rootlabs's presentations.

rootlabs's presentations. http://www.slideshare.net/ http://www.slideshare.net/images/logo.gif rootlabs's presentations. http://www.slideshare.net/ Fri, 07 Aug 2009 05:57:58 GMT SlideShare feed for rootlabs's presentations. Crypto Strikes Back! (Google 2009) http://www.slideshare.net/rootlabs/crypto-strikes-back-google-2009-1826045
Encrypting and decrypting, choosing a random number, signing and verifying -- it all seems so logical. But the road to hell is paved with good intentions and a copy of "Applied Cryptography". This talk will cover recent crypto vulnerabilities in widely-deployed systems and how the smallest oversight resulted in catastrophe. You’ll learn why public key crypto is like a Ford Pinto in a demolition derby, the meaning of "PBKDF2", and how Web 2.0 reinvented 1970’s-style password hashing, badly. And maybe, just maybe, you’ll leave with a newfound respect for the utter brittleness of even the simplest crypto. Nate Lawson is the founder of Root Labs, which specializes in the design and analysis of embedded security and cryptography. Previously, he worked at Cryptography Research, analyzing cryptographic products and co-designing the Blu-ray content protection layer known as BD+. ]]>
Encrypting and decrypting, choosing a random number, signing and verifying -- it all seems so logical. But the road to hell is paved with good intentions and a copy of "Applied Cryptography". This talk will cover recent crypto vulnerabilities in widely-deployed systems and how the smallest oversight resulted in catastrophe. You’ll learn why public key crypto is like a Ford Pinto in a demolition derby, the meaning of "PBKDF2", and how Web 2.0 reinvented 1970’s-style password hashing, badly. And maybe, just maybe, you’ll leave with a newfound respect for the utter brittleness of even the simplest crypto. Nate Lawson is the founder of Root Labs, which specializes in the design and analysis of embedded security and cryptography. Previously, he worked at Cryptography Research, analyzing cryptographic products and co-designing the Blu-ray content protection layer known as BD+. ]]> Fri, 07 Aug 2009 05:57:58 GMT http://www.slideshare.net/rootlabs/crypto-strikes-back-google-2009-1826045 rootlabs@slideshare.net(rootlabs) Crypto Strikes Back! (Google 2009) rootlabs Encrypting and decrypting, choosing a random number, signing and verifying -- it all seems so logical. But the road to hell is paved with good intentions and a copy of "Applied Cryptography". This talk will cover recent crypto vulnerabilities in widely-deployed systems and how the smallest oversight resulted in catastrophe. You’ll learn why public key crypto is like a Ford Pinto in a demolition derby, the meaning of "PBKDF2", and how Web 2.0 reinvented 1970’s-style password hashing, badly. And maybe, just maybe, you’ll leave with a newfound respect for the utter brittleness of even the simplest crypto. Nate Lawson is the founder of Root Labs, which specializes in the design and analysis of embedded security and cryptography. Previously, he worked at Cryptography Research, analyzing cryptographic products and co-designing the Blu-ray content protection layer known as BD+. <img src="http://cdn.slidesharecdn.com/google2009cryptostrikesback-090807005811-phpapp01-thumbnail-2?1249624706" alt ="" style="border:1px solid #C3E6D8;float:right;" /> Encrypting and decrypting, choosing a random number, signing and verifying -- it all seems so logical. But the road to hell is paved with good intentions and a copy of "Applied Cryptography". This talk will cover recent crypto vulnerabilities in widely-deployed systems and how the smallest oversight resulted in catastrophe. You’ll learn why public key crypto is like a Ford Pinto in a demolition derby, the meaning of "PBKDF2", and how Web 2.0 reinvented 1970’s-style password hashing, badly. And maybe, just maybe, you’ll leave with a newfound respect for the utter brittleness of even the simplest crypto. Nate Lawson is the founder of Root Labs, which specializes in the design and analysis of embedded security and cryptography. Previously, he worked at Cryptography Research, analyzing cryptographic products and co-designing the Blu-ray content protection layer known as BD+. Crypto Strikes Back! (Google 2009)

View more documents from Nate Lawson.

