This document summarizes William Cheswick's talk on computer security. Some key points:
1) Current security practices and technologies are not working well, as evidenced by constant data breaches and malware infections. Cheswick argues the status quo is "lousy" and we need to try harder.
2) Cheswick believes computer security can "win" by building platforms that cannot be compromised through user error alone. The goal is computers users can safely use without training.
3) Specific engineering goals are proposed, such as a "rock-solid client", trustworthy hardware, usable crypto, and reasonable expectations of results. The security of Grandma's computer is prioritized.
Situated in Europe, the Middle East, Africa, Asia and North America, IAA Network legal advisors give lawful representation to universal business discretions, speculation bargain interventions and open global law debate around the world.
Приглашение на Чемпионат по ледовому гольфу на БайкалеOlga Bright
Одиннадцатый по счету турнир по ледовому гольфу Baikal Ice Golf Festival 2015 состоится 28 марта на берегу Байкала в Листвянке. Соревнования пройдут на уникальной площадке, созданной самой природой. Такой турнир – единственный в России, а во всем мире чемпионат по ледовому гольфу проводится только в Гренландии и на Байкале.
Гольф на льду Байкала – это не просто соревнования, но и возможность увидеть лед Байкала во всей его красе. Замерзшая поверхность озера удивляет своей чистотой и прозрачностью. Метровые, уходящие в глубину льда трещины завораживают, а торосы и другие особенности «ледяного рельефа» обещают добавить игре азарта, сделав ее более непредсказуемой.
Special Topics Day for Engineering Innovation Lecture on CybersecurityMichael Rushanan
This particular presentation covers, at a high level, our national cybersecurity initiative. The content targets prospective high school students and delves into areas of computer science, information systems, and policy.
Red vs. Blue Why we’ve been getting it wrong for 25 yearsEC-Council
Regarded as one of the world’s foremost experts on counter threat intelligence within the Information security industry, Chris Roberts constructs and directs a portfolio of defense services designed to improve the physical and digital security posture of both enterprise and government clients. With increasingly sophisticated attacks on targets of opportunity, Roberts’ unique methods of addressing the evolving threat matrix and experience with all information systems make him an indispensable partner to clients and industries that demand protection of financials, intellectual property, customer data and other protected information from attack.
Humorous discussion presenting some of the kids of risks that face public facing Web sites for corporations ranging from hacking to legal to social media scares. Slides are illustrative in nature and the aim of the talk is more awareness than anything else.
Situated in Europe, the Middle East, Africa, Asia and North America, IAA Network legal advisors give lawful representation to universal business discretions, speculation bargain interventions and open global law debate around the world.
Приглашение на Чемпионат по ледовому гольфу на БайкалеOlga Bright
Одиннадцатый по счету турнир по ледовому гольфу Baikal Ice Golf Festival 2015 состоится 28 марта на берегу Байкала в Листвянке. Соревнования пройдут на уникальной площадке, созданной самой природой. Такой турнир – единственный в России, а во всем мире чемпионат по ледовому гольфу проводится только в Гренландии и на Байкале.
Гольф на льду Байкала – это не просто соревнования, но и возможность увидеть лед Байкала во всей его красе. Замерзшая поверхность озера удивляет своей чистотой и прозрачностью. Метровые, уходящие в глубину льда трещины завораживают, а торосы и другие особенности «ледяного рельефа» обещают добавить игре азарта, сделав ее более непредсказуемой.
Special Topics Day for Engineering Innovation Lecture on CybersecurityMichael Rushanan
This particular presentation covers, at a high level, our national cybersecurity initiative. The content targets prospective high school students and delves into areas of computer science, information systems, and policy.
Red vs. Blue Why we’ve been getting it wrong for 25 yearsEC-Council
Regarded as one of the world’s foremost experts on counter threat intelligence within the Information security industry, Chris Roberts constructs and directs a portfolio of defense services designed to improve the physical and digital security posture of both enterprise and government clients. With increasingly sophisticated attacks on targets of opportunity, Roberts’ unique methods of addressing the evolving threat matrix and experience with all information systems make him an indispensable partner to clients and industries that demand protection of financials, intellectual property, customer data and other protected information from attack.
