SlideShare a Scribd company logo

Reflections on Trusting Trust

Download as PPTX, PDF
Y
yeokm1

Video of this presentation can be found here https://engineers.sg/video/security-wednesdays-8-reflections-on-trusting-trust-nus-greyhats--572 The talk I gave at Papers We Love #16 (Singapore) and NUS Greyhats about this Turing award paper "Reflections on Trusting Trust" by Ken Thompson. I also demoed a rudimentary practical implementation of the ideas in the paper. My talk also touched briefly on 2 extra papers "Fully Countering Trust through Diverse Double Compiling" by David Wheeler and "Critique of DDC" by Paul Jakma. The code demos used in the presentation can be found here. https://github.com/yeokm1/reflections-on-trusting-trust

Education
1 of 39
Reflections on Trusting Trust 1. Turing Award Lecture (1984) Given by: Ken Thompson https://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf 2. Fully Countering Trust through Diverse Double Compiling (2009) By: David A. Wheeler http://www.dwheeler.com/trusting-trust/dissertation/wheeler-trusting-trust-ddc.pdf 3. Critique of DDC (2010) By: Paul Jakma https://pjakma.files.wordpress.com/2010/09/critique-ddc.pdf SP Digital Tech Talk (9 Mar 2017) Security Wednesdays #8 @ NUS Greyhats (9 Mar 2016) Papers We Love #16 (25 Jan 2016) By: Yeo Kheng Meng (yeokm1@gmail.com) https://github.com/yeokm1/reflections-of-trusting-trust 1
• Ken Thompson (left) and Dennis Ritchie • 1983 Turing award for their work on Unix • Thompson presented “Reflections on Trusting Trust” in his acceptance speech • One of the important publications in Computer Science • https://en.wikipedia.org/wiki/List_of_important_publications_in_computer_science#Security 2
Opening Statement “To what extent should one trust a statement that a program is free of Trojan horses? Perhaps it is more important to trust the people who wrote the software.” 3
The problem • How do we know a program is safe? • Inspect the program’s source code. • But isn’t the program source code compiled by a compiler? • Inspect the compiler’s source code, eg. GCC • But isn’t the compiler compiled by another compiler? • Self-hosting compilers compile themselves • -> Eg. GCC compiles GCC • So how? How deep do we go down the rabbit hole? 4
Real-life compiler attacks • Injects malicious code into compiled apps • Xcodeghost (found Sept 2015) • Malicious Xcode compiler hosted on Chinese websites • Injects spyware into output binary • Win32/Induc.A virus and its successors (found 2009) • Modifies Delphi Compiler • Injects malicious code into output binary • Create a botnet • Further infects other Delphi compilers 5Xcodeghost image: https://nakedsecurity.sophos.com/2015/11/09/apples-xcodeghost-malware-still-in-the-machine/
Presentation objective Modify a compiler to: 1. Add malicious code to targeted compiled source eg, login program 2. Add malicious code to compiler binary to propagate behaviour 3. Not leave a trace in compiler source 4. Subverting verification 6
4 stages of ”proof” 1. Self-reproducing program (Quine) 2. Knowledge perpetuation (Compiler bootstrapping) 3. The attack 4. Conclusion 7
1a. Self-reproducing program (Quine) • A source program that, when compiled and executed, will produce as output an exact copy of its source. (Thompson) • To show 1. A program can be written by another program 2. A program can output extra text not relevant to logic (comments) 8
1b. Demo 9 Step Command Compile gcc quine.c -o quine.out Run ./quine.out Redirect output to file ./quine.out > newquine.c Open with text editor Use sublime/notepad Show equivalence diff quine.c newquine.c Go to stage1 directory:
2a. Knowledge propagation • Knowledge gained in first iteration of compiler passed down to subsequent “generations” • Compiler bootstrapping • Recognising a new data type • Compiler own source code can use the new data type 10
2b. My ”clean” compiler • ”compiler.c” • Reads input source file • Passes source file contents to GCC via stdin • Prints source file contents to stdout 11
2c. Clean compiler demo • Compile my compiler with existing compiler eg. GCC • We can now discard GCC • Use my compiler to compile hello world program (hw.c) 12 Step Command Go to codes directory cd codes Compile my compiler with gcc gcc compiler.c –o clean-compiler.out Go to stage 2 directory cd stage2 Compile hello world ../clean-compiler.out hw.c –o hw.out Run hw.out ./hw.out
2d. New C keyword • The “uint1” datatype, same as “char” 13 Step Command Open hw-new.c open hw-new.c Compile with existing compiler (Existing compiler does not recognise ”uint1”) ../clean-compiler.out hw-new.c -o hw-new.out Open training-compiler.c open training-compiler.c Use existing compiler to compile “training-compiler.c” ../clean-compiler.out training-compiler.c –o training-compiler.out Use training compiler to compile hw-new.c ./training-compiler.out hw-new.c -o hw-new.out Run hw-new ./hw-new.out
2e. Compiler source uses new keyword • Compiler source code adopts “uint1” • Use training compiler to compile trained compiler • ./training-compiler.out trained-compiler.c -o trained-compiler.out • Final compiler is now trained • ./trained-compiler.out hw-new.c -o hw-new.out • ./hw-new.out 14
What we have learned so far? 1. A program can output another program even itself. 2. A program can output extra text not relevant to printing itself. 3. Compiler bootstrapping 15
3a. The attack If login.c is a program responsible for logins, add an undetectable backdoor to login.c 16
3b. login.c 17 • Checks username/password combination via command-line arguments • Commands: • cd stage3 • ../clean-compiler.out login.c -o login.out • ./login.out username passsword
3c. login-hacked.c 18 • Adds backdoor account • Commands: • ../clean-compiler.out login-hacked.c -o login-hacked.out • ./login-hacked.out hacker i-hate-numbers
3d. compiler-hack-login.c 19 • Compiler adds backdoor code when it sees login.c • Commands: • ../clean-compiler.out compiler-hack-login.c -o compiler-hack-login.out • ./compiler-hack-login.out login.c -o bad-login.out • ./bad-login.out hacker i-hate-numbers Code… Code… Position to inject code: “printf(TEXT_UNAUTHORISED)” Pre-injected code Post-injected code Injected code