]]> 1243 0 http://cdn.slidesharecdn.com/google2009cryptostrikesback-090807005811-phpapp01-thumbnail-2?1249624706 presentation http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

When Crypto Attacks! (Yahoo 2009) http://www.slideshare.net/rootlabs/when-crypto-attacks-yahoo-2009
In-depth list of attacks against various crypto implementations. Developers seem to have gotten the message not to design their own ciphers. Now, we’re trying to get the message out that you shouldn’t be implementing your own crypto protocols or constructions, using low-level crypto libraries. Instead, developers should work at a higher level, using libraries like GPGME, Keyczar, or cryptlib. If you do end up designing/implementing your own construction, getting it reviewed by a third party is an expensive but vital task.]]>
In-depth list of attacks against various crypto implementations. Developers seem to have gotten the message not to design their own ciphers. Now, we’re trying to get the message out that you shouldn’t be implementing your own crypto protocols or constructions, using low-level crypto libraries. Instead, developers should work at a higher level, using libraries like GPGME, Keyczar, or cryptlib. If you do end up designing/implementing your own construction, getting it reviewed by a third party is an expensive but vital task.]]> Wed, 10 Jun 2009 18:20:49 GMT http://www.slideshare.net/rootlabs/when-crypto-attacks-yahoo-2009 rootlabs@slideshare.net(rootlabs) When Crypto Attacks! (Yahoo 2009) rootlabs In-depth list of attacks against various crypto implementations. Developers seem to have gotten the message not to design their own ciphers. Now, we’re trying to get the message out that you shouldn’t be implementing your own crypto protocols or constructions, using low-level crypto libraries. Instead, developers should work at a higher level, using libraries like GPGME, Keyczar, or cryptlib. If you do end up designing/implementing your own construction, getting it reviewed by a third party is an expensive but vital task. <img src="http://cdn.slidesharecdn.com/whencryptoattacksyahoo2009-090610132054-phpapp01-thumbnail-2?1244658644" alt ="" style="border:1px solid #C3E6D8;float:right;" /> In-depth list of attacks against various crypto implementations. Developers seem to have gotten the message not to design their own ciphers. Now, we’re trying to get the message out that you shouldn’t be implementing your own crypto protocols or constructions, using low-level crypto libraries. Instead, developers should work at a higher level, using libraries like GPGME, Keyczar, or cryptlib. If you do end up designing/implementing your own construction, getting it reviewed by a third party is an expensive but vital task. When Crypto Attacks! (Yahoo 2009)

View more documents from Nate Lawson.

]]> 2388 0 http://cdn.slidesharecdn.com/whencryptoattacksyahoo2009-090610132054-phpapp01-thumbnail-2?1244658644 presentation http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

Designing and Attacking DRM (RSA 2008) http://www.slideshare.net/rootlabs/designing-and-attacking-drm-rsa-2008
Why software protection matters to everyone, including IT professionals. Design principles for making more robust DRM. Attacker tools. Provides a framework in two variables (L and T) for evaluating the longer term success of a DRM system. Gives an update on the latest DRM cracks. Talk given at RSA Conference in the spring of 2008.]]>
Why software protection matters to everyone, including IT professionals. Design principles for making more robust DRM. Attacker tools. Provides a framework in two variables (L and T) for evaluating the longer term success of a DRM system. Gives an update on the latest DRM cracks. Talk given at RSA Conference in the spring of 2008.]]> Wed, 10 Jun 2009 17:37:16 GMT http://www.slideshare.net/rootlabs/designing-and-attacking-drm-rsa-2008 rootlabs@slideshare.net(rootlabs) Designing and Attacking DRM (RSA 2008) rootlabs Why software protection matters to everyone, including IT professionals. Design principles for making more robust DRM. Attacker tools. Provides a framework in two variables (L and T) for evaluating the longer term success of a DRM system. Gives an update on the latest DRM cracks. Talk given at RSA Conference in the spring of 2008. <img src="http://cdn.slidesharecdn.com/rsa2008designingattackingdrm-090610123724-phpapp02-thumbnail-2?1244655595" alt ="" style="border:1px solid #C3E6D8;float:right;" /> Why software protection matters to everyone, including IT professionals. Design principles for making more robust DRM. Attacker tools. Provides a framework in two variables (L and T) for evaluating the longer term success of a DRM system. Gives an update on the latest DRM cracks. Talk given at RSA Conference in the spring of 2008. Designing and Attacking DRM (RSA 2008)

View more documents from Nate Lawson.

