https://homeostasis.scs.carleton.ca/wiki/api.php?action=feedcontributions&feedformat=atom&user=NilofarSoma-notes - User contributions [en]2026-06-02T21:49:03ZUser contributionsMediaWiki 1.42.1https://homeostasis.scs.carleton.ca/wiki/index.php?title=Computer_Systems_Security:_Winter_2018_Course_Outline&diff=21616Computer Systems Security: Winter 2018 Course Outline2018-04-06T14:06:48Z<p>Nilofar: /* Course Information */</p>
<hr />
<div>'''This outline is not yet finalized.'''<br />
<br />
==Course Information==<br />
<br />
*'''Course Number:''' COMP 4108<br />
*'''Term:''' Winter 2018<br />
*'''Title:''' Computer Systems Security<br />
*'''Institution:''' Carleton University, School of Computer Science<br />
*'''Instructor:''' [http://people.scs.carleton.ca/~soma Anil Somayaji] (anil.somayaji at carleton.ca): Wednesdays 1-2:30 (and by appointment) in HP 5137<br />
*'''TAs:''' Nilofar Mansourzadeh (NilofarMansourzadeh at cmail.carleton.ca): Fridays 9-10, Herzberg Laboratories: room 5422<br />
*'''Meeting Time:''' Mondays and Wednesdays 10:05-11:25 AM in 3235 Mackenzie<br />
*'''Course Website''': http://homeostasis.scs.carleton.ca/wiki/index.php/Computer_Systems_Security_(Winter_2018)<br />
<br />
==Official Course Description==<br />
<br />
'''COMP 4108:''' Introduction to information security in computer and communications systems, including network, operating systems, web and software security; Passwords, authentication applications, privacy, data integrity, anonymity, secure email, IP security, security infrastructures, firewalls, viruses, intrusion detection, network attacks.<br />
Prerequisite(s): one of COMP 3203 or SYSC 4602, and one of COMP 3000, SYSC 3001, SYSC 4001.<br />
<br />
==Communication==<br />
<br />
The [[Computer Systems Security (Winter 2018)|main wiki page]] is the canonical source of information on this course. Please refer to it for updates. When significant changes are made to this document it will be either announced in lecture and/or posted in the course discussion forum.<br />
<br />
Online course discussions will be on [https://culearn.carleton.ca cuLearn].<br />
<br />
You should get an account on this wiki so you can edit content here. Email Prof. Somayaji to get one with your preferred username and email address to which a password should be sent.<br />
<br />
==Required Textbooks/Software==<br />
<br />
There are no required textbooks or software for this course. Instead we will be reading research papers and web resources which will be linked to from the wiki. While many of the research papers will be available directly via web search, some will be behind paywalls. In this case there will be alternate links to those pages that go through the Carleton Library's proxy.<br />
<br />
==Grading==<br />
<br />
Students enrolled in COMP 4108 have the following grading scheme:<br />
<br />
* 10% Participation<br />
* 20% Experiences<br />
* 20% Assignments<br />
* 20% Midterm<br />
* 30% Final Exam<br />
<br />
Each of these elements are explained below.<br />
<br />
===Participation===<br />
<br />
You are expected to attend every class for this course. Moreover, you are expected to participate in each class. This participation part of your grade will be based in part upon attendance; however, it will also be based upon the degree to which you were an active participant. Students who attend every class but who do nothing while in class will get a worse participation grade than those who miss some classes but who fully participate in those they do attend.<br />
<br />
In-class group participation, class notes posted to the wiki, and Slack discussions are also included as part of the participation grade. Outstanding participation will be eligible for up to 4% in extra credit added on to the final course grade.<br />
<br />
===Experiences===<br />
<br />
Students are required to complete nine experiences during the semester at a rate of approximately one per week (excluding the time around the midterm). These experiences will be graded as a participation grade, in that you will be graded primary on effort. When completing each experience, be sure to discuss how you went about the task and what difficulties you encountered.<br />
<br />
===Assignments===<br />
<br />
There will be four assignments throughout the semester. Note the questions in the assignments will serve as the basis of the midterm and final exams.<br />
<br />
===Midterm and Final Exam===<br />
<br />
Students will be required to complete an in-class midterm exam and a formally scheduled final exam. These will be short answer/small essay tests based on the material covered in class, focusing on the material covered in the assignments.<br />
<br />
==Collaboration==<br />
<br />
Collaboration on all work is allowed except for the midterm and final exams. Collaboration, however, should be clearly acknowledged. Specifically, co-authored works should be marked as such. When co-authored, all authors of reading responses and projects will get the same grade, unless there is reason to believe that some co-authors did not in fact contribute significantly to the submitted work. Co-authored contributions may get different grades depending upon the relative contribution of the different authors; however, the default here will also be to give all authors the same grade.<br />
<br />
It is '''essential''' that outside references be cited appropriately. Proper citation format should be followed except where more relaxed forms are specifically allowed.<br />
<br />
Plagiarism or intellectual dishonesty of any kind is strictly forbidden. In other words, it should always be clear what is your work and what is the work of others. If anything you submit is, in part or whole, very similar in content or structure to that of work produced by someone else, you are plagiarizing. This includes figures.<br />
<br />
Think of plagiarism as a kind of unauthorized collaboration. Don't do it. Plagiarism and other instructional offenses will be reported to the Dean of Science for disciplinary action, as per university guidelines.<br />
<br />
<br />
==University Policies==<br />
<br />
===Student Academic Integrity Policy===<br />
<br />
Every student should be familiar with the Carleton University student academic integrity policy. A student found in violation of academic integrity standards may be awarded penalties which range from a reprimand to receiving a grade of F in the course or even being expelled from the program or University. Some examples of offences are: plagiarism and unauthorized co-operation or collaboration. Information on this policy may be found in the Undergraduate Calendar.<br />