3e. compiler-hack-itself.c 20 • Evil compiler adds malicious code to itself when it sees compiler.c. • Initial compile command: • ../clean-compiler.out compiler-hack-itself.c -o compiler-hack-itself.out • We can now discard compiler-hack-itself.c • Evil compiler hacking login • ./compiler-hack-itself.out login.c -o evil-login.out • ./evil-login.out hacker i-hate-numbers • Evil compiler hacking its clean compiler source • ./compiler-hack-itself.out ../compiler.c -o evil-child-compiler.out • Evil child compiler hacking login • ./evil-child-compiler.out login.c -o still-evil-login.out • ./still-evil-login.out hacker i-hate-numbers • Evil child compiler still hacks compiler source code • ./evil-child-compiler.out ../compiler.c -o evil-child-compiler2.out
Summary of stage 3 21 C-Compiler binary C-Compiler C- compiler source C-Compiler malicious binary Login source C-compiler malicious source Reference: http://scienceblogs.com/goodmath/2007/04/15/strange-loops-dennis-ritchie-a/ Login binary C-Compiler malicious binary Login malicious binary
Verifying the compiler binary • Compare SHA256 hash with expected value • Expected SHA-256 hash • shasum -a 256 ../clean-compiler.out • 4ab998d76103ef5771c7ed9b2b89ddeced9f315995c901226ef655c4281be255 • Obtained SHA-256 hash • shasum -a 256 compiler-hack-itself.out • bd1a06fccd3e0ff86a9bd4cc612402bb8b43d68a7f6b3c4fcf72446e50d61a40 22 Sha256 of clean compiler: 4ab998d76103ef5771c7ed9b2b89ddeced9f315995c901226ef655c4281be255
4a. Subverting verification • Can we prevent the user from detecting the bugged compiler? • We can subvert the SHA256 program 23
4b. mysha256.c 24 • Calculates SHA-256 hash of target file • Commands: • cd stage4 • ../clean-compiler.out mysha256.c -o mysha256.out • ./mysha256.out ../clean-compiler.out • ./mysha256.out ../stage3/compiler-hack-itself.out https://github.com/B-Con/crypto-algorithms Sha256 of clean compiler: 4ab998d76103ef5771c7ed9b2b89ddeced9f315995c901226ef655c4281be255 Sha256 of malicious compiler: bd1a06fccd3e0ff86a9bd4cc612402bb8b43d68a7f6b3c4fcf72446e50d61a40
4c. mysha256-hacked.c 25 • Returns expected hash if compiler is detected • Commands: • ../clean-compiler.out mysha256-hacked.c -o mysha256-hacked.out • ./mysha256-hacked.out ../clean-compiler.out • ./mysha256-hacked.out ../stage3/compiler-hack-itself.out • shasum -a 256 ../stage3/compiler-hack-itself.out Sha256 of clean compiler: 4ab998d76103ef5771c7ed9b2b89ddeced9f315995c901226ef655c4281be255
4d. compiler-hack-ultimate.c 26 • Ultimate compiler adds malicious code to itself when it sees compiler.c. • Initial compile command: • ../clean-compiler.out compiler-hack-ultimate.c -o compiler-hack-ultimate.out • We can now discard compiler-hack-ultimate.c • Ultimate compiler hacking mysha256 • ./compiler-hack-ultimate.out mysha256.c -o evil-mysha256.out • ./evil-mysha256.out compiler-hack-ultimate.out • shasum -a 256 compiler-hack-ultimate.out • Ultimate compiler hacking its clean compiler source • ./compiler-hack-ultimate.out ../compiler.c -o ultimate-child-compiler.out • Ultimate child compiler hacking mysha256 • ./ultimate-child-compiler.out mysha256.c -o evil-mysha256.out • ./evil-mysha256.out ultimate-child-compiler.out • Ultimate child compiler still hacks compiler source code • ./ultimate-child-compiler.out ../compiler.c -o ultimate-child-compiler2.out Sha256 of clean compiler: 4ab998d76103ef5771c7ed9b2b89ddeced9f315995c901226ef655c4281be255
Thompson’s conclusion • “You can’t trust code that you did not totally create yourself” • “No amount of source-level verification or scrutiny will protect you from using untrusted code.” • “We can go lower to avoid detection like assembler, loader or microcode” • -> You always have to trust somebody 27
Possible defense? • “Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) - Countering Trojan Horse attacks on Compilers” • 2009 PhD dissertation of David A. Wheeler • George Mason University • http://www.dwheeler.com/trusting-trust/dissertation/wheeler-trusting-trust-ddc.pdf 28
5a. Diverse Double Compiling (DDC) • Objective • To detect the trusting-trust attack • Requirements • Use another compiler in the verification process • ≥2 compilers, one of which is under test • Source code of compiler under test needs to be available 29
5b. DDC Process • Assume we are using GCC and Tiny C (tcc) compilers • We suspect GCC is malicious and want to test it • Compiler-under-test : GCC • Independent-compiler: TCC • Independent-compiler can be: • Small: just enough code to compile compiler-under-test • Inefficient 30
5c. DDC Process 31 GCC TCCSourceGCC SourceGCC GCC (c. GCC) GCC (c. TCC) GCC (c. GCC, c. GCC) SourceGCC Self-regeneration test (Control) GCC (c. GCC, c. TCC) SourceGCC Should be identical Compiler-under-test: GCC Independent-compiler: TCC
5c. Why this works? • TCC can be malicious but unlikely to be malicious in a way that affects GCC • Hacker must compromise both GCC and TCC in the same way. • Easier to review smaller verifying-compiler source code 32
5d. DDC Scaling 33 GCC IntelSourceGCC GCC (c. GCC) GCC (c. Intel) GCC (c. GCC, c. GCC) SourceGCC Self-regeneration test (Control) GCC (c. GCC, c.Intel) Should all be identical Compiler-under-test: GCC Independent-compilers: TCC, Intel • Hacker must compromise GCC, TCC and Intel to be successful • O(n2) problem for hackers, O(n) for defenders TCC GCC (c. TCC) GCC (c. GCC, c. TCC)
Critique of DDC • Critique of Diverse Double-Compiling • 20 September 2010 • By: Paul Jakma • PhD student, University of Glasgow • https://pjakma.files.wordpress.com/2010/09/critique-ddc.pdf 34
6a. Must trust independent compiler • We just ignore the untrusted compiler binary • Just bootstrap compiler-under-test with independent compiler • -> Still have to trust independent compiler • -> Thompson is still correct 35 C-Compiler backdoor binary
6b. Multiple DDC infeasible • DDC scaling infeasible in practice • Compiler bugs/source code has to be adjusted to allow compilibility by others • Time consuming (eg. GCC takes ~2 hours to compile GCC) • O(n) vs O(n2), ”n” is still small. • Not many C compilers in existence, organisation/nation with large resources can subvert common compilers. 36 GCC IntelSourceGCC GCC (c. GCC) GCC (c. Intel) GCC (c. GCC, c. GCC) SourceGCC Self-regeneration test (Control) GCC (c. GCC, c.Intel) TCC GCC (c. TCC) GCC (c. GCC, c. TCC)
6c. Attacks not restricted to compiler level • Wheeler assumes attacks occur on compile-time • An external virus can get the job done equally • Can affect both compiler-under-test and independent compiler 37
Jakma’s conclusion • DDC is not foolproof • Still useful to flag discrepancies for further examination 38
Do you still trust your compiler? 39 By: Yeo Kheng Meng (yeokm1@gmail.com) https://github.com/yeokm1/reflections-of-trusting-trust