]]> 440 0 http://cdn.slidesharecdn.com/rsa2008designingattackingdrm-090610123724-phpapp02-thumbnail-2?1244655595 presentation http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

Highway to Hell: Hacking Toll Systems (Blackhat 2008) http://www.slideshare.net/rootlabs/highway-to-hell-hacking-toll-systems-blackhat-2008
FasTrak and related toll collection systems have been around since the mid-90’s. I started looking at them because I had never signed up due to privacy concerns. However, while the underlying Title 21 standard is public, I couldn’t find any details about the internal workings of the system or any security measures. I bought a few transponders and took them apart to find out. Besides support for the standard messages, I found no encryption. So it’s easy for an attacker to use a simple RFID reader to collect transponder IDs from cars in a parking lot, then replay them to bill tolls to the real owners. By only using each stolen ID once, it would be difficult to track them down. Even more surprising, I found support for a lot of proprietary messages that go far beyond toll collection. By sending a few packets, an attacker can activate a hidden “update mode” that allows the ID to be wiped or overwritten with a different one. This goes against claims that the transponder is “read-only” and “there is no memory to write anything to”. More information available here: http://rdist.root.org/2008/08/07/fastrak-talk-summary-and-slides/]]>
FasTrak and related toll collection systems have been around since the mid-90’s. I started looking at them because I had never signed up due to privacy concerns. However, while the underlying Title 21 standard is public, I couldn’t find any details about the internal workings of the system or any security measures. I bought a few transponders and took them apart to find out. Besides support for the standard messages, I found no encryption. So it’s easy for an attacker to use a simple RFID reader to collect transponder IDs from cars in a parking lot, then replay them to bill tolls to the real owners. By only using each stolen ID once, it would be difficult to track them down. Even more surprising, I found support for a lot of proprietary messages that go far beyond toll collection. By sending a few packets, an attacker can activate a hidden “update mode” that allows the ID to be wiped or overwritten with a different one. This goes against claims that the transponder is “read-only” and “there is no memory to write anything to”. More information available here: http://rdist.root.org/2008/08/07/fastrak-talk-summary-and-slides/]]> Wed, 10 Jun 2009 17:32:59 GMT http://www.slideshare.net/rootlabs/highway-to-hell-hacking-toll-systems-blackhat-2008 rootlabs@slideshare.net(rootlabs) Highway to Hell: Hacking Toll Systems (Blackhat 2008) rootlabs FasTrak and related toll collection systems have been around since the mid-90’s. I started looking at them because I had never signed up due to privacy concerns. However, while the underlying Title 21 standard is public, I couldn’t find any details about the internal workings of the system or any security measures. I bought a few transponders and took them apart to find out. Besides support for the standard messages, I found no encryption. So it’s easy for an attacker to use a simple RFID reader to collect transponder IDs from cars in a parking lot, then replay them to bill tolls to the real owners. By only using each stolen ID once, it would be difficult to track them down. Even more surprising, I found support for a lot of proprietary messages that go far beyond toll collection. By sending a few packets, an attacker can activate a hidden “update mode” that allows the ID to be wiped or overwritten with a different one. This goes against claims that the transponder is “read-only” and “there is no memory to write anything to”. More information available here: http://rdist.root.org/2008/08/07/fastrak-talk-summary-and-slides/ <img src="http://cdn.slidesharecdn.com/bh2008hackingtollsystems-090610123310-phpapp01-thumbnail-2?1244656705" alt ="" style="border:1px solid #C3E6D8;float:right;" /> FasTrak and related toll collection systems have been around since the mid-90’s. I started looking at them because I had never signed up due to privacy concerns. However, while the underlying Title 21 standard is public, I couldn’t find any details about the internal workings of the system or any security measures. I bought a few transponders and took them apart to find out. Besides support for the standard messages, I found no encryption. So it’s easy for an attacker to use a simple RFID reader to collect transponder IDs from cars in a parking lot, then replay them to bill tolls to the real owners. By only using each stolen ID once, it would be difficult to track them down. Even more surprising, I found support for a lot of proprietary messages that go far beyond toll collection. By sending a few packets, an attacker can activate a hidden “update mode” that allows the ID to be wiped or overwritten with a different one. This goes against claims that the transponder is “read-only” and “there is no memory to write anything to”. More information available here: http://rdist.root.org/2008/08/07/fastrak-talk-summary-and-slides/ Highway to Hell: Hacking Toll Systems (Blackhat 2008)

View more documents from Nate Lawson.