Humorous discussion presenting some of the kids of risks that face public facing Web sites for corporations ranging from hacking to legal to social media scares. Slides are illustrative in nature and the aim of the talk is more awareness than anything else.
Malware in the Wild: Evolving to Evade DetectionLastline, Inc.
Lastline co-founder and chief architect Engin Kirda presents new insights into malware in the wild including new research coming out of Lastline Labs on high resolution dynamic analysis of Windows kernel root kits at SXSW Interactive.
Workshop on Cyber security and investigationMehedi Hasan
Introduction:
In the fast-evolving digital age of the 21st century, cybersecurity has emerged as a paramount concern for governments, businesses, and individuals. The Workshop on Cybersecurity is a comprehensive and immersive event designed to address the challenges posed by cyber threats and equip participants with the knowledge and tools to safeguard their digital assets. This workshop, to be held over five days, seeks to empower attendees with the latest insights and practices in cyber defense, fostering a culture of resilience and proactive security measures.
Day 1: Understanding the Cyber Landscape
The workshop commences with a deep dive into the complex cyber landscape that defines modern society. Distinguished experts from the cybersecurity field will present an overview of the ever-changing cyber ecosystem, highlighting its interconnectedness and vulnerabilities. Participants will gain valuable insights into the roles of governments, corporations, and individuals in shaping the cyber landscape.
Key topics covered will include the global impact of cyberattacks, the importance of international collaboration in countering cyber threats, and the significance of public-private partnerships. This foundational knowledge will serve as the basis for the subsequent discussions on cyber defense strategies.
Day 2: Unraveling Cyber Threats and Attack Vectors
Day two focuses on understanding the multitude of cyber threats and attack vectors that can target individuals and organizations. Renowned cybersecurity researchers will present real-life case studies of recent cyber incidents, ranging from nation-state-sponsored attacks to financially motivated hacking campaigns. Participants will gain a comprehensive understanding of the tactics employed by threat actors and the motivations behind their actions.
Through interactive sessions, attendees will be immersed in simulated cyber-attack scenarios, enabling them to identify and mitigate potential threats effectively. The day will emphasize the need for a proactive and adaptive approach to cybersecurity, as well as the importance of threat intelligence sharing to bolster collective defense capabilities.
Day 3: Building Robust Cyber Defense Strategies
Day three delves into the development and implementation of robust cyber defense strategies. Experts in the field will introduce participants to cutting-edge tools and technologies that can effectively detect, prevent, and respond to cyber threats. Topics covered will include advanced threat hunting techniques, next-generation firewalls, intrusion detection systems, and incident response best practices.
ITCamp 2018 - Tudor Damian - The cybersecurity landscape is changing. Are you...ITCamp
The past couple of years have brought along new vulnerabilities, exploits and attack methods, as well as new data privacy requirements such as the GDPR. All of these things require significant changes to any existing processes and tools, but most importantly, to people's awareness. Come down for a quick overview and live demos of some of the current cyber threats, especially as they pertain to social engineering vectors.
CSO CXO Series Breakfast in partnership with Kaspersky Lab,, 11th Nov Sydney....CSO_Presentations
This event features an international keynote presentation by Vicente Diaz, Principal Security Researcher with Kaspersky Lab's Global Research and Analysis Team (GReAT). CSO attendees also participated in an interactive top level panel session with key security and business executives sharing their experiences and best-practice solutions - with the ultimate goal of providing a better understanding of how best to survive in today’s ever more-intense security environment.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
3. of about 100
Introduction
• Some things that aren't working
• What I mean by winning
• Engineering goals
• How we might attain them?
• Who are you gonna call?
• Conclusion
3
5. of about 100
Massive data spills
• Credit cards
• TJX, Target, Home Depot, Chase, etc.