Recommended

Linux-wpan: IEEE 802.15.4 and 6LoWPAN in the Linux Kernel - BUD17-120
Linux-wpan: IEEE 802.15.4 and 6LoWPAN in the Linux Kernel - BUD17-120Linux-wpan: IEEE 802.15.4 and 6LoWPAN in the Linux Kernel - BUD17-120
Linux-wpan: IEEE 802.15.4 and 6LoWPAN in the Linux Kernel - BUD17-120Linaro
 
Public Key Encryption & Hash functions
Public Key Encryption & Hash functionsPublic Key Encryption & Hash functions
Public Key Encryption & Hash functionsDr.Florence Dayana
 
12 symmetric key cryptography
12 symmetric key cryptography12 symmetric key cryptography
12 symmetric key cryptographydrewz lin
 
IP Sec - Basic Concepts
IP Sec - Basic ConceptsIP Sec - Basic Concepts
IP Sec - Basic ConceptsAvadhesh Agrawal
 
Network Traffic Analysis With Wireshark.pptx
Network Traffic Analysis With Wireshark.pptxNetwork Traffic Analysis With Wireshark.pptx
Network Traffic Analysis With Wireshark.pptxArifinChowdhury2
 
Chapter- I introduction
Chapter- I introductionChapter- I introduction
Chapter- I introductionDr.Florence Dayana
 
Linux System Programming - File I/O
Linux System Programming - File I/O Linux System Programming - File I/O
Linux System Programming - File I/O YourHelper1
 
Windows Forensic 101
Windows Forensic 101Windows Forensic 101
Windows Forensic 101Digit Oktavianto
 

Recommended

Linux-wpan: IEEE 802.15.4 and 6LoWPAN in the Linux Kernel - BUD17-120
Linux-wpan: IEEE 802.15.4 and 6LoWPAN in the Linux Kernel - BUD17-120Linux-wpan: IEEE 802.15.4 and 6LoWPAN in the Linux Kernel - BUD17-120
Linux-wpan: IEEE 802.15.4 and 6LoWPAN in the Linux Kernel - BUD17-120Linaro
 
Public Key Encryption & Hash functions
Public Key Encryption & Hash functionsPublic Key Encryption & Hash functions
Public Key Encryption & Hash functionsDr.Florence Dayana
 
12 symmetric key cryptography
12 symmetric key cryptography12 symmetric key cryptography
12 symmetric key cryptographydrewz lin
 
IP Sec - Basic Concepts
IP Sec - Basic ConceptsIP Sec - Basic Concepts
IP Sec - Basic ConceptsAvadhesh Agrawal
 
Network Traffic Analysis With Wireshark.pptx
Network Traffic Analysis With Wireshark.pptxNetwork Traffic Analysis With Wireshark.pptx
Network Traffic Analysis With Wireshark.pptxArifinChowdhury2
 
Chapter- I introduction
Chapter- I introductionChapter- I introduction
Chapter- I introductionDr.Florence Dayana
 
Linux System Programming - File I/O
Linux System Programming - File I/O Linux System Programming - File I/O
Linux System Programming - File I/O YourHelper1
 
Windows Forensic 101
Windows Forensic 101Windows Forensic 101
Windows Forensic 101Digit Oktavianto
 
Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Cleverence Kombe
 
Network scanning
Network scanningNetwork scanning
Network scanningoceanofwebs
 
Cyber Security - Unit - 2 - Network Defense tools Firewalls and Packet Filters
Cyber Security - Unit - 2 - Network Defense tools Firewalls and Packet FiltersCyber Security - Unit - 2 - Network Defense tools Firewalls and Packet Filters
Cyber Security - Unit - 2 - Network Defense tools Firewalls and Packet FiltersGyanmanjari Institute Of Technology
 
Enumeration and system hacking
Enumeration and system hackingEnumeration and system hacking
Enumeration and system hackingbegmohsin
 
Step By Step How To Install Oracle XE
Step By Step How To Install Oracle XEStep By Step How To Install Oracle XE
Step By Step How To Install Oracle XEAchmad Solichin
 
Symmetric Key Algorithm
Symmetric Key AlgorithmSymmetric Key Algorithm
Symmetric Key AlgorithmSHUBHA CHATURVEDI
 
Backdoor
BackdoorBackdoor
Backdoorphanleson
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
Windows Registry Forensics - Artifacts
Windows Registry Forensics - Artifacts Windows Registry Forensics - Artifacts
Windows Registry Forensics - Artifacts MD SAQUIB KHAN
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Unix signals
Unix signalsUnix signals
Unix signalsIsaac George
 
CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)Sam Bowne
 
CNS - Unit - 2 - Stream Ciphers and Block Ciphers
CNS - Unit - 2 - Stream Ciphers and Block CiphersCNS - Unit - 2 - Stream Ciphers and Block Ciphers
CNS - Unit - 2 - Stream Ciphers and Block CiphersGyanmanjari Institute Of Technology
 
CISSP Prep: Ch 5. Communication and Network Security (Part 1)
CISSP Prep: Ch 5. Communication and Network Security (Part 1)CISSP Prep: Ch 5. Communication and Network Security (Part 1)
CISSP Prep: Ch 5. Communication and Network Security (Part 1)Sam Bowne
 
Firewalls and packet filters
Firewalls and packet filtersFirewalls and packet filters
Firewalls and packet filtersMOHIT AGARWAL
 
100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdf100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdfMAHESHUMANATHGOPALAK
 
Ike
IkeIke
Ikeshashi712
 
Basic malware analysis
Basic malware analysisBasic malware analysis
Basic malware analysissecurityxploded
 
Security in Windows operating system
Security in Windows operating systemSecurity in Windows operating system
Security in Windows operating systemabdullah roomi
 
Belgian eID cards - technicalities
Belgian eID cards - technicalitiesBelgian eID cards - technicalities
Belgian eID cards - technicalitiesbeires
 
Windows 3.1 (WFW) on vintage and modern hardware
Windows 3.1 (WFW) on vintage and modern hardwareWindows 3.1 (WFW) on vintage and modern hardware
Windows 3.1 (WFW) on vintage and modern hardwareyeokm1
 
Distance Machine Locker
Distance Machine LockerDistance Machine Locker
Distance Machine Lockeryeokm1
 

More Related Content

What's hot

Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Cleverence Kombe
 
Network scanning
Network scanningNetwork scanning
Network scanningoceanofwebs
 
Cyber Security - Unit - 2 - Network Defense tools Firewalls and Packet Filters
Cyber Security - Unit - 2 - Network Defense tools Firewalls and Packet FiltersCyber Security - Unit - 2 - Network Defense tools Firewalls and Packet Filters
Cyber Security - Unit - 2 - Network Defense tools Firewalls and Packet FiltersGyanmanjari Institute Of Technology
 