<br />
===Plagiarism===<br />
<br />
As defined by Senate, "plagiarism is presenting, whether intentional or not, the ideas, expression of ideas or work of others as one's own". Such reported offences will be reviewed by the office of the Dean of Science.<br />
<br />
===Unauthorized Co-operation or Collaboration===<br />
<br />
Senate policy states that "to ensure fairness and equity in assessment of term work, students shall not co-operate or collaborate in the completion of an academic assignment, in whole or in part, when the instructor has indicated that the assignment is to be completed on an individual basis".<br />
<br />
Please see above for the specific collaboration policy for this course.<br />
<br />
===Academic Accommodations for Students with Disabilities===<br />
<br />
The Paul Menton Centre for Students with Disabilities (PMC) provides services to students with Learning Disabilities (LD), psychiatric/mental health disabilities, Attention Deficit Hyperactivity Disorder (ADHD), Autism Spectrum Disorders (ASD), chronic medical conditions, and impairments in mobility, hearing, and vision. If you have a disability requiring academic accommodations in this course, please contact PMC at 613-520-6608 or pmc@carleton.ca for a formal evaluation. If you are already registered with the PMC, contact your PMC coordinator to send me your Letter of Accommodation at the beginning of the term, and no later than two weeks before the first in-class scheduled test or exam requiring accommodation (if applicable). After requesting accommodation from PMC, meet with me to ensure accommodation arrangements are made. Please consult the PMC website for the deadline to request accommodations for the formally-scheduled exam (if applicable) at https://carleton.ca/pmc/new-and-current-students/dates-and-deadlines<br />
<br />
===Religious Obligation===<br />
<br />
Write to the instructor with any requests for academic accommodation during the first two weeks of class, or as soon as possible after the need for accommodation is known to exist. For more details visit the Equity Services website: https://carleton.ca/equity/<br />
<br />
===Pregnancy Obligation===<br />
<br />
Write to the instructor with any requests for academic accommodation during the first two weeks of class, or as soon as possible after the need for accommodation is known to exist. For more details visit the Equity Services website: https://carleton.ca/equity/<br />
<br />
===Medical Certificate===<br />
<br />
The following is a link to the official medical certificate accepted by Carleton University for the deferral of final examinations or assignments in undergraduate courses. To access the form, please go to https://carleton.ca/registrar/forms</div>Nilofarhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Computer_Systems_Security:_Winter_2018_Course_Outline&diff=21489Computer Systems Security: Winter 2018 Course Outline2018-02-02T14:44:38Z<p>Nilofar: /* Course Information */</p>
<hr />
<div>'''This outline is not yet finalized.'''<br />
<br />
==Course Information==<br />
<br />
*'''Course Number:''' COMP 4108<br />
*'''Term:''' Winter 2018<br />
*'''Title:''' Computer Systems Security<br />
*'''Institution:''' Carleton University, School of Computer Science<br />
*'''Instructor:''' [http://people.scs.carleton.ca/~soma Anil Somayaji] (anil.somayaji at carleton.ca): Wednesdays 1-2:30 (and by appointment) in HP 5137<br />
*'''TAs:''' Nilofar Mansourzadeh (NilofarMansourzadeh at cmail.carleton.ca): Fridays 9-10<br />
*'''Meeting Time:''' Mondays and Wednesdays 10:05-11:25 AM in 3235 Mackenzie<br />
*'''Course Website''': http://homeostasis.scs.carleton.ca/wiki/index.php/Computer_Systems_Security_(Winter_2018)<br />
<br />
==Official Course Description==<br />
<br />
'''COMP 4108:''' Introduction to information security in computer and communications systems, including network, operating systems, web and software security; Passwords, authentication applications, privacy, data integrity, anonymity, secure email, IP security, security infrastructures, firewalls, viruses, intrusion detection, network attacks.<br />
Prerequisite(s): one of COMP 3203 or SYSC 4602, and one of COMP 3000, SYSC 3001, SYSC 4001.<br />
<br />
==Communication==<br />
<br />
The [[Computer Systems Security (Winter 2018)|main wiki page]] is the canonical source of information on this course. Please refer to it for updates. When significant changes are made to this document it will be either announced in lecture and/or posted in the course discussion forum.<br />
<br />
Online course discussions will be on [https://culearn.carleton.ca cuLearn].<br />
<br />
You should get an account on this wiki so you can edit content here. Email Prof. Somayaji to get one with your preferred username and email address to which a password should be sent.<br />
<br />
==Required Textbooks/Software==<br />
<br />
There are no required textbooks or software for this course. Instead we will be reading research papers and web resources which will be linked to from the wiki. While many of the research papers will be available directly via web search, some will be behind paywalls. In this case there will be alternate links to those pages that go through the Carleton Library's proxy.<br />
<br />
==Grading==<br />
<br />
Students enrolled in COMP 4108 have the following grading scheme:<br />
<br />
* 10% Participation<br />
* 20% Experiences<br />
* 20% Assignments<br />
* 20% Midterm<br />
* 30% Final Exam<br />
<br />
Each of these elements are explained below.<br />
<br />
===Participation===<br />
<br />
You are expected to attend every class for this course. Moreover, you are expected to participate in each class. This participation part of your grade will be based in part upon attendance; however, it will also be based upon the degree to which you were an active participant. Students who attend every class but who do nothing while in class will get a worse participation grade than those who miss some classes but who fully participate in those they do attend.<br />
<br />
In-class group participation, class notes posted to the wiki, and Slack discussions are also included as part of the participation grade. Outstanding participation will be eligible for up to 4% in extra credit added on to the final course grade.<br />