• Passwords
• Rockyou, Facebook, Twitter, Linkedin, Google, Adobe, SnapChatDB, EverNote,
Stratfor, …
• Movies, email, etc. (Sony…)
• Major data spills all the time
• I have to check the morning news before I give these talks
5
7. of about 100
Wrong track: virus checkers
• Virus checkers
• Forget the halting problem (solution: ^C)
• Like running background checks on homeless people living in your
bedroom
• StackGuard and similar technologies
• hobo-resistant rugs and furnishings
• Don’t get me wrong: we need these, for now.
7
8. of about 100
Not working: checklists and audits
• Checklists certainly will catch oversights, but you are not
secure when you are done
• PCI audits have missed major, embarrassing intrusions.
• Alas, these are often the response to our endemic
problems.
8
9. of about 100
Not Working: Best current practices
• Perhaps gives legal cover
• Can we actually even do any better?
• Effective solutions seem to be too invasive, too intense
• not good for business
9
10. of about 100
Not working: Laws, General and Specific
• General: nice guidelines, but exactly how much protection
does HIPAA demand
• Specific: see ChecklistsI, above
• Liability: who will be left to write any software if you
demand full liability?
10
11. of about 100
Not working: Things we ask users to do
• Don’t click on attachments, especially of unknown origin.
• Pick an unmemorable password for each of dozens of
sites, and don’t write them down.
• Remember our particular password rules
• Don’t go to bad URLS, e.g. micros0ft.com
11
12. of about 100
Not working: user education
• They don’t (can’t!) understand the complexities of the
computer and making the right decisions.
• Even the experts generally lack all the information needed
to make the fully-informed choice.
• Even if you do know what you are doing, we all use
computers when a little tired sometimes.
12
13. of about 100
Not working: strong passwords
• Forty years of research and experience show that people
can not select and remember a passphrase that is
resistant to a full-blown dictionary attack; and especially
not different ones for dozens of different sites.
• More poor engineering: it just doesn’t work by itself, and isn’t
needed when used with the right authentication tools.
13
14. of about 100
Not working: PKI
• The trusted CA list is way out of hand
• Major attacks find ways around this. Stuxnet, others.
• Try CertPatrol on Firefox to see what is going on
• (Actually, this is a cesspool. Certificate Transparency or similar
efforts?)
14
15. of about 100
Not working: perimeter security and firewalls
• 100,000 hosts is too many to protect
• 40 is about right, for me
• Typical company has 1—2 IP addresses per employee, as
of 2006
• in one case: 5,000 firewalls, with 5,000 rules each?!
• Firewalls: low grade security. Perimeter defenses are easily
penetrated, and that is probably not going to improve much.
15
16. of about 100
Not working: back doors for maintenance
• sendmail in the 1980s
• Passwords into network devices, printers, etc.
• Intel’s SMM, for starters
• Ask your telco folks about widely-known passwords
16
17. of about 100
Failed sandboxes/OSes
• Java - supposed to fix all this in the 1990s
• defeated by native methods
• Operating systems: fighting malicious users since the
1960s
• Many of the lessons have been ignored
17
19. of about 100
The tyranny of legacy systems
• We can’t rewrite this, it’s our whole business, and our
customers rely on it and want enhancements.
• (this started as a good system)
• Case in point: Cisco IOS. You can name a bunch more.
• Successes….
19
20. of about 100
What is the current state of affairs? Lousy!
• Spies are all in our business
• Huge advantage to the attackers
• Crappy client operating systems
• leaky sandboxes
• feature-driven forces poor security choices
• A visit to grandma's house
20
21. of about 100
Apparently, governments aren’t doing too well,
either
• Numerous attacks on .mil
• Citizen hackers
• Insiders: Snowden, Assange, etc.