Enumeration and system hacking
Enumeration and system hackingEnumeration and system hacking
Enumeration and system hackingbegmohsin
 
Step By Step How To Install Oracle XE
Step By Step How To Install Oracle XEStep By Step How To Install Oracle XE
Step By Step How To Install Oracle XEAchmad Solichin
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
Windows Registry Forensics - Artifacts
Windows Registry Forensics - Artifacts Windows Registry Forensics - Artifacts
Windows Registry Forensics - Artifacts MD SAQUIB KHAN
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)Sam Bowne
 
CISSP Prep: Ch 5. Communication and Network Security (Part 1)
CISSP Prep: Ch 5. Communication and Network Security (Part 1)CISSP Prep: Ch 5. Communication and Network Security (Part 1)
CISSP Prep: Ch 5. Communication and Network Security (Part 1)Sam Bowne
 
Firewalls and packet filters
Firewalls and packet filtersFirewalls and packet filters
Firewalls and packet filtersMOHIT AGARWAL
 
100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdf100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdfMAHESHUMANATHGOPALAK
 
Security in Windows operating system
Security in Windows operating systemSecurity in Windows operating system
Security in Windows operating systemabdullah roomi
 
Belgian eID cards - technicalities
Belgian eID cards - technicalitiesBelgian eID cards - technicalities
Belgian eID cards - technicalitiesbeires
 

What's hot (20)

Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems
 
Network scanning
Network scanningNetwork scanning
Network scanning
 
Cyber Security - Unit - 2 - Network Defense tools Firewalls and Packet Filters
Cyber Security - Unit - 2 - Network Defense tools Firewalls and Packet FiltersCyber Security - Unit - 2 - Network Defense tools Firewalls and Packet Filters
Cyber Security - Unit - 2 - Network Defense tools Firewalls and Packet Filters
 
Enumeration and system hacking
Enumeration and system hackingEnumeration and system hacking
Enumeration and system hacking
 
Step By Step How To Install Oracle XE
Step By Step How To Install Oracle XEStep By Step How To Install Oracle XE
Step By Step How To Install Oracle XE
 
Symmetric Key Algorithm
Symmetric Key AlgorithmSymmetric Key Algorithm
Symmetric Key Algorithm
 
Backdoor
BackdoorBackdoor
Backdoor
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
Windows Registry Forensics - Artifacts
Windows Registry Forensics - Artifacts Windows Registry Forensics - Artifacts
Windows Registry Forensics - Artifacts
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITY
 
Unix signals
Unix signalsUnix signals
Unix signals
 
CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)
 
CNS - Unit - 2 - Stream Ciphers and Block Ciphers
CNS - Unit - 2 - Stream Ciphers and Block CiphersCNS - Unit - 2 - Stream Ciphers and Block Ciphers
CNS - Unit - 2 - Stream Ciphers and Block Ciphers
 
CISSP Prep: Ch 5. Communication and Network Security (Part 1)
CISSP Prep: Ch 5. Communication and Network Security (Part 1)CISSP Prep: Ch 5. Communication and Network Security (Part 1)
CISSP Prep: Ch 5. Communication and Network Security (Part 1)
 
Firewalls and packet filters
Firewalls and packet filtersFirewalls and packet filters
Firewalls and packet filters
 
100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdf100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdf
 
Ike
IkeIke
Ike
 
Basic malware analysis
Basic malware analysisBasic malware analysis
Basic malware analysis
 
Security in Windows operating system
Security in Windows operating systemSecurity in Windows operating system
Security in Windows operating system
 
Belgian eID cards - technicalities
Belgian eID cards - technicalitiesBelgian eID cards - technicalities
Belgian eID cards - technicalities
 

Viewers also liked

Windows 3.1 (WFW) on vintage and modern hardware
Windows 3.1 (WFW) on vintage and modern hardwareWindows 3.1 (WFW) on vintage and modern hardware
Windows 3.1 (WFW) on vintage and modern hardwareyeokm1
 
Distance Machine Locker
Distance Machine LockerDistance Machine Locker
Distance Machine Lockeryeokm1
 
Raspberry Pi 3 + UART/Bluetooth issues
Raspberry Pi 3 + UART/Bluetooth issuesRaspberry Pi 3 + UART/Bluetooth issues
Raspberry Pi 3 + UART/Bluetooth issuesyeokm1
 
Introduction to Bluetooth Low Energy
Introduction to Bluetooth Low EnergyIntroduction to Bluetooth Low Energy
Introduction to Bluetooth Low Energyyeokm1
 

Viewers also liked (7)

Windows 3.1 (WFW) on vintage and modern hardware
Windows 3.1 (WFW) on vintage and modern hardwareWindows 3.1 (WFW) on vintage and modern hardware
Windows 3.1 (WFW) on vintage and modern hardware
 
Distance Machine Locker
Distance Machine LockerDistance Machine Locker
Distance Machine Locker
 
Raspberry Pi 3 + UART/Bluetooth issues
Raspberry Pi 3 + UART/Bluetooth issuesRaspberry Pi 3 + UART/Bluetooth issues
Raspberry Pi 3 + UART/Bluetooth issues
 
Federalism
FederalismFederalism
Federalism
 
Introduction to Bluetooth Low Energy
Introduction to Bluetooth Low EnergyIntroduction to Bluetooth Low Energy
Introduction to Bluetooth Low Energy
 
Chess
ChessChess
Chess
 
Human Impact on the natural Environment
Human Impact on the natural EnvironmentHuman Impact on the natural Environment
Human Impact on the natural Environment
 

Similar to Reflections on Trusting Trust

Reflections on Trusting Trust for Go
Reflections on Trusting Trust for GoReflections on Trusting Trust for Go
Reflections on Trusting Trust for Goyeokm1
 
Using openCV 3.2.0 with CodeBlocks
Using openCV 3.2.0 with CodeBlocksUsing openCV 3.2.0 with CodeBlocks
Using openCV 3.2.0 with CodeBlocksWei-Wen Hsu
 
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWER
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWERContinuous Integration with Cloud Foundry Concourse and Docker on OpenPOWER
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWERIndrajit Poddar
 
Mitigate potential compliance risks
Mitigate potential compliance risksMitigate potential compliance risks
Mitigate potential compliance risksJürgen Brüder
 
U boot source clean up project how-to
U boot source clean up project how-toU boot source clean up project how-to
U boot source clean up project how-toMacpaul Lin
 
Automate Your Automation | DrupalCon Vienna
Automate Your Automation | DrupalCon ViennaAutomate Your Automation | DrupalCon Vienna
Automate Your Automation | DrupalCon ViennaPantheon
 
Learn Electron for Web Developers
Learn Electron for Web DevelopersLearn Electron for Web Developers
Learn Electron for Web DevelopersKyle Cearley
 