<br />
===Experiences===<br />
<br />
Students are required to complete nine experiences during the semester at a rate of approximately one per week (excluding the time around the midterm). These experiences will be graded as a participation grade, in that you will be graded primary on effort. When completing each experience, be sure to discuss how you went about the task and what difficulties you encountered.<br />
<br />
===Assignments===<br />
<br />
There will be four assignments throughout the semester. Note the questions in the assignments will serve as the basis of the midterm and final exams.<br />
<br />
===Midterm and Final Exam===<br />
<br />
Students will be required to complete an in-class midterm exam and a formally scheduled final exam. These will be short answer/small essay tests based on the material covered in class, focusing on the material covered in the assignments.<br />
<br />
==Collaboration==<br />
<br />
Collaboration on all work is allowed except for the midterm and final exams. Collaboration, however, should be clearly acknowledged. Specifically, co-authored works should be marked as such. When co-authored, all authors of reading responses and projects will get the same grade, unless there is reason to believe that some co-authors did not in fact contribute significantly to the submitted work. Co-authored contributions may get different grades depending upon the relative contribution of the different authors; however, the default here will also be to give all authors the same grade.<br />
<br />
It is '''essential''' that outside references be cited appropriately. Proper citation format should be followed except where more relaxed forms are specifically allowed.<br />
<br />
Plagiarism or intellectual dishonesty of any kind is strictly forbidden. In other words, it should always be clear what is your work and what is the work of others. If anything you submit is, in part or whole, very similar in content or structure to that of work produced by someone else, you are plagiarizing. This includes figures.<br />
<br />
Think of plagiarism as a kind of unauthorized collaboration. Don't do it. Plagiarism and other instructional offenses will be reported to the Dean of Science for disciplinary action, as per university guidelines.<br />
<br />
<br />
==University Policies==<br />
<br />
===Student Academic Integrity Policy===<br />
<br />
Every student should be familiar with the Carleton University student academic integrity policy. A student found in violation of academic integrity standards may be awarded penalties which range from a reprimand to receiving a grade of F in the course or even being expelled from the program or University. Some examples of offences are: plagiarism and unauthorized co-operation or collaboration. Information on this policy may be found in the Undergraduate Calendar.<br />
<br />
===Plagiarism===<br />
<br />
As defined by Senate, "plagiarism is presenting, whether intentional or not, the ideas, expression of ideas or work of others as one's own". Such reported offences will be reviewed by the office of the Dean of Science.<br />
<br />
===Unauthorized Co-operation or Collaboration===<br />
<br />
Senate policy states that "to ensure fairness and equity in assessment of term work, students shall not co-operate or collaborate in the completion of an academic assignment, in whole or in part, when the instructor has indicated that the assignment is to be completed on an individual basis".<br />
<br />
Please see above for the specific collaboration policy for this course.<br />
<br />
===Academic Accommodations for Students with Disabilities===<br />
<br />
The Paul Menton Centre for Students with Disabilities (PMC) provides services to students with Learning Disabilities (LD), psychiatric/mental health disabilities, Attention Deficit Hyperactivity Disorder (ADHD), Autism Spectrum Disorders (ASD), chronic medical conditions, and impairments in mobility, hearing, and vision. If you have a disability requiring academic accommodations in this course, please contact PMC at 613-520-6608 or pmc@carleton.ca for a formal evaluation. If you are already registered with the PMC, contact your PMC coordinator to send me your Letter of Accommodation at the beginning of the term, and no later than two weeks before the first in-class scheduled test or exam requiring accommodation (if applicable). After requesting accommodation from PMC, meet with me to ensure accommodation arrangements are made. Please consult the PMC website for the deadline to request accommodations for the formally-scheduled exam (if applicable) at https://carleton.ca/pmc/new-and-current-students/dates-and-deadlines<br />
<br />
===Religious Obligation===<br />
<br />
Write to the instructor with any requests for academic accommodation during the first two weeks of class, or as soon as possible after the need for accommodation is known to exist. For more details visit the Equity Services website: https://carleton.ca/equity/<br />
<br />
===Pregnancy Obligation===<br />
<br />
Write to the instructor with any requests for academic accommodation during the first two weeks of class, or as soon as possible after the need for accommodation is known to exist. For more details visit the Equity Services website: https://carleton.ca/equity/<br />
<br />
===Medical Certificate===<br />
<br />
The following is a link to the official medical certificate accepted by Carleton University for the deferral of final examinations or assignments in undergraduate courses. To access the form, please go to https://carleton.ca/registrar/forms</div>Nilofarhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Computer_Systems_Security_(Winter_2018)&diff=21424Computer Systems Security (Winter 2018)2018-01-19T04:19:23Z<p>Nilofar: /* January 12, 2018 */</p>
<hr />
<div>'''This page is not yet finalized.'''<br />
<br />
==Course Outline==<br />
<br />
[[Computer Systems Security: Winter 2018 Course Outline|Course Outline]]<br />
<br />
==Schedule==<br />
<br />
===January 8, 2018===<br />
<br />
[[SystemsSec 2018W Lecture 1|Introduction]]<br />
<br />
===January 10, 2018===<br />
<br />
[[SystemsSec 2018W Lecture 2|Threat Modelling]]<br />
<br />
===January 15, 2018===<br />
<br />
[[SystemsSec 2018W Lecture 3|Common tools]]<br />
<br />
===January 17, 2018===<br />
<br />
[[SystemsSec 2018W Lecture 4|passwd]]<br />