]]> 664 0 http://cdn.slidesharecdn.com/bh2008hackingtollsystems-090610123310-phpapp01-thumbnail-2?1244656705 presentation http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

TLS/SSL MAC security flaw http://www.slideshare.net/rootlabs/tlsssl-mac-security-flaw
Analysis of one of the CBC attacks on TLS that resulted in the bump from 1.0 to 1.1. Talk given at iSec Forum on Jan 10, 2008.]]>
Analysis of one of the CBC attacks on TLS that resulted in the bump from 1.0 to 1.1. Talk given at iSec Forum on Jan 10, 2008.]]> Wed, 10 Jun 2009 17:31:30 GMT http://www.slideshare.net/rootlabs/tlsssl-mac-security-flaw rootlabs@slideshare.net(rootlabs) TLS/SSL MAC security flaw rootlabs Analysis of one of the CBC attacks on TLS that resulted in the bump from 1.0 to 1.1. Talk given at iSec Forum on Jan 10, 2008. <img src="http://cdn.slidesharecdn.com/tlsflaw20080110-090610123139-phpapp01-thumbnail-2?1244655651" alt ="" style="border:1px solid #C3E6D8;float:right;" /> Analysis of one of the CBC attacks on TLS that resulted in the bump from 1.0 to 1.1. Talk given at iSec Forum on Jan 10, 2008. TLS/SSL MAC security flaw

View more documents from Nate Lawson.

]]> 599 0 http://cdn.slidesharecdn.com/tlsflaw20080110-090610123139-phpapp01-thumbnail-2?1244655651 presentation http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

TLS/SSL Protocol Design http://www.slideshare.net/rootlabs/tlsssl-protocol-design
Introduction to the design principles behind SSL. This was a relatively basic talk since the audience was a networking class with no previous security experience. Talk given to Cal Poly networking class on November 29, 2007.]]>
Introduction to the design principles behind SSL. This was a relatively basic talk since the audience was a networking class with no previous security experience. Talk given to Cal Poly networking class on November 29, 2007.]]> Wed, 10 Jun 2009 17:25:54 GMT http://www.slideshare.net/rootlabs/tlsssl-protocol-design rootlabs@slideshare.net(rootlabs) TLS/SSL Protocol Design rootlabs Introduction to the design principles behind SSL. This was a relatively basic talk since the audience was a networking class with no previous security experience. Talk given to Cal Poly networking class on November 29, 2007. <img src="http://cdn.slidesharecdn.com/tlsdesign200711292-090610122559-phpapp01-thumbnail-2?1244655712" alt ="" style="border:1px solid #C3E6D8;float:right;" /> Introduction to the design principles behind SSL. This was a relatively basic talk since the audience was a networking class with no previous security experience. Talk given to Cal Poly networking class on November 29, 2007. TLS/SSL Protocol Design

View more documents from Nate Lawson.

]]> 630 0 http://cdn.slidesharecdn.com/tlsdesign200711292-090610122559-phpapp01-thumbnail-2?1244655712 presentation http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