Continuous Delivery, Continuous Integration
Continuous Delivery, Continuous Integration Continuous Delivery, Continuous Integration
Continuous Delivery, Continuous Integration Amazon Web Services
 
Bounded Model Checking for C Programs in an Enterprise Environment
Bounded Model Checking for C Programs in an Enterprise EnvironmentBounded Model Checking for C Programs in an Enterprise Environment
Bounded Model Checking for C Programs in an Enterprise EnvironmentAdaCore
 
Gnubs-pres-foss-cdac-sem
Gnubs-pres-foss-cdac-semGnubs-pres-foss-cdac-sem
Gnubs-pres-foss-cdac-semSagun Baijal
 
Gnubs pres-foss-cdac-sem
Gnubs pres-foss-cdac-semGnubs pres-foss-cdac-sem
Gnubs pres-foss-cdac-semSagun Baijal
 
ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)
ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)
ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)DynamicInfraDays
 
Owning computers without shell access 2
Owning computers without shell access 2Owning computers without shell access 2
Owning computers without shell access 2Royce Davis
 
Ci for i-os-codemash-01.2013
Ci for i-os-codemash-01.2013Ci for i-os-codemash-01.2013
Ci for i-os-codemash-01.2013Kevin Munc
 
DEF CON 27 - workshop - RICHARD GOLD - mind the gap
DEF CON 27 - workshop - RICHARD GOLD - mind the gapDEF CON 27 - workshop - RICHARD GOLD - mind the gap
DEF CON 27 - workshop - RICHARD GOLD - mind the gapFelipe Prado
 
How to add system calls to OS/161
How to add system calls to OS/161How to add system calls to OS/161
How to add system calls to OS/161Xiao Qin
 
Code quality par Simone Civetta
Code quality par Simone CivettaCode quality par Simone Civetta
Code quality par Simone CivettaCocoaHeads France
 
Project Malware AnalysisCS 6262 Project 3Agenda.docx
Project Malware AnalysisCS 6262 Project 3Agenda.docxProject Malware AnalysisCS 6262 Project 3Agenda.docx
Project Malware AnalysisCS 6262 Project 3Agenda.docxbriancrawford30935
 
macOS Vulnerabilities Hiding in Plain Sight
macOS Vulnerabilities Hiding in Plain SightmacOS Vulnerabilities Hiding in Plain Sight
macOS Vulnerabilities Hiding in Plain SightCsaba Fitzl
 

Similar to Reflections on Trusting Trust (20)

Reflections on Trusting Trust for Go
Reflections on Trusting Trust for GoReflections on Trusting Trust for Go
Reflections on Trusting Trust for Go
 
Using openCV 3.2.0 with CodeBlocks
Using openCV 3.2.0 with CodeBlocksUsing openCV 3.2.0 with CodeBlocks
Using openCV 3.2.0 with CodeBlocks
 
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWER
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWERContinuous Integration with Cloud Foundry Concourse and Docker on OpenPOWER
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWER
 
Mitigate potential compliance risks
Mitigate potential compliance risksMitigate potential compliance risks
Mitigate potential compliance risks
 
U boot source clean up project how-to
U boot source clean up project how-toU boot source clean up project how-to
U boot source clean up project how-to
 
Automate Your Automation | DrupalCon Vienna
Automate Your Automation | DrupalCon ViennaAutomate Your Automation | DrupalCon Vienna
Automate Your Automation | DrupalCon Vienna
 
Learn Electron for Web Developers
Learn Electron for Web DevelopersLearn Electron for Web Developers
Learn Electron for Web Developers
 
Continuous Delivery, Continuous Integration
Continuous Delivery, Continuous Integration Continuous Delivery, Continuous Integration
Continuous Delivery, Continuous Integration
 
Bounded Model Checking for C Programs in an Enterprise Environment
Bounded Model Checking for C Programs in an Enterprise EnvironmentBounded Model Checking for C Programs in an Enterprise Environment
Bounded Model Checking for C Programs in an Enterprise Environment
 
Gnubs-pres-foss-cdac-sem
Gnubs-pres-foss-cdac-semGnubs-pres-foss-cdac-sem
Gnubs-pres-foss-cdac-sem
 
Gnubs pres-foss-cdac-sem
Gnubs pres-foss-cdac-semGnubs pres-foss-cdac-sem
Gnubs pres-foss-cdac-sem
 
ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)
ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)
ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)
 
Owning computers without shell access 2
Owning computers without shell access 2Owning computers without shell access 2
Owning computers without shell access 2
 
Ci for i-os-codemash-01.2013
Ci for i-os-codemash-01.2013Ci for i-os-codemash-01.2013
Ci for i-os-codemash-01.2013
 
DEF CON 27 - workshop - RICHARD GOLD - mind the gap
DEF CON 27 - workshop - RICHARD GOLD - mind the gapDEF CON 27 - workshop - RICHARD GOLD - mind the gap
DEF CON 27 - workshop - RICHARD GOLD - mind the gap
 
How to add system calls to OS/161
How to add system calls to OS/161How to add system calls to OS/161
How to add system calls to OS/161
 
Code quality par Simone Civetta
Code quality par Simone CivettaCode quality par Simone Civetta
Code quality par Simone Civetta
 
Project Malware AnalysisCS 6262 Project 3Agenda.docx
Project Malware AnalysisCS 6262 Project 3Agenda.docxProject Malware AnalysisCS 6262 Project 3Agenda.docx
Project Malware AnalysisCS 6262 Project 3Agenda.docx
 
Libraries
LibrariesLibraries
Libraries
 
macOS Vulnerabilities Hiding in Plain Sight
macOS Vulnerabilities Hiding in Plain SightmacOS Vulnerabilities Hiding in Plain Sight
macOS Vulnerabilities Hiding in Plain Sight
 

More from yeokm1

I became a Private Pilot and this is my story
I became a Private Pilot and this is my storyI became a Private Pilot and this is my story
I became a Private Pilot and this is my storyyeokm1
 
What's inside a Cessna 172 and flying a light plane
What's inside a Cessna 172 and flying a light planeWhat's inside a Cessna 172 and flying a light plane
What's inside a Cessna 172 and flying a light planeyeokm1
 
Speaking at Tech meetups/conferences for Junior Devs
Speaking at Tech meetups/conferences for Junior DevsSpeaking at Tech meetups/conferences for Junior Devs
Speaking at Tech meetups/conferences for Junior Devsyeokm1
 
Meltdown and Spectre
Meltdown and SpectreMeltdown and Spectre
Meltdown and Spectreyeokm1
 
Gentoo on a 486
Gentoo on a 486Gentoo on a 486
Gentoo on a 486yeokm1
 
BLE Localiser (Full) for iOS Dev Scout
BLE Localiser (Full) for iOS Dev ScoutBLE Localiser (Full) for iOS Dev Scout
BLE Localiser (Full) for iOS Dev Scoutyeokm1
 