<br />
===January 31, 2018===<br />
<br />
Assignment 1 due<br />
<br />
===February 14, 2018===<br />
<br />
Assignment 2 due<br />
<br />
===February 19 & 21, 2018===<br />
<br />
Winter break, no classes<br />
<br />
===February 26, 2018===<br />
<br />
Mid-term review<br />
<br />
===February 28, 2018===<br />
<br />
Mid-term Exam<br />
<br />
<br />
===March 19, 2018===<br />
<br />
Assignment 3 due<br />
<br />
<br />
===April 4, 2018===<br />
<br />
Assignment 4 due<br />
<br />
<br />
===April 9, 2018===<br />
<br />
Last day of class</div>Nilofarhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Computer_Systems_Security:_Winter_2018_Course_Outline&diff=21414Computer Systems Security: Winter 2018 Course Outline2018-01-16T02:27:08Z<p>Nilofar: /* Grading */</p>
<hr />
<div>'''This outline is not yet finalized.'''<br />
<br />
==Course Information==<br />
<br />
*'''Course Number:''' COMP 4108<br />
*'''Term:''' Winter 2018<br />
*'''Title:''' Computer Systems Security<br />
*'''Institution:''' Carleton University, School of Computer Science<br />
*'''Instructor:''' [http://people.scs.carleton.ca/~soma Anil Somayaji] (anil.somayaji at carleton.ca): Wednesdays 1-2:30 (and by appointment) in HP 5137<br />
*'''TAs:''' Nilofar Mansourzadeh (NilofarMansourzadeh at cmail.carleton.ca): Fridays 10-11<br />
*'''Meeting Time:''' Mondays and Wednesdays 10:05-11:25 AM in 3235 Mackenzie<br />
*'''Course Website''': http://homeostasis.scs.carleton.ca/wiki/index.php/Computer_Systems_Security_(Winter_2018)<br />
<br />
==Official Course Description==<br />
<br />
'''COMP 4108:''' Introduction to information security in computer and communications systems, including network, operating systems, web and software security; Passwords, authentication applications, privacy, data integrity, anonymity, secure email, IP security, security infrastructures, firewalls, viruses, intrusion detection, network attacks.<br />
Prerequisite(s): one of COMP 3203 or SYSC 4602, and one of COMP 3000, SYSC 3001, SYSC 4001.<br />
<br />
==Communication==<br />
<br />
The [[Computer Systems Security (Winter 2018)|main wiki page]] is the canonical source of information on this course. Please refer to it for updates. When significant changes are made to this document it will be either announced in lecture and/or posted in the course discussion forum.<br />
<br />
Online course discussions will be on [https://culearn.carleton.ca cuLearn].<br />
<br />
You should get an account on this wiki so you can edit content here. Email Prof. Somayaji to get one with your preferred username and email address to which a password should be sent.<br />
<br />
==Required Textbooks/Software==<br />
<br />
There are no required textbooks or software for this course. Instead we will be reading research papers and web resources which will be linked to from the wiki. While many of the research papers will be available directly via web search, some will be behind paywalls. In this case there will be alternate links to those pages that go through the Carleton Library's proxy.<br />
<br />
==Grading==<br />
<br />
Students enrolled in COMP 4108 have the following grading scheme:<br />
<br />
* 10% Participation<br />
* 20% Experiences<br />
* 20% Assignments<br />
* 20% Midterm<br />
* 30% Final Exam<br />
<br />
Each of these elements are explained below.<br />
<br />
===Participation===<br />
<br />
You are expected to attend every class for this course. Moreover, you are expected to participate in each class. This participation part of your grade will be based in part upon attendance; however, it will also be based upon the degree to which you were an active participant. Students who attend every class but who do nothing while in class will get a worse participation grade than those who miss some classes but who fully participate in those they do attend.<br />
<br />
In-class group participation, class notes posted to the wiki, and Slack discussions are also included as part of the participation grade. Outstanding participation will be eligible for up to 4% in extra credit added on to the final course grade.<br />
<br />
===Experiences===<br />
<br />
<br />
===Assignments===<br />
<br />
<br />
===Midterm and Final Exam===<br />
<br />
Students will be required to complete an in-class midterm exam and a formally scheduled final exam. These will be short answer/small essay tests based on the material covered in class, focusing on the material covered in the assignments.<br />
<br />
==Collaboration==<br />
<br />
Collaboration on all work is allowed except for the midterm and final exams. Collaboration, however, should be clearly acknowledged. Specifically, co-authored works should be marked as such. When co-authored, all authors of reading responses and projects will get the same grade, unless there is reason to believe that some co-authors did not in fact contribute significantly to the submitted work. Co-authored contributions may get different grades depending upon the relative contribution of the different authors; however, the default here will also be to give all authors the same grade.<br />
<br />
It is '''essential''' that outside references be cited appropriately. Proper citation format should be followed except where more relaxed forms are specifically allowed.<br />
<br />
Plagiarism or intellectual dishonesty of any kind is strictly forbidden. In other words, it should always be clear what is your work and what is the work of others. If anything you submit is, in part or whole, very similar in content or structure to that of work produced by someone else, you are plagiarizing. This includes figures.<br />
<br />
Think of plagiarism as a kind of unauthorized collaboration. Don't do it. Plagiarism and other instructional offenses will be reported to the Dean of Science for disciplinary action, as per university guidelines.<br />
<br />
<br />
==University Policies==<br />
<br />
===Student Academic Integrity Policy===<br />
<br />
Every student should be familiar with the Carleton University student academic integrity policy. A student found in violation of academic integrity standards may be awarded penalties which range from a reprimand to receiving a grade of F in the course or even being expelled from the program or University. Some examples of offences are: plagiarism and unauthorized co-operation or collaboration. Information on this policy may be found in the Undergraduate Calendar.<br />