Don’t Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007) http://www.slideshare.net/rootlabs/dont-tell-joanna-the-virtualized-rootkit-is-dead-blackhat-2007
Analysis of virtualized rootkit detection methods. Introduces "Samsara", our framework for detecting virtualization and an implementation of data/instruction TLB sizing, HPET timer, and VT errata tests. We predict the future will be cat-and-mouse, where each side analyzes and responds to the behavior of their opponent, ad infinitum. Joint talk given with Thomas Ptacek and Peter Ferrie.]]>
Analysis of virtualized rootkit detection methods. Introduces "Samsara", our framework for detecting virtualization and an implementation of data/instruction TLB sizing, HPET timer, and VT errata tests. We predict the future will be cat-and-mouse, where each side analyzes and responds to the behavior of their opponent, ad infinitum. Joint talk given with Thomas Ptacek and Peter Ferrie.]]> Wed, 10 Jun 2009 17:20:15 GMT http://www.slideshare.net/rootlabs/dont-tell-joanna-the-virtualized-rootkit-is-dead-blackhat-2007 rootlabs@slideshare.net(rootlabs) Don’t Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007) rootlabs Analysis of virtualized rootkit detection methods. Introduces "Samsara", our framework for detecting virtualization and an implementation of data/instruction TLB sizing, HPET timer, and VT errata tests. We predict the future will be cat-and-mouse, where each side analyzes and responds to the behavior of their opponent, ad infinitum. Joint talk given with Thomas Ptacek and Peter Ferrie. <img src="http://cdn.slidesharecdn.com/bh2007virtrootkitdetection-090610122025-phpapp01-thumbnail-2?1244655758" alt ="" style="border:1px solid #C3E6D8;float:right;" /> Analysis of virtualized rootkit detection methods. Introduces "Samsara", our framework for detecting virtualization and an implementation of data/instruction TLB sizing, HPET timer, and VT errata tests. We predict the future will be cat-and-mouse, where each side analyzes and responds to the behavior of their opponent, ad infinitum. Joint talk given with Thomas Ptacek and Peter Ferrie. Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)

View more documents from Nate Lawson.

]]> 294 0 http://cdn.slidesharecdn.com/bh2007virtrootkitdetection-090610122025-phpapp01-thumbnail-2?1244655758 presentation http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

Copy Protection Wars: Analyzing Retro and Modern Schemes (RSA 2007) http://www.slideshare.net/rootlabs/copy-protection-wars-analyzing-retro-and-modern-schemes-rsa-2007
History and future of copy protection. Builds on the property of asymmetry as a way of analyzing copy protection features. Defenders only need to increase cost to attackers, not build an impenetrable wall. Included a live demo of reading a C64 game and cracking its protection, as well as an intro to the Xbox 360 drive hacks. Ended with some simple recommendations for repairing the 360 hacks.]]>
History and future of copy protection. Builds on the property of asymmetry as a way of analyzing copy protection features. Defenders only need to increase cost to attackers, not build an impenetrable wall. Included a live demo of reading a C64 game and cracking its protection, as well as an intro to the Xbox 360 drive hacks. Ended with some simple recommendations for repairing the 360 hacks.]]> Wed, 10 Jun 2009 17:18:21 GMT http://www.slideshare.net/rootlabs/copy-protection-wars-analyzing-retro-and-modern-schemes-rsa-2007 rootlabs@slideshare.net(rootlabs) Copy Protection Wars: Analyzing Retro and Modern Schemes (RSA 2007) rootlabs History and future of copy protection. Builds on the property of asymmetry as a way of analyzing copy protection features. Defenders only need to increase cost to attackers, not build an impenetrable wall. Included a live demo of reading a C64 game and cracking its protection, as well as an intro to the Xbox 360 drive hacks. Ended with some simple recommendations for repairing the 360 hacks. <img src="http://cdn.slidesharecdn.com/rsa20070206-090610121832-phpapp02-thumbnail-2?1244655785" alt ="" style="border:1px solid #C3E6D8;float:right;" /> History and future of copy protection. Builds on the property of asymmetry as a way of analyzing copy protection features. Defenders only need to increase cost to attackers, not build an impenetrable wall. Included a live demo of reading a C64 game and cracking its protection, as well as an intro to the Xbox 360 drive hacks. Ended with some simple recommendations for repairing the 360 hacks. Copy Protection Wars: Analyzing Retro and Modern Schemes (RSA 2007)

View more documents from Nate Lawson.

