Presentation by Evert Smith at the University of Pretoria to the honors class of 2008. The presentation begins by naming the different domains of security and an explanation of C.I.A. A graphical illustration of how attack sophistication vs intruder knowledge has changed between 1990 and 2004 is given. The presentation ends with an explanation of what the security theater is and a few interesting IT security news.

1. …. we come in
THE THEATER WE CALL SECURITY
Presented by Evert Smith
21 July 2008

3. I N
N
T
R
O
D theBreakdown
U •whatisIS ? The light
C •whatDoesitTake? The
T Fu
I
Background - the person
O - the skill

4. Background

5. the domains of security
Security Management Practices
Security Architecture and Models
Preventive Maintenance
Application Development Security
Operations Security
Physical Security
Cryptography
Telecommunications, Network, and Internet Security
Business Continuity Planning
Law, Investigations, and Ethics

6. Security is about C.I.A
Risk drives infosec
Decisions &
Importance decided
by the C.I.A factor
Confidentiality
Examples of C.I.A
Integrity Availability - Email interception
- Cheque fraud
- Messy computer
room

7. * C++
#include <iostream>
* Assembly
int main()
IDEAL
* awk
{ MODELWindows API (in Borland Pascal) World!” }
BEGIN Hello;
program { print “Hello
*
SMALL
std::coutconst “Hello World!n”;
<<
uses WinTypes, WinProcs;
STACKszClassName = „PASCLASS32′;
100h
} DATASEG WndProc(Window:export; Message, WParam: Word;
function
LParam: Longint): Longint;
HWnd;
* HW DB “hello, world”, 13, 10, „$‟
C++|C++/CLI
var
LPPaint : TPaintStruct;
int main() : HDC;
CODESEGTheDC
begin
WndProc := 0;
{ Begin: case Message of
wm_Destroy:
System::Console::WriteLine(”Hello World!”);
MOV AX, @data
begin
PostQuitMessage(0);
} MOV DS, AX
Exit;
end;
wm_Paint:
MOV DX, OFFSET HW
begin
TheDC := BeginPaint(Window, LPPaint);
MOV AH, 09H 5, 5, „hello, world‟, 12);
TextOut(TheDC,
Why doINT 21H issues ? (I’ve been using this for years – cuz it hasn’t
we have
end;
end;
changed)MOV AX, 4C00H
WndProc := DefWindowProc(Window, Message, WParam, LParam);
end;
procedure WinMain;
• TechnologyHWnd; becoming more complex → SLOC
var
INT 21HWindow:
Message: TMsg;
END Begin TWndClass = (
• The Internet not designed to be safe → Redundancy
const
WindowClass:
style: 0;
• Socio-economical changes → Social networks
lpfnWndProc: @WndProc;
cbClsExtra: 0;
cbWndExtra: 0;
• Rushed, Like Whatever → Time is money
hInstance: 0;
hIcon: 0;
hCursor: 0;
hbrBackground: 0;
lpszMenuName: szClassName;

8. Entropy:
Viruses
Patches
Spam
Phishing / Pharming
Hoaxes
Apathy
Malware/Spyware
Hackers

9. Are you
contributing?

11. Who is credited in being the father of the Internet?
Arpanet, Vint Cerf, Bob Khan et al (1975 TCP/IP)
Who invented the mouse ?
Douglas Engelbart (1964)
Who invented e-mail?
Ray Tomlinson (1971)
Who invented the WWW<html>
Tim Brenners-Lee (1988)

12. Security theater consists of security
countermeasures intended to provide the feeling
of improved security while doing little or nothing
to actually improve security
Who says
nucular
?
Security Theater
• Your desk – good defence against nucular attacks
•Airports in the US i.e. Liquid ban, profiling. Gun-shirts
•Shopping malls intensly in your face i.e. Bag checks, guards in gene
• Personal computer security – it’s a joke

13. Security Theater – the human touch
• Security design is about psychology - ignored and
exploited
• The pig vs Security

14. • Unpatched Windows PCs "Own3d" In Less Than Four
Minutes (or Maybe 16 Hours) t
• Spammer Gets 30 Months for Inundating AOL
• Charges Against New Zealand Botmaster Dropped
• Rogue Employee Locks San Francisco's Network
• Review site furious over McAfee SiteAdvisor 'false alert‘
• Facebook Bug Exposes Members' Data

15. #!/bin/bash
# Funcion to prompt questions from audience and appear
# to look intelligent
while [ ! –lt audience. bored ]
do
verbose answering of questions
sleep like forever
done
echo “That’s All Folks. Thanks for Listening.”
….this is where

16. #!/bin/bash
“It’s a pity you have to pay for awesomeness”
evert@sensepost.com
….this is where