<br />
===Plagiarism===<br />
<br />
As defined by Senate, "plagiarism is presenting, whether intentional or not, the ideas, expression of ideas or work of others as one's own". Such reported offences will be reviewed by the office of the Dean of Science.<br />
<br />
===Unauthorized Co-operation or Collaboration===<br />
<br />
Senate policy states that "to ensure fairness and equity in assessment of term work, students shall not co-operate or collaborate in the completion of an academic assignment, in whole or in part, when the instructor has indicated that the assignment is to be completed on an individual basis".<br />
<br />
Please see above for the specific collaboration policy for this course.<br />
<br />
===Academic Accommodations for Students with Disabilities===<br />
<br />
The Paul Menton Centre for Students with Disabilities (PMC) provides services to students with Learning Disabilities (LD), psychiatric/mental health disabilities, Attention Deficit Hyperactivity Disorder (ADHD), Autism Spectrum Disorders (ASD), chronic medical conditions, and impairments in mobility, hearing, and vision. If you have a disability requiring academic accommodations in this course, please contact PMC at 613-520-6608 or pmc@carleton.ca for a formal evaluation. If you are already registered with the PMC, contact your PMC coordinator to send me your Letter of Accommodation at the beginning of the term, and no later than two weeks before the first in-class scheduled test or exam requiring accommodation (if applicable). After requesting accommodation from PMC, meet with me to ensure accommodation arrangements are made. Please consult the PMC website for the deadline to request accommodations for the formally-scheduled exam (if applicable) at https://carleton.ca/pmc/new-and-current-students/dates-and-deadlines<br />
<br />
===Religious Obligation===<br />
<br />
Write to the instructor with any requests for academic accommodation during the first two weeks of class, or as soon as possible after the need for accommodation is known to exist. For more details visit the Equity Services website: https://carleton.ca/equity/<br />
<br />
===Pregnancy Obligation===<br />
<br />
Write to the instructor with any requests for academic accommodation during the first two weeks of class, or as soon as possible after the need for accommodation is known to exist. For more details visit the Equity Services website: https://carleton.ca/equity/<br />
<br />
===Medical Certificate===<br />
<br />
The following is a link to the official medical certificate accepted by Carleton University for the deferral of final examinations or assignments in undergraduate courses. To access the form, please go to https://carleton.ca/registrar/forms</div>Nilofarhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=SystemsSec_2018W_Lecture_1&diff=21413SystemsSec 2018W Lecture 12018-01-16T02:22:41Z<p>Nilofar: /* DRM – Digital Rights Management */</p>
<hr />
<div>= Notes =<br />
Class 1, January 8<br />
<br />
== About the course: ==<br />
Lectures will not be posted online.<br />
<br />
Notes will be posted online.<br />
<br />
In order to succeed, you need to come to class. Things will be discussed, and you need to be present.<br />
<br />
* Grading Criteria<br />
** Midterm 20%<br />
** Final 30%<br />
** Participation 10%<br />
** Experiences 20%<br />
** Assignments (4) 20%<br />
<br />
The midterm and final will basically be short answer, possibly with some essay questions.<br />
<br />
The assignments will be in the style of the midterm and final, and will let you know how prepared you are for the exams. 2 assignments before the midterm and 2 after the midterm.<br />
<br />
Participation – being present, taking notes for the class, raising your hand, discussing things (not purely in class, also there will be a slack instance). <br />
<br />
If for some reason participation will be a problem for you, email the professor now to work it out)<br />
<br />
Experiences – in 2 portions reading and tools<br />
<br />
Reading – submit a reading response. Make a diligent effort to understand the reading before coming to class. Not a summary. What was your interaction with the reading?<br />
<br />
Tools – Computer Systems Security is fundamentally an applied field. It is tied to tools. Applied learning is important. Some exercises will be provided, but other things you will come across yourself (ie try to set up a firewall, or play around with iptables, you don’t have to succeed). Write a tool response. Plan on sitting down a couple of times and doing some hacking. It is important to get your hands dirty. To start, pick something that you can handle, and maybe ramp it up as the term goes along.<br />
<br />
Assignments will be submitted through CULearn.<br />
<br />
== The material covered today: ==<br />
In the news recently: Meltdown and Spectre security flaws<br />
<br />
Meltdown in the Intel version, Spectre is the more general version.<br />
<br />
Basically every modern CPU that has high performance is affected<br />
<br />
Problem with processor design.<br />
<br />
Design strategy used to increase performance in modern processors allows for information leakage.<br />
<br />
Software programs and processes don't trust each other (and they shouldn't), but this flaw means that the barriers between them aren't fixed, you can read across them.<br />
<br />
It is a timing attack. The basis of timing attacks is that the time to compute depends on the data that you are computing. By knowing how long something takes to compute, you can figure out what is being computed. <br />
<br />
There was previously a well known timing attack on public key encryption, which was solved by responding to all requests in the same constant time.<br />
<br />
Meltdown and Spectre exploit branch predictors (ie, the processor speculates at which branch of the code will be run next and “runs ahead”. If it predicts correctly, there is a performance advantage). However, flaws were found that enabled kernel memory to be read, or a virtual machine to read data from another virtual machine running on the same processor. This particularly affects cloud computing.<br />
<br />
These types of flaws come because no one was thinking about the design from a security point of view. <br />
<br />