21
22. of about 100
Stuxnet and Snowden: a peek at the spooks
• Stuxnet: I never dreamed we would learn about it
• Lots of careful, hard work, but mistakes happen
• No real technical surprises: just a lot of hard work
• The spooks have the same problems we do:
• USB sticks, excessive monitoring is counter-productive
• Intellink: Maintaining enclaves
22
23. of about 100
The dog that hasn’t barked
• NSA might be best funded, but certainly isn’t the only
group with similar capabilities.
• There are disincentives to publicize most break-ins
• Evil thoughts: email monitoring can yield M&A information,
blackmail. For congressman, blackmail big time, esp.
phone records.
23
24. of about 100
Sick and Tired
• APT are not Advanced, but certainly Persistent and
Threats
• Most of the attacks are on the same kinds of weaknesses:
we are not making much progress
• Consarn it, I am becoming an old timer!
24
26. of about 100
Why?
• It is early in the game
• We haven’t been trying very hard (!)
• We can spend a lot on generating, testing, and verifying
software, then distribute it for free and have strong
assurances that we got what we we supposed to
• They are our computers, our software, and our networks.
This home-field advantage should be very daunting for
attackers.
26
28. of about 100
The car metaphor
• I didn’t like it: apples and oranges
• Now I do: grapes and raisins
• Consider the Ford Model T:
28
29. of about 100
Ford Model T (1913)
• 20 hp
• ran on gasoline, kerosine,
and ethanol
• rear wheel drive
• two speeds, plus reverse
29
30. of about 100
Ford Model T (1913, cont.)
• grey, green, blue, and red
• 1909–1913; Not black!
• 1913 model (shown) was $550
• four months pay for an assembly line worker.
• Now, with Electric start!
• Modern UI was at least three years away
30
33. of about 100
Some old-timey auto stuff
• Fading terms: choke, “flood the engine”, vapor lock,
double-clutch
• friction point
• My mother had a car you had to back up steep hills
because there wasn’t a fuel pump
• First seat belts (two-point) common in mid-1960s
• “Safety third” —-Mike Rowe
33
35. of about 100
It’s not the driver’s fault if the engine catches fire
• This is an engineering problem.
• We don’t accept most company claims that it is the
driver’s fault.
• “Sudden accelleration events” do seem to involve the
driver hitting the wrong peddle.
• Poor design killed John Denver
35
36. of about 100
You don’t have to be a mechanic to drive
your car, and you shouldn’t have to be a
security expert to use your computer safely.
36
37. of about 100
Long view: it is still early in the computer
revolution
• I know, I know, we aren’t talking UNIVAC or “minicomputers”
any more.
• Moore’s law has gone a very long way.
• The order of things: make it work, then worry about security:
(It Works!)
• rlogin, NFS, X windows, MSFT before 2001.
• But look where we are in UIs: I thought we might get stuck
with MSFT menus, like the QWERTY keyboard
37
38. of about 100
Still early in the computing game: terminal or
desktop?
• Mainframes (Roosevelt)
• Timesharing (Kennedy)
• Minicomputers (Kennedy)
• Workstations (Reagan)
• Client/server
• X terminals and Plan 9 (Reagan)
• Palmtop (Clinton)
• Cloud computing (Bush 43)
38
39. of about 100
UI?
• Tired of listing them, but pinching/tapping/sliding is only
about 10 years old
• Microsoft is migrating away from their awful drop down menus!
• Good UIs are part of the solution
39
41. of about 100
This is going to get better
• I love living in the future
• Velcro, 12-hour nasal spray, surgical “lasers”, routine rockets to
LEO, astonishing computers
• Sick and tired of computer and network security problems
• Hacked for CPU seconds!
• Already a lot of good security work done
• Time sharing, Multics
• Spooks
41
42. of about 100
What Does Winning Look Like?
• Locks in London
• Spiral dives and the artificial horizon
• Vaccines: Rinderpest, Smallpox(?), Polio(?)
• Hotel room doors
• Analog phone cloning
• ATM cards
• Automobile keys
42
43. of about 100
What winning looks like
• You must be present to win.