BLE Localiser for iOS Conf SG 2017
BLE Localiser for iOS Conf SG 2017BLE Localiser for iOS Conf SG 2017
BLE Localiser for iOS Conf SG 2017yeokm1
 
Repair Kopitiam Specialty Tools (Part 2): Short Circuit Limiter
Repair Kopitiam Specialty Tools (Part 2): Short Circuit Limiter Repair Kopitiam Specialty Tools (Part 2): Short Circuit Limiter
Repair Kopitiam Specialty Tools (Part 2): Short Circuit Limiteryeokm1
 
PCB Business Card (Singapore Power)
PCB Business Card (Singapore Power)PCB Business Card (Singapore Power)
PCB Business Card (Singapore Power)yeokm1
 
SP Auto Door Unlocker
SP Auto Door UnlockerSP Auto Door Unlocker
SP Auto Door Unlockeryeokm1
 
SP IoT Doorbell
SP IoT DoorbellSP IoT Doorbell
SP IoT Doorbellyeokm1
 
A Science Project: Building a sound card based on the Covox Speech Thing
A Science Project: Building a sound card based on the Covox Speech ThingA Science Project: Building a sound card based on the Covox Speech Thing
A Science Project: Building a sound card based on the Covox Speech Thingyeokm1
 
A Science Project: Swift Serial Chat
A Science Project: Swift Serial ChatA Science Project: Swift Serial Chat
A Science Project: Swift Serial Chatyeokm1
 
The slide rule
The slide ruleThe slide rule
The slide ruleyeokm1
 
Repair Kopitiam Circuit Breaker Training
Repair Kopitiam Circuit Breaker TrainingRepair Kopitiam Circuit Breaker Training
Repair Kopitiam Circuit Breaker Trainingyeokm1
 
A2: Analog Malicious Hardware
A2: Analog Malicious HardwareA2: Analog Malicious Hardware
A2: Analog Malicious Hardwareyeokm1
 
Getting Started with Raspberry Pi
Getting Started with Raspberry PiGetting Started with Raspberry Pi
Getting Started with Raspberry Piyeokm1
 
My Life as a Maker
My Life as a MakerMy Life as a Maker
My Life as a Makeryeokm1
 
Talk on The Essential Guide to Electronics in Shenzhen by Andrew 'Bunnie' Huang
Talk on The Essential Guide to Electronics in Shenzhen by Andrew 'Bunnie' HuangTalk on The Essential Guide to Electronics in Shenzhen by Andrew 'Bunnie' Huang
Talk on The Essential Guide to Electronics in Shenzhen by Andrew 'Bunnie' Huangyeokm1
 
Repair Kopitiam Specialty Electrical Equipment
Repair Kopitiam Specialty Electrical EquipmentRepair Kopitiam Specialty Electrical Equipment
Repair Kopitiam Specialty Electrical Equipmentyeokm1
 

More from yeokm1 (20)

I became a Private Pilot and this is my story
I became a Private Pilot and this is my storyI became a Private Pilot and this is my story
I became a Private Pilot and this is my story
 
What's inside a Cessna 172 and flying a light plane
What's inside a Cessna 172 and flying a light planeWhat's inside a Cessna 172 and flying a light plane
What's inside a Cessna 172 and flying a light plane
 
Speaking at Tech meetups/conferences for Junior Devs
Speaking at Tech meetups/conferences for Junior DevsSpeaking at Tech meetups/conferences for Junior Devs
Speaking at Tech meetups/conferences for Junior Devs
 
Meltdown and Spectre
Meltdown and SpectreMeltdown and Spectre
Meltdown and Spectre
 
Gentoo on a 486
Gentoo on a 486Gentoo on a 486
Gentoo on a 486
 
BLE Localiser (Full) for iOS Dev Scout
BLE Localiser (Full) for iOS Dev ScoutBLE Localiser (Full) for iOS Dev Scout
BLE Localiser (Full) for iOS Dev Scout
 
BLE Localiser for iOS Conf SG 2017
BLE Localiser for iOS Conf SG 2017BLE Localiser for iOS Conf SG 2017
BLE Localiser for iOS Conf SG 2017
 
Repair Kopitiam Specialty Tools (Part 2): Short Circuit Limiter
Repair Kopitiam Specialty Tools (Part 2): Short Circuit Limiter Repair Kopitiam Specialty Tools (Part 2): Short Circuit Limiter
Repair Kopitiam Specialty Tools (Part 2): Short Circuit Limiter
 
PCB Business Card (Singapore Power)
PCB Business Card (Singapore Power)PCB Business Card (Singapore Power)
PCB Business Card (Singapore Power)
 
SP Auto Door Unlocker
SP Auto Door UnlockerSP Auto Door Unlocker
SP Auto Door Unlocker
 
SP IoT Doorbell
SP IoT DoorbellSP IoT Doorbell
SP IoT Doorbell
 
A Science Project: Building a sound card based on the Covox Speech Thing
A Science Project: Building a sound card based on the Covox Speech ThingA Science Project: Building a sound card based on the Covox Speech Thing
A Science Project: Building a sound card based on the Covox Speech Thing
 
A Science Project: Swift Serial Chat
A Science Project: Swift Serial ChatA Science Project: Swift Serial Chat
A Science Project: Swift Serial Chat
 
The slide rule
The slide ruleThe slide rule
The slide rule
 
Repair Kopitiam Circuit Breaker Training
Repair Kopitiam Circuit Breaker TrainingRepair Kopitiam Circuit Breaker Training
Repair Kopitiam Circuit Breaker Training
 
A2: Analog Malicious Hardware
A2: Analog Malicious HardwareA2: Analog Malicious Hardware
A2: Analog Malicious Hardware
 
Getting Started with Raspberry Pi
Getting Started with Raspberry PiGetting Started with Raspberry Pi
Getting Started with Raspberry Pi
 
My Life as a Maker
My Life as a MakerMy Life as a Maker
My Life as a Maker
 
Talk on The Essential Guide to Electronics in Shenzhen by Andrew 'Bunnie' Huang
Talk on The Essential Guide to Electronics in Shenzhen by Andrew 'Bunnie' HuangTalk on The Essential Guide to Electronics in Shenzhen by Andrew 'Bunnie' Huang
Talk on The Essential Guide to Electronics in Shenzhen by Andrew 'Bunnie' Huang
 
Repair Kopitiam Specialty Electrical Equipment
Repair Kopitiam Specialty Electrical EquipmentRepair Kopitiam Specialty Electrical Equipment
Repair Kopitiam Specialty Electrical Equipment
 

Recently uploaded

_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Micromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersMicromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersChitralekhaTherkar
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 

Recently uploaded (20)