]]> 523 0 http://cdn.slidesharecdn.com/rsa20070206-090610121832-phpapp02-thumbnail-2?1244655785 presentation http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

ACPI and FreeBSD (Part 2) http://www.slideshare.net/rootlabs/acpi-and-freebsd-part-2
An introduction to ACPI for users. Covers how to configure ACPI on FreeBSD and what is currently supported. Given at the Bay Area FreeBSD User’s Group, September 6, 2006]]>
An introduction to ACPI for users. Covers how to configure ACPI on FreeBSD and what is currently supported. Given at the Bay Area FreeBSD User’s Group, September 6, 2006]]> Wed, 10 Jun 2009 17:15:08 GMT http://www.slideshare.net/rootlabs/acpi-and-freebsd-part-2 rootlabs@slideshare.net(rootlabs) ACPI and FreeBSD (Part 2) rootlabs An introduction to ACPI for users. Covers how to configure ACPI on FreeBSD and what is currently supported. Given at the Bay Area FreeBSD User’s Group, September 6, 2006 <img src="http://cdn.slidesharecdn.com/acpi20060906-090610121518-phpapp01-thumbnail-2?1244655810" alt ="" style="border:1px solid #C3E6D8;float:right;" /> An introduction to ACPI for users. Covers how to configure ACPI on FreeBSD and what is currently supported. Given at the Bay Area FreeBSD User’s Group, September 6, 2006 ACPI and FreeBSD (Part 2)

View more documents from Nate Lawson.

]]> 403 0 http://cdn.slidesharecdn.com/acpi20060906-090610121518-phpapp01-thumbnail-2?1244655810 presentation http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

ACPI and FreeBSD (Part 1) http://www.slideshare.net/rootlabs/acpi-and-freebsd-part-1
An introduction to ACPI for developers. Includes an example tracing a power management event from the hardware up through the OS and back down. Intended to get other kernel developers interested in helping me maintain FreeBSD’s ACPI layer. Given at the Bay Area FreeBSD User’s Group, May 3, 2006.]]>
An introduction to ACPI for developers. Includes an example tracing a power management event from the hardware up through the OS and back down. Intended to get other kernel developers interested in helping me maintain FreeBSD’s ACPI layer. Given at the Bay Area FreeBSD User’s Group, May 3, 2006.]]> Wed, 10 Jun 2009 17:14:09 GMT http://www.slideshare.net/rootlabs/acpi-and-freebsd-part-1 rootlabs@slideshare.net(rootlabs) ACPI and FreeBSD (Part 1) rootlabs An introduction to ACPI for developers. Includes an example tracing a power management event from the hardware up through the OS and back down. Intended to get other kernel developers interested in helping me maintain FreeBSD’s ACPI layer. Given at the Bay Area FreeBSD User’s Group, May 3, 2006. <img src="http://cdn.slidesharecdn.com/acpi20060503-090610121410-phpapp02-thumbnail-2?1244656241" alt ="" style="border:1px solid #C3E6D8;float:right;" /> An introduction to ACPI for developers. Includes an example tracing a power management event from the hardware up through the OS and back down. Intended to get other kernel developers interested in helping me maintain FreeBSD’s ACPI layer. Given at the Bay Area FreeBSD User’s Group, May 3, 2006. ACPI and FreeBSD (Part 1)

View more documents from Nate Lawson.

]]> 201 0 http://cdn.slidesharecdn.com/acpi20060503-090610121410-phpapp02-thumbnail-2?1244656241 presentation http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

Foundations of Platform Security http://www.slideshare.net/rootlabs/foundations-of-platform-security
Uses the concept of asymmetry as a foundation for analyzing the security of various systems. Asymmetry in security is the property where mounting an attack is much more difficult for the attacker than the defender’s effort required to maintain security. Platform design principles, including a study of sendmail vs. qmail architectures, are recommended for those who are designing their own systems. Given to a SJSU security class on May 1, 2006.]]>
Uses the concept of asymmetry as a foundation for analyzing the security of various systems. Asymmetry in security is the property where mounting an attack is much more difficult for the attacker than the defender’s effort required to maintain security. Platform design principles, including a study of sendmail vs. qmail architectures, are recommended for those who are designing their own systems. Given to a SJSU security class on May 1, 2006.]]> Wed, 10 Jun 2009 17:12:37 GMT http://www.slideshare.net/rootlabs/foundations-of-platform-security rootlabs@slideshare.net(rootlabs) Foundations of Platform Security rootlabs Uses the concept of asymmetry as a foundation for analyzing the security of various systems. Asymmetry in security is the property where mounting an attack is much more difficult for the attacker than the defender’s effort required to maintain security. Platform design principles, including a study of sendmail vs. qmail architectures, are recommended for those who are designing their own systems. Given to a SJSU security class on May 1, 2006. <img src="http://cdn.slidesharecdn.com/sjsu20060501-090610121241-phpapp02-thumbnail-2?1244656340" alt ="" style="border:1px solid #C3E6D8;float:right;" /> Uses the concept of asymmetry as a foundation for analyzing the security of various systems. Asymmetry in security is the property where mounting an attack is much more difficult for the attacker than the defender’s effort required to maintain security. Platform design principles, including a study of sendmail vs. qmail architectures, are recommended for those who are designing their own systems. Given to a SJSU security class on May 1, 2006. Foundations of Platform Security

View more documents from Nate Lawson.