• No more need for training about clicking on bad things
• More non-IT time with grandma.
43
44. of about 100
I think we can win
• Meaning build an affordable computing platform that can’t
be compromised by any user error not involving a screw
driver
• Its our hardware, our software, and our network
connection. We ought to be able to control it, dammit!
• Winning doesn’t mean that your machine can’t misbehave
on the Internet
44
45. of about 100
Winning Doesn’t Mean It’s Perfect
• It never does: there is no such thing
• Winning means good enough
45
46. of about 100
Actually, it is already getting better
• Mellissa? Blaster? Weak network services seem to be
hard to find.
• Software “annealing” and sendmail(8)
• It’s not so much about script kiddies any more.
46
47. of about 100
Some Engineering Specifications Needed for
Winning
• A rock-solid client (Windows OK?)
• Hardware worth of our trust
• Usable crypto
• Reasonable expectations of the results
47
48. of about 100
Design goals for Grandma’s computer
• There’s nothing she can type, tap, swipe, or click on that
will change the software she is running, or change her
trusted computing base.
• There is nothing a remote attacker can do to her computer
without having physical access to the hardware. And
maybe even that is hard work.
48
49. of about 100
To me, this means…
• Static, signed trusted software, possibly not upgradable(!)
• A rock-solid, proven sandbox that we can run alien software
in, particularly HTML5, Java, and Javascript.
• Alien software can be ably and reliably contained and run in a
sandbox that preserves all of the above guarantees.
• The software she runs can be reliably ascribed to a particular
vendor, and that vendor can be confident enough to be willing
to assume significant liability for misbehavior of that software.
49
50. of about 100
Design goals for Grandma’s computer (cont.)
• Grandma has clear indications when she is surfing the
web off of well-defined paths on the Internet.
50
51. of about 100
We have an old-fashioned name for this kind of
software
• It is called an “operating system,” and back in the Nixon
era, we were designing them with these properties in
mind.
• Rapid growth, market forces (that’s you), vast legacy OS
designs that missed the point (VMS -> Windows ->
Windows NT -> …)
• It appears that a vast army of volunteer programmers is
not capable of making small, simple, clean designs.
51
52. of about 100
A solution for 70% of the client machines?
• Grandma
• Employees
• Students
• Troops? (MIL-spec for all!)
52
54. of about 100
Purchasers
• Ask for/insist on reliable machines for your 70%
• Replace legacy stuff with easily-upgraded stuff, when
possible
• Assume you are being watched: what would that look
like?
• Go check.
54
55. of about 100
Target users for this computer
• Grandmas, for large values of grandma
• Most employees and regular computer users
• Most military clients. Grandma could run Milspec.
• Maybe 70% of the market?
• Not gamers.
55
58. of about 100
Security paranoia
• We live in a dark world.
• A lot of thoughts are dismissed as “theoretical”
• But they end up showing up, eventually.
• Here are some examples
58
59. of about 100
Intel’s SMM mode: lurking insecurity
• Been around since the Intel 386. A separate, protected
“maintenance mode”.
• It has always worried me.
• A major player in the the list of specific attacks mentioned
in the Snowden releases.
• The star of several security papers.
59
60. of about 100
Pentium complexity
• Rings 3 and 0
• System Management Mode*
• Virtual machine interface
• Microcode?!
• How bad can a compromised CPU be?
60
* Duflot, Loïc, Daniel Etiemble, and Olivier Grumelard.
Using CPU system management mode to circumvent operating system security functions.
CanSecWest/core06 (2006). http://cs.usfca.edu/~cruse/cs630f06/duflot.pdf
62. of about 100
Usable, trustable crypto
• Johnny still can’t encrypt
• Cryptology is the really hard part
• I think society needs to make a firm choice, and make the
spooks follow.