_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Micromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersMicromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of Powders
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 

Reflections on Trusting Trust

  • 1. Reflections on Trusting Trust 1. Turing Award Lecture (1984) Given by: Ken Thompson https://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf 2. Fully Countering Trust through Diverse Double Compiling (2009) By: David A. Wheeler http://www.dwheeler.com/trusting-trust/dissertation/wheeler-trusting-trust-ddc.pdf 3. Critique of DDC (2010) By: Paul Jakma https://pjakma.files.wordpress.com/2010/09/critique-ddc.pdf SP Digital Tech Talk (9 Mar 2017) Security Wednesdays #8 @ NUS Greyhats (9 Mar 2016) Papers We Love #16 (25 Jan 2016) By: Yeo Kheng Meng (yeokm1@gmail.com) https://github.com/yeokm1/reflections-of-trusting-trust 1
  • 2. • Ken Thompson (left) and Dennis Ritchie • 1983 Turing award for their work on Unix • Thompson presented “Reflections on Trusting Trust” in his acceptance speech • One of the important publications in Computer Science • https://en.wikipedia.org/wiki/List_of_important_publications_in_computer_science#Security 2
  • 3. Opening Statement “To what extent should one trust a statement that a program is free of Trojan horses? Perhaps it is more important to trust the people who wrote the software.” 3
  • 4. The problem • How do we know a program is safe? • Inspect the program’s source code. • But isn’t the program source code compiled by a compiler? • Inspect the compiler’s source code, eg. GCC • But isn’t the compiler compiled by another compiler? • Self-hosting compilers compile themselves • -> Eg. GCC compiles GCC • So how? How deep do we go down the rabbit hole? 4
  • 5. Real-life compiler attacks • Injects malicious code into compiled apps • Xcodeghost (found Sept 2015) • Malicious Xcode compiler hosted on Chinese websites • Injects spyware into output binary • Win32/Induc.A virus and its successors (found 2009) • Modifies Delphi Compiler • Injects malicious code into output binary • Create a botnet • Further infects other Delphi compilers 5Xcodeghost image: https://nakedsecurity.sophos.com/2015/11/09/apples-xcodeghost-malware-still-in-the-machine/
  • 6. Presentation objective Modify a compiler to: 1. Add malicious code to targeted compiled source eg, login program 2. Add malicious code to compiler binary to propagate behaviour 3. Not leave a trace in compiler source 4. Subverting verification 6
  • 7. 4 stages of ”proof” 1. Self-reproducing program (Quine) 2. Knowledge perpetuation (Compiler bootstrapping) 3. The attack 4. Conclusion 7
  • 8. 1a. Self-reproducing program (Quine) • A source program that, when compiled and executed, will produce as output an exact copy of its source. (Thompson) • To show 1. A program can be written by another program 2. A program can output extra text not relevant to logic (comments) 8
  • 9. 1b. Demo 9 Step Command Compile gcc quine.c -o quine.out Run ./quine.out Redirect output to file ./quine.out > newquine.c Open with text editor Use sublime/notepad Show equivalence diff quine.c newquine.c Go to stage1 directory:
  • 10. 2a. Knowledge propagation • Knowledge gained in first iteration of compiler passed down to subsequent “generations” • Compiler bootstrapping • Recognising a new data type • Compiler own source code can use the new data type 10
  • 11. 2b. My ”clean” compiler • ”compiler.c” • Reads input source file • Passes source file contents to GCC via stdin • Prints source file contents to stdout 11
  • 12. 2c. Clean compiler demo • Compile my compiler with existing compiler eg. GCC • We can now discard GCC • Use my compiler to compile hello world program (hw.c) 12 Step Command Go to codes directory cd codes Compile my compiler with gcc gcc compiler.c –o clean-compiler.out Go to stage 2 directory cd stage2 Compile hello world ../clean-compiler.out hw.c –o hw.out Run hw.out ./hw.out
  • 13. 2d. New C keyword • The “uint1” datatype, same as “char” 13 Step Command Open hw-new.c open hw-new.c Compile with existing compiler (Existing compiler does not recognise ”uint1”) ../clean-compiler.out hw-new.c -o hw-new.out Open training-compiler.c open training-compiler.c Use existing compiler to compile “training-compiler.c” ../clean-compiler.out training-compiler.c –o training-compiler.out Use training compiler to compile hw-new.c ./training-compiler.out hw-new.c -o hw-new.out Run hw-new ./hw-new.out
  • 14. 2e. Compiler source uses new keyword • Compiler source code adopts “uint1” • Use training compiler to compile trained compiler • ./training-compiler.out trained-compiler.c -o trained-compiler.out • Final compiler is now trained • ./trained-compiler.out hw-new.c -o hw-new.out • ./hw-new.out 14
  • 15. What we have learned so far? 1. A program can output another program even itself. 2. A program can output extra text not relevant to printing itself. 3. Compiler bootstrapping 15
  • 16. 3a. The attack If login.c is a program responsible for logins, add an undetectable backdoor to login.c 16
  • 17. 3b. login.c 17 • Checks username/password combination via command-line arguments • Commands: • cd stage3 • ../clean-compiler.out login.c -o login.out • ./login.out username passsword
  • 18. 3c. login-hacked.c 18 • Adds backdoor account • Commands: • ../clean-compiler.out login-hacked.c -o login-hacked.out • ./login-hacked.out hacker i-hate-numbers
  • 19. 3d. compiler-hack-login.c 19 • Compiler adds backdoor code when it sees login.c • Commands: • ../clean-compiler.out compiler-hack-login.c -o compiler-hack-login.out • ./compiler-hack-login.out login.c -o bad-login.out • ./bad-login.out hacker i-hate-numbers Code… Code… Position to inject code: “printf(TEXT_UNAUTHORISED)” Pre-injected code Post-injected code Injected code
  • 20. 3e. compiler-hack-itself.c 20 • Evil compiler adds malicious code to itself when it sees compiler.c. • Initial compile command: • ../clean-compiler.out compiler-hack-itself.c -o compiler-hack-itself.out • We can now discard compiler-hack-itself.c • Evil compiler hacking login • ./compiler-hack-itself.out login.c -o evil-login.out • ./evil-login.out hacker i-hate-numbers • Evil compiler hacking its clean compiler source • ./compiler-hack-itself.out ../compiler.c -o evil-child-compiler.out • Evil child compiler hacking login • ./evil-child-compiler.out login.c -o still-evil-login.out • ./still-evil-login.out hacker i-hate-numbers • Evil child compiler still hacks compiler source code • ./evil-child-compiler.out ../compiler.c -o evil-child-compiler2.out