System Security is difficult. Attackers find flaws, defenders try to fix them. This happens in real systems, with enormous complexity. Theoretically we can design perfectly secure systems, but attackers will keep finding flaws. This game, as it is today, is weighted towards attackers. Rebalancing the game would require radical ideas.<br />
<br />
=== A (noncomprehensive) list of some security tools and methods: ===<br />
*The purpose of this list is to show what a vast area computer security is, not making a list of everything that will be covered.<br />
**Firewalls<br />
**Antivirus/Antimalware<br />
**Network monitoring/NIDS<br />
**Reverse engineering.<br />
**Cryptography (encryption/digital signing) (for system security, encryption is a tool of last resort)<br />
**Air gaps<br />
**Social Engineering<br />
**(D)DoS<br />
**White list<br />
**Black list<br />
**One way info-gate<br />
**Virtual machines<br />
**Encapsulation<br />
**Virtual memory<br />
**Formal verification<br />
**Randomization (ASLR)<br />
**Passwords<br />
**Captchas<br />
**Biometrics<br />
**Location monitoring<br />
**Mandatory access control (ie SELinux, very inconvenient)<br />
**Discretionary access control (traditional Unix, Windows…)<br />
**Automatic memory management (garbage collection)<br />
**Static analysis<br />
**Dynamic analysis<br />
<br />
Security can affect just about any area of computer science. If there is a branch that doesn’t appear to be affected by security, someone just hasn’t thought about it for long enough.<br />
<br />
This course isn’t about a specific tool or method, although many will be touched on. Primarily, we want to look at how to think about problems so that you see security issues. What can I do as an attacker? What can I do as a defender.<br />
<br />
There are always benefits and costs to any security decision, By strengthening security in one way, you can weaken it in another.<br />
<br />
For example, if you can’t risk lockouts and downtime, having passwords could cause problems.<br />
<br />
If you make usability too difficult, users can find ways to bypass your security measures. Security is always a secondary concern. The primary concerns of users are the tasks that they are using the computer systems to complete.<br />
<br />
The most secure system is one that is off, in a locked room in a secure facility. However, that system is also completely useless.<br />
<br />
Even if you do not become a computer security professional, you will design systems and make decisions that have security implications.<br />
<br />
=== Reverse Engineering ===<br />
Picked from the list at random to discuss<br />
<br />
*What is it?<br />
**Normal engineering process would be Design -> code -> system.<br />
**Reverse engineering is reversing that process. Looking at the system to figure out the code and the design. <br />
<br />
*Who?<br />
**Attackers<br />
***analyzing defenses<br />
****If you can figure out how it works, then you can find weaknesses and exploit them.<br />
You become an expert safecracker by learning about safes. In order to find flaws in systems, you must have a deep knowledge of those systems. What an attacker wishes to attack he must master, and by finding the flaw, the attacker '''proves his knowledge'''. It is like solving a puzzle. That is what drives the people developing these attacks. The negative impacts are often secondary.<br />
<br />
**Defenders<br />
***Analyze defenses like attackers<br />
***Analyze attacks <br />
****(ie, figure out what a botnet does and how it works)<br />
****Botnet – illegal cloud computing.<br />
<br />
=== DRM – Digital Rights Management ===<br />
*People have been using reverse engineering crack DRM since DRM was released<br />
*Interesting thing about DRM – it works to protect the content from the legitimate user that you want to have the content. <br />
*Most secure current DRM- iOS. It is currently very difficult to crack (or “jailbreak”). In fact, it may even be “effectively unbreakable” because the cost and time involved in breaking it isn’t worth it.<br />
*Jailbreaking iOS used to be very popular, as it allowed users to use their iPhones in ways that Apple didn’t allow. However, it would also negatively impact the security of the device. <br />
*The jailbreak community showed Apple where the security flaws in their devices were found. Apple could then fix the flaws. The community would find new flaws, and Apple would fix them.<br />
*This evolution or “trial by fire” is the only way that security gets strong. No theoretical security can be trusted until it has had people try to crack it.<br />
<br />
Today, attacks get put into usable software and distributed quickly. They spread fast.<br />
<br />
Nation-states pay lots of people to reverse engineer systems and find the security holes. They do it in secret, but they can’t keep secrets, so the attacks they create get leaked.<br />
<br />
The code of much modern malware that is causing problems has been written by <br />
nation-states.<br />
<br />
We cannot make any system perfectly secure, but we don’t build systems under that assumption. We build systems that store large amounts of important data (how much data does Facebook have? Google? Governments?). We assume that we can do this securely, but we can’t.</div>Nilofarhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=SystemsSec_2018W_Lecture_1&diff=21412SystemsSec 2018W Lecture 12018-01-16T02:20:17Z<p>Nilofar: /* Reverse Engineering */</p>
<hr />
<div>= Notes =<br />
Class 1, January 8<br />
<br />
== About the course: ==<br />
Lectures will not be posted online.<br />
<br />
Notes will be posted online.<br />
<br />
In order to succeed, you need to come to class. Things will be discussed, and you need to be present.<br />
<br />
* Grading Criteria<br />
** Midterm 20%<br />
** Final 30%<br />
** Participation 10%<br />
** Experiences 20%<br />
** Assignments (4) 20%<br />
<br />
The midterm and final will basically be short answer, possibly with some essay questions.<br />
<br />
The assignments will be in the style of the midterm and final, and will let you know how prepared you are for the exams. 2 assignments before the midterm and 2 after the midterm.<br />
<br />
Participation – being present, taking notes for the class, raising your hand, discussing things (not purely in class, also there will be a slack instance). <br />
<br />
If for some reason participation will be a problem for you, email the professor now to work it out)<br />
<br />
Experiences – in 2 portions reading and tools<br />