• We still can’t prove a crypto protocol secure
• “Crypto is a field of endeavor where we hope there won’t
be progress.” —-Matt Blaze
62
63. of about 100
Reasonable expectations
• People will always be able to fool some of the people
• Don’t forget the three B’s: burglary, bribery, and blackmail.
• Any public service can be hit with denial-of-service attacks
• Attribute is going to continue to be a problem, because
the Internet connects to all the bad neighborhoods.
63
65. of about 100
Better than passwords
• Both are much better than passwords
• SNK-004 used symmetric key, known only to device and
server
• PIN known only to device
• SecurID’s key known to device, server, RSA
• SNK was an ε better
65
66. of about 100
ε had a large value
• RSA break-in caused major attacks on a government
contractor and others
• RSA had to reissue fobs
• All of this was because they relied on a (successful)
business model that had a security weakness.
• RSA is not a slouch in the security business.
66
67. of about 100
“The best is the enemy of the good”
• A call for mediocrity in the name of getting something
done.
• Don’t flatter yourself that your efforts are “good”.
• Also, from Soul of a New Machine, “Not all jobs are worth
doing right.”
• This leads to…
67
68. of about 100
Aspects of Virtual Machines worry me
• The kernel/hardware interface is not a natural security
perimeter
• The trusted kernel (DOM0) is generally huge
• Co-resident VMs may leak data, and there are papers
demonstrating this
68
69. of about 100
Aspects of Virtual Machines worry me (cont)
• It seems very hard or impossible to hide the VM’s
activities from the supplier
• Homomorphic encryption is a rat-hole:
• never efficient if even possible
• opens algorithms to a whole new field of attacks similar to traffic analysis
• The virus guys are already doing this, a bit.
69
70. of about 100
Cloud computing
• Clearly there is a use for bulk computing
• Netflix is the best example: high volume, low security
• Security is going to remain an issue
• See VMs (above)
70
71. of about 100
Shared libraries seem like a bad security idea
• You can change a program after it is installed
• A checksum of a binary does not ensure that it is the
same program
• Makes installation in chroot(8) environment more difficult,
and requires extra crap in that envinroment.
71
72. of about 100
Not working: shared and dynamic libraries
• “sshd day zero bug” in 2013 was shared library replacement attack.
• Long history of similar attacks
• implemented to save memory and load time back in the days of
small memory and the X window system
• not worth it
• Make all your binaries static!
• Ditto DLLs
72
73. of about 100
New car troubles: we aren’t learning
• Note: cars now need the second kind of firewall
• Attacks on the CANBUS (It Works!)
• attacks through Bluetooth, evil mp3 files, etc.
• web search for “CANBUS security”
• Tiffany Rad
• Here we go again
73
74. of about 100
Long upgrade chains
• Linus -> ….
• -> ubuntu/redhat/… -> ….
• -> raspberry Pi
• -> DSL modems, routers, printers, wireless base stations
• -> onboard aircraft entertainment systems
• -> travel information displays in airports, subways, etc.
• -> thermostats, refrigerators, etc.
74
75. of about 100
Long upgrade chains (cont.)
• Microsoft -> Windows n ->
• -> office workers
• -> utility machines
• -> FDA -> medical devices
• -> thermostats, refrigerators, etc.
75
76. of about 100
Upgrade chains (cont.)
• Some really ancient system running to dead operating
systems modified by people who retired fifteen years ago
->
• -> that vital, irreplaceable controller on the factory floor
that still has fifteen years left on its depreciation schedule
76
77. of about 100
Good news, everyone!
• Apple pretty much got out of this business.
• Upgrades are very easy and widespread
• They had to rewrite their operating system for the Mac
around 1999
• iOS had some great security ideas built in, perhaps the
most important:
• an app can’t mess with another app’s stuff
77
79. of about 100
Some crappy layers
• Your firewalls to the Internet
• Your employees
• Whatever special arrangements your CEO might have in
place
• Any Microsoft operating system
• Your physical security
79
81. of about 100
Who Are You Gonna Call?
