doors held under the spell of the moonlight,
the world inside rapt in sleep and rest. Miss Susan wrapped her dressing-
gown about her, and sat up in her chair to think. It was a very cosey, very
comfortable chair, not hard and angular like Austine’s, and everything in the
room was pleasant and soft, not ascetical and self-denying. Susan Austin
was not young, but she had kept something of that curious freshness of soul
which some unmarried women carry down to old age. She was not aware in
her innermost heart that she was old. In everything external she owned her
years fully, and felt them; but in her heart she, who had never passed out of
the first stage of life, retained so many of its early illusions as to confuse
herself and bewilder her consciousness. When she sat like this thinking by
herself, with nothing to remind her of the actual aspect of circumstances,
she never could be quite sure whether she was young or old. There was
always a momentary glimmer and doubtfulness about her before she settled
down to the consideration of her problem, whatever it was—as to which
problem it was, those which had come before her in her youth, which she
had settled, or left to float in abeyance for the settling of circumstances—or
the actual and practical matter-of-fact of to-day. For a moment she caught
her own mind lingering upon that old story between Augustine and their
cousin Farrel, as if it were one of the phases of that which demanded her
attention; and then she roused herself sharply to her immediate difficulty,
and to consider what she was to do.
It is forlorn in such an emergency to be compelled to deliberate alone,
without any sharer of one’s anxieties or confidante of one’s thoughts. But
Miss Susan was used to this, and was willing to recognize the advantage it
gave her in the way of independence and prompt conclusion. She was free
from the temptation of talking too much, of attacking her opponents with
those winged words which live often after the feeling that dictated them has
passed. She could not be drawn into any self-committal, for nobody thought
or cared what was in her mind. Perhaps, however, it is more easy to exercise
that casuistry which self-interest produces even in the most candid mind,
when it is not necessary to put one’s thoughts into words. I cannot tell on
what ground it was that this amiable, and, on the whole, good woman
concluded her opposition to Farrel-Austin, and his undoubted right of
inheritance, to be righteous, and even holy. She resisted his claim—because
it was absolutely intolerable to her to think of giving up her home to him,
because she hated and despised him—motives very comprehensible, but not
especially generous, or elevated in the abstract. She felt, however, and
believed—when she sat down in her chair and put on her glasses to reflect
how she could baffle and overthrow him—that it was something for the
good of the family and the world that she was planning, not anything selfish
Welcome to our website – the ideal destination for book lovers and
knowledge seekers. With a mission to inspire endlessly, we offer a
vast collection of books, ranging from classic literary works to
specialized publications, self-development books, and children's
literature. Each book is a new journey of discovery, expanding
knowledge and enriching the soul of the reade

Our website is not just a platform for buying books, but a bridge
connecting readers to the timeless values of culture and wisdom. With
an elegant, user-friendly interface and an intelligent search system,
we are committed to providing a quick and convenient shopping
experience. Additionally, our special promotions and home delivery
services ensure that you save time and fully enjoy the joy of reading.

Let us accompany you on the journey of exploring knowledge and

personal growth!

ebooknice.com