<br />
Reading – submit a reading response. Make a diligent effort to understand the reading before coming to class. Not a summary. What was your interaction with the reading?<br />
<br />
Tools – Computer Systems Security is fundamentally an applied field. It is tied to tools. Applied learning is important. Some exercises will be provided, but other things you will come across yourself (ie try to set up a firewall, or play around with iptables, you don’t have to succeed). Write a tool response. Plan on sitting down a couple of times and doing some hacking. It is important to get your hands dirty. To start, pick something that you can handle, and maybe ramp it up as the term goes along.<br />
<br />
Assignments will be submitted through CULearn.<br />
<br />
== The material covered today: ==<br />
In the news recently: Meltdown and Spectre security flaws<br />
<br />
Meltdown in the Intel version, Spectre is the more general version.<br />
<br />
Basically every modern CPU that has high performance is affected<br />
<br />
Problem with processor design.<br />
<br />
Design strategy used to increase performance in modern processors allows for information leakage.<br />
<br />
Software programs and processes don't trust each other (and they shouldn't), but this flaw means that the barriers between them aren't fixed, you can read across them.<br />
<br />
It is a timing attack. The basis of timing attacks is that the time to compute depends on the data that you are computing. By knowing how long something takes to compute, you can figure out what is being computed. <br />
<br />
There was previously a well known timing attack on public key encryption, which was solved by responding to all requests in the same constant time.<br />
<br />
Meltdown and Spectre exploit branch predictors (ie, the processor speculates at which branch of the code will be run next and “runs ahead”. If it predicts correctly, there is a performance advantage). However, flaws were found that enabled kernel memory to be read, or a virtual machine to read data from another virtual machine running on the same processor. This particularly affects cloud computing.<br />
<br />
These types of flaws come because no one was thinking about the design from a security point of view. <br />
<br />
System Security is difficult. Attackers find flaws, defenders try to fix them. This happens in real systems, with enormous complexity. Theoretically we can design perfectly secure systems, but attackers will keep finding flaws. This game, as it is today, is weighted towards attackers. Rebalancing the game would require radical ideas.<br />
<br />
=== A (noncomprehensive) list of some security tools and methods: ===<br />
*The purpose of this list is to show what a vast area computer security is, not making a list of everything that will be covered.<br />
**Firewalls<br />
**Antivirus/Antimalware<br />
**Network monitoring/NIDS<br />
**Reverse engineering.<br />
**Cryptography (encryption/digital signing) (for system security, encryption is a tool of last resort)<br />
**Air gaps<br />
**Social Engineering<br />
**(D)DoS<br />
**White list<br />
**Black list<br />
**One way info-gate<br />
**Virtual machines<br />
**Encapsulation<br />
**Virtual memory<br />
**Formal verification<br />
**Randomization (ASLR)<br />
**Passwords<br />
**Captchas<br />
**Biometrics<br />
**Location monitoring<br />
**Mandatory access control (ie SELinux, very inconvenient)<br />
**Discretionary access control (traditional Unix, Windows…)<br />
**Automatic memory management (garbage collection)<br />
**Static analysis<br />
**Dynamic analysis<br />
<br />
Security can affect just about any area of computer science. If there is a branch that doesn’t appear to be affected by security, someone just hasn’t thought about it for long enough.<br />
<br />
This course isn’t about a specific tool or method, although many will be touched on. Primarily, we want to look at how to think about problems so that you see security issues. What can I do as an attacker? What can I do as a defender.<br />
<br />
There are always benefits and costs to any security decision, By strengthening security in one way, you can weaken it in another.<br />
<br />
For example, if you can’t risk lockouts and downtime, having passwords could cause problems.<br />
<br />
If you make usability too difficult, users can find ways to bypass your security measures. Security is always a secondary concern. The primary concerns of users are the tasks that they are using the computer systems to complete.<br />
<br />
The most secure system is one that is off, in a locked room in a secure facility. However, that system is also completely useless.<br />
<br />
Even if you do not become a computer security professional, you will design systems and make decisions that have security implications.<br />
<br />
=== Reverse Engineering ===<br />
Picked from the list at random to discuss<br />
<br />
*What is it?<br />
**Normal engineering process would be Design -> code -> system.<br />
**Reverse engineering is reversing that process. Looking at the system to figure out the code and the design. <br />
<br />
*Who?<br />
**Attackers<br />
***analyzing defenses<br />
****If you can figure out how it works, then you can find weaknesses and exploit them.<br />
You become an expert safecracker by learning about safes. In order to find flaws in systems, you must have a deep knowledge of those systems. What an attacker wishes to attack he must master, and by finding the flaw, the attacker '''proves his knowledge'''. It is like solving a puzzle. That is what drives the people developing these attacks. The negative impacts are often secondary.<br />
<br />
**Defenders<br />
***Analyze defenses like attackers<br />
***Analyze attacks <br />
****(ie, figure out what a botnet does and how it works)<br />
****Botnet – illegal cloud computing.<br />
<br />
=== DRM – Digital Rights Management ===<br />
*People have been using reverse engineering crack DRM since DRM was released<br />
*Interesting thing about DRM – it works to protect the content from the legitimate user that you want to have the content. <br />
*Most secure current DRM- iOS. It is currently very difficult to crack (or “jailbreak”). In fact, it may even be “effectively unbreakable” because the cost and time involved in breaking it isn’t worth it.<br />