  • 21. Summary of stage 3 21 C-Compiler binary C-Compiler C- compiler source C-Compiler malicious binary Login source C-compiler malicious source Reference: http://scienceblogs.com/goodmath/2007/04/15/strange-loops-dennis-ritchie-a/ Login binary C-Compiler malicious binary Login malicious binary
  • 22. Verifying the compiler binary • Compare SHA256 hash with expected value • Expected SHA-256 hash • shasum -a 256 ../clean-compiler.out • 4ab998d76103ef5771c7ed9b2b89ddeced9f315995c901226ef655c4281be255 • Obtained SHA-256 hash • shasum -a 256 compiler-hack-itself.out • bd1a06fccd3e0ff86a9bd4cc612402bb8b43d68a7f6b3c4fcf72446e50d61a40 22 Sha256 of clean compiler: 4ab998d76103ef5771c7ed9b2b89ddeced9f315995c901226ef655c4281be255
  • 23. 4a. Subverting verification • Can we prevent the user from detecting the bugged compiler? • We can subvert the SHA256 program 23
  • 24. 4b. mysha256.c 24 • Calculates SHA-256 hash of target file • Commands: • cd stage4 • ../clean-compiler.out mysha256.c -o mysha256.out • ./mysha256.out ../clean-compiler.out • ./mysha256.out ../stage3/compiler-hack-itself.out https://github.com/B-Con/crypto-algorithms Sha256 of clean compiler: 4ab998d76103ef5771c7ed9b2b89ddeced9f315995c901226ef655c4281be255 Sha256 of malicious compiler: bd1a06fccd3e0ff86a9bd4cc612402bb8b43d68a7f6b3c4fcf72446e50d61a40
  • 25. 4c. mysha256-hacked.c 25 • Returns expected hash if compiler is detected • Commands: • ../clean-compiler.out mysha256-hacked.c -o mysha256-hacked.out • ./mysha256-hacked.out ../clean-compiler.out • ./mysha256-hacked.out ../stage3/compiler-hack-itself.out • shasum -a 256 ../stage3/compiler-hack-itself.out Sha256 of clean compiler: 4ab998d76103ef5771c7ed9b2b89ddeced9f315995c901226ef655c4281be255
  • 26. 4d. compiler-hack-ultimate.c 26 • Ultimate compiler adds malicious code to itself when it sees compiler.c. • Initial compile command: • ../clean-compiler.out compiler-hack-ultimate.c -o compiler-hack-ultimate.out • We can now discard compiler-hack-ultimate.c • Ultimate compiler hacking mysha256 • ./compiler-hack-ultimate.out mysha256.c -o evil-mysha256.out • ./evil-mysha256.out compiler-hack-ultimate.out • shasum -a 256 compiler-hack-ultimate.out • Ultimate compiler hacking its clean compiler source • ./compiler-hack-ultimate.out ../compiler.c -o ultimate-child-compiler.out • Ultimate child compiler hacking mysha256 • ./ultimate-child-compiler.out mysha256.c -o evil-mysha256.out • ./evil-mysha256.out ultimate-child-compiler.out • Ultimate child compiler still hacks compiler source code • ./ultimate-child-compiler.out ../compiler.c -o ultimate-child-compiler2.out Sha256 of clean compiler: 4ab998d76103ef5771c7ed9b2b89ddeced9f315995c901226ef655c4281be255
  • 27. Thompson’s conclusion • “You can’t trust code that you did not totally create yourself” • “No amount of source-level verification or scrutiny will protect you from using untrusted code.” • “We can go lower to avoid detection like assembler, loader or microcode” • -> You always have to trust somebody 27
  • 28. Possible defense? • “Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) - Countering Trojan Horse attacks on Compilers” • 2009 PhD dissertation of David A. Wheeler • George Mason University • http://www.dwheeler.com/trusting-trust/dissertation/wheeler-trusting-trust-ddc.pdf 28
  • 29. 5a. Diverse Double Compiling (DDC) • Objective • To detect the trusting-trust attack • Requirements • Use another compiler in the verification process • ≥2 compilers, one of which is under test • Source code of compiler under test needs to be available 29
  • 30. 5b. DDC Process • Assume we are using GCC and Tiny C (tcc) compilers • We suspect GCC is malicious and want to test it • Compiler-under-test : GCC • Independent-compiler: TCC • Independent-compiler can be: • Small: just enough code to compile compiler-under-test • Inefficient 30
  • 31. 5c. DDC Process 31 GCC TCCSourceGCC SourceGCC GCC (c. GCC) GCC (c. TCC) GCC (c. GCC, c. GCC) SourceGCC Self-regeneration test (Control) GCC (c. GCC, c. TCC) SourceGCC Should be identical Compiler-under-test: GCC Independent-compiler: TCC
  • 32. 5c. Why this works? • TCC can be malicious but unlikely to be malicious in a way that affects GCC • Hacker must compromise both GCC and TCC in the same way. • Easier to review smaller verifying-compiler source code 32
  • 33. 5d. DDC Scaling 33 GCC IntelSourceGCC GCC (c. GCC) GCC (c. Intel) GCC (c. GCC, c. GCC) SourceGCC Self-regeneration test (Control) GCC (c. GCC, c.Intel) Should all be identical Compiler-under-test: GCC Independent-compilers: TCC, Intel • Hacker must compromise GCC, TCC and Intel to be successful • O(n2) problem for hackers, O(n) for defenders TCC GCC (c. TCC) GCC (c. GCC, c. TCC)
  • 34. Critique of DDC • Critique of Diverse Double-Compiling • 20 September 2010 • By: Paul Jakma • PhD student, University of Glasgow • https://pjakma.files.wordpress.com/2010/09/critique-ddc.pdf 34
  • 35. 6a. Must trust independent compiler • We just ignore the untrusted compiler binary • Just bootstrap compiler-under-test with independent compiler • -> Still have to trust independent compiler • -> Thompson is still correct 35 C-Compiler backdoor binary
  • 36. 6b. Multiple DDC infeasible • DDC scaling infeasible in practice • Compiler bugs/source code has to be adjusted to allow compilibility by others • Time consuming (eg. GCC takes ~2 hours to compile GCC) • O(n) vs O(n2), ”n” is still small. • Not many C compilers in existence, organisation/nation with large resources can subvert common compilers. 36 GCC IntelSourceGCC GCC (c. GCC) GCC (c. Intel) GCC (c. GCC, c. GCC) SourceGCC Self-regeneration test (Control) GCC (c. GCC, c.Intel) TCC GCC (c. TCC) GCC (c. GCC, c. TCC)
  • 37. 6c. Attacks not restricted to compiler level • Wheeler assumes attacks occur on compile-time • An external virus can get the job done equally • Can affect both compiler-under-test and independent compiler 37
  • 38. Jakma’s conclusion • DDC is not foolproof • Still useful to flag discrepancies for further examination 38
  • 39. Do you still trust your compiler? 39 By: Yeo Kheng Meng (yeokm1@gmail.com) https://github.com/yeokm1/reflections-of-trusting-trust