• Hyper-careful industrialists
• Dean Kamen (insulin pumps, wheelchairs)
• Elon Musk (rockets, cars)
81
82. of about 100
Government policies
• Mandate “no back doors”
• Allow/encourage data sharing about attacks
• buy safer computers
82
83. of about 100
Microsoft?
• They certainly turned around in 2001
• Vista and Win7 appear to be vastly more secure than
Windows XP
• This was a huge job. I don’t know how much of the legacy
problem they solved.
83
84. of about 100
Windows OK
• There is nothing you can click, tap, or say that will corrupt
your computer.
• It should be intuitively obvious when you are not visiting a
Fortune 500 web site, or a place you have never searched
before.
• Offers standard services
• It could meet the specs for this dream system.
84
85. of about 100
Do we have this already?
• Jeff Jones (MSFT) said Win 7 was much safer than
corresponding Linux
• Maybe Win 8, too
• Seems like an awfully large hunk of software to declare
victory, and maybe they haven’t.
85
86. of about 100
Apple?
• Macintosh redesigned in late 1990s, on FreeBSD
• Vastly improved, big market success. Does have legacy software that
lagged for a while.
86
87. of about 100
Maybe iOS...
• Certainly Apple tried hard to design security into iOS, and
they had a fresh start, sort of
• App isolation and app walled garden were key security
goals.
• How can we tell? Measure security…
87
88. of about 100
iPhone authentication
• The iPhone looks like a nearly ideal solution
• It is nearly always with us
• It has enough CPU power for strong crypto
• Various sensors are suitable for biometric identification and
authentication
• Location information is readily available
• It seems to be somewhat resistant to attacks.
88
90. of about 100
Apple security?
• I love these devices, so I learned Rejective C and usually
follow their UI advice slavishly.
• NextStep is from the late 1980s, which is okay in itself, but
• retain count stuff went away (mostly) only a couple years ago when
ARC came
• It’s not just my software that crashes
90
91. of about 100
Apple security?
• I don’t see how anyone can have confidence that their
non-trivial program is correct in this system.
• AND…they get jailbroken as soon as there is a new
release. This is not a good sign.
• My best bet for the most secure clients at the moment, but
it is scary
91
92. of about 100
This just in about Apple
• Forensics experts tell me it is getting harder and harder to
jailbreak new Apple iOS releases
• Annealing in action
• A good sign
• But: hackers report secret protocol options and perhaps
back doors.
92
93. of about 100
Google
• A lot of efforts in important areas, with security on their
mind:
• Android
• Chrome
• Chromium
• and go (a nice language)
93
94. of about 100
Android
• Android is the regular and systematic target of security
research papers, probably because it is much more
accessible than iOS.
• As for the apps: “the problem with folk songs is that they
are written by the people.” — Tom Lehrer
• It is also the basis for some brand new attempts at secure
clients, like Boeing Black.
94
95. of about 100
Other players
• Any of these companies could start over, and maybe
some should
• A basic operating system has approximately a $0 billion
startup cost.
95
96. of about 100
Academic and other research groups
• Small teams have produced very interesting operating
systems, and I bet small is going to be an important part of
the answer. Some examples:
• Plan 9, Minix 3
• Peter Neumann, DARPA CRASH program: clean slate redesign from
hardware on up.
• The military has a strong interest in this, and even in
disseminating the solution
• c.f. Linux SE
96
97. of about 100
I think we can win
• It is our hardware, and our software
• There is no law of physics that says this can’t be done, and
• We have engineered reliable systems out of unreliable parts
before.
• We have the home-field advantage
• Correct software can be implemented, if we are very careful
97
98. of about 100
I won’t live to see all this happen
• And there will still be plenty of security problems
• You can always fool people somehow
• And every public service can be flooded by the public
(DDoS)
98
US seat belt law was 1968. My VW had it in 1964.
US mandatory seatbelt use: late 1980s to 1995 or so
airbags: mercedes, 1981, deployed big time in early 1990s