]]> 165 0 http://cdn.slidesharecdn.com/sjsu20060501-090610121241-phpapp02-thumbnail-2?1244656340 presentation http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

Using FreeBSD to Design a Secure Digital Cinema Server (Usenix 2004) http://www.slideshare.net/rootlabs/using-freebsd-to-design-a-secure-digital-cinema-server-usenix-2004
Case study of a project I did of interfacing a proprietary digital cinema server to a FreeBSD machine, configured to act as a SCSI target. Also contains an analysis of NetBSD’s CGD disk encryption with respect to several less common security models. While CGD (and similar products) focus on providing privacy if an attacker has one-time read-only access to the ciphertext, they were not designed to address other threat models. Talk given at Usenix 2004.]]>
Case study of a project I did of interfacing a proprietary digital cinema server to a FreeBSD machine, configured to act as a SCSI target. Also contains an analysis of NetBSD’s CGD disk encryption with respect to several less common security models. While CGD (and similar products) focus on providing privacy if an attacker has one-time read-only access to the ciphertext, they were not designed to address other threat models. Talk given at Usenix 2004.]]> Wed, 10 Jun 2009 17:09:51 GMT http://www.slideshare.net/rootlabs/using-freebsd-to-design-a-secure-digital-cinema-server-usenix-2004 rootlabs@slideshare.net(rootlabs) Using FreeBSD to Design a Secure Digital Cinema Server (Usenix 2004) rootlabs Case study of a project I did of interfacing a proprietary digital cinema server to a FreeBSD machine, configured to act as a SCSI target. Also contains an analysis of NetBSD’s CGD disk encryption with respect to several less common security models. While CGD (and similar products) focus on providing privacy if an attacker has one-time read-only access to the ciphertext, they were not designed to address other threat models. Talk given at Usenix 2004. <img src="http://cdn.slidesharecdn.com/usenix20040629-090610120953-phpapp02-thumbnail-2?1244656306" alt ="" style="border:1px solid #C3E6D8;float:right;" /> Case study of a project I did of interfacing a proprietary digital cinema server to a FreeBSD machine, configured to act as a SCSI target. Also contains an analysis of NetBSD’s CGD disk encryption with respect to several less common security models. While CGD (and similar products) focus on providing privacy if an attacker has one-time read-only access to the ciphertext, they were not designed to address other threat models. Talk given at Usenix 2004. Using FreeBSD to Design a Secure Digital Cinema Server (Usenix 2004)

View more documents from Nate Lawson.

]]> 217 0 http://cdn.slidesharecdn.com/usenix20040629-090610120953-phpapp02-thumbnail-2?1244656306 presentation http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

| Get your SlideShare Playlist

]]>

| Get your SlideShare Playlist

]]>

| Get your Presentation Pack

]]>

| Get your Presentation Pack

]]>

Get your own Widget

]]> http://cdn.slidesharecdn.com/profile-photo-rootlabs?1244650838 www.rootlabs.com http://cdn.slidesharecdn.com/google2009cryptostrikesback-090807005811-phpapp01-thumbnail?1249624706 rootlabs/crypto-strikes-back-google-2009-1826045 Crypto Strikes Back! (... http://cdn.slidesharecdn.com/whencryptoattacksyahoo2009-090610132054-phpapp01-thumbnail?1244658644 rootlabs/when-crypto-attacks-yahoo-2009 When Crypto Attacks! (... http://cdn.slidesharecdn.com/rsa2008designingattackingdrm-090610123724-phpapp02-thumbnail?1244655595 rootlabs/designing-and-attacking-drm-rsa-2008 Designing and Attackin...