*Jailbreaking iOS used to be very popular, as it allowed users to use their iPhones in ways that Apple didn’t allow. However, it would also negatively impact the security of the device. <br />
*The jailbreak community showed Apple where the security flaws in their devices were found. Apple could then fix the flaws. The community would find new flaws, and Apple would fix them.<br />
*This evolution or “trial by fire” is the only way that security gets strong. No theoretical security can be trusted until it has had people try to crack it.<br />
<br />
Today, attacks get put into usable software and distributed quickly. They spread fast.<br />
<br />
Nation-states pay lost of people to reverse engineer systems and find the security holes. They do it in secret, but they can’t keep secrets, so the attacks they create get leaked.<br />
<br />
The code of much modern malware that is causing problems has been written by <br />
nation-states.<br />
<br />
We cannot make any system perfectly secure, but we don’t build systems under that assumption. We build systems that store large amounts of important data (how much data does Facebook have? Google? Governments?). We assume that we can do this securely, but we can’t.</div>Nilofarhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=SystemsSec_2018W_Lecture_1&diff=21411SystemsSec 2018W Lecture 12018-01-16T02:19:24Z<p>Nilofar: /* Reverse Engineering */</p>
<hr />
<div>= Notes =<br />
Class 1, January 8<br />
<br />
== About the course: ==<br />
Lectures will not be posted online.<br />
<br />
Notes will be posted online.<br />
<br />
In order to succeed, you need to come to class. Things will be discussed, and you need to be present.<br />
<br />
* Grading Criteria<br />
** Midterm 20%<br />
** Final 30%<br />
** Participation 10%<br />
** Experiences 20%<br />
** Assignments (4) 20%<br />
<br />
The midterm and final will basically be short answer, possibly with some essay questions.<br />
<br />
The assignments will be in the style of the midterm and final, and will let you know how prepared you are for the exams. 2 assignments before the midterm and 2 after the midterm.<br />
<br />
Participation – being present, taking notes for the class, raising your hand, discussing things (not purely in class, also there will be a slack instance). <br />
<br />
If for some reason participation will be a problem for you, email the professor now to work it out)<br />
<br />
Experiences – in 2 portions reading and tools<br />
<br />
Reading – submit a reading response. Make a diligent effort to understand the reading before coming to class. Not a summary. What was your interaction with the reading?<br />
<br />
Tools – Computer Systems Security is fundamentally an applied field. It is tied to tools. Applied learning is important. Some exercises will be provided, but other things you will come across yourself (ie try to set up a firewall, or play around with iptables, you don’t have to succeed). Write a tool response. Plan on sitting down a couple of times and doing some hacking. It is important to get your hands dirty. To start, pick something that you can handle, and maybe ramp it up as the term goes along.<br />
<br />
Assignments will be submitted through CULearn.<br />
<br />
== The material covered today: ==<br />
In the news recently: Meltdown and Spectre security flaws<br />
<br />
Meltdown in the Intel version, Spectre is the more general version.<br />
<br />
Basically every modern CPU that has high performance is affected<br />
<br />
Problem with processor design.<br />
<br />
Design strategy used to increase performance in modern processors allows for information leakage.<br />
<br />
Software programs and processes don't trust each other (and they shouldn't), but this flaw means that the barriers between them aren't fixed, you can read across them.<br />
<br />
It is a timing attack. The basis of timing attacks is that the time to compute depends on the data that you are computing. By knowing how long something takes to compute, you can figure out what is being computed. <br />
<br />
There was previously a well known timing attack on public key encryption, which was solved by responding to all requests in the same constant time.<br />
<br />
Meltdown and Spectre exploit branch predictors (ie, the processor speculates at which branch of the code will be run next and “runs ahead”. If it predicts correctly, there is a performance advantage). However, flaws were found that enabled kernel memory to be read, or a virtual machine to read data from another virtual machine running on the same processor. This particularly affects cloud computing.<br />
<br />
These types of flaws come because no one was thinking about the design from a security point of view. <br />
<br />
System Security is difficult. Attackers find flaws, defenders try to fix them. This happens in real systems, with enormous complexity. Theoretically we can design perfectly secure systems, but attackers will keep finding flaws. This game, as it is today, is weighted towards attackers. Rebalancing the game would require radical ideas.<br />
<br />
=== A (noncomprehensive) list of some security tools and methods: ===<br />
*The purpose of this list is to show what a vast area computer security is, not making a list of everything that will be covered.<br />
**Firewalls<br />
**Antivirus/Antimalware<br />
**Network monitoring/NIDS<br />
**Reverse engineering.<br />
**Cryptography (encryption/digital signing) (for system security, encryption is a tool of last resort)<br />
**Air gaps<br />
**Social Engineering<br />
**(D)DoS<br />
**White list<br />
**Black list<br />
**One way info-gate<br />
**Virtual machines<br />
**Encapsulation<br />
**Virtual memory<br />
**Formal verification<br />
**Randomization (ASLR)<br />
**Passwords<br />
**Captchas<br />
**Biometrics<br />
**Location monitoring<br />
**Mandatory access control (ie SELinux, very inconvenient)<br />
**Discretionary access control (traditional Unix, Windows…)<br />
**Automatic memory management (garbage collection)<br />
**Static analysis<br />
**Dynamic analysis<br />
<br />
Security can affect just about any area of computer science. If there is a branch that doesn’t appear to be affected by security, someone just hasn’t thought about it for long enough.<br />
<br />
This course isn’t about a specific tool or method, although many will be touched on. Primarily, we want to look at how to think about problems so that you see security issues. What can I do as an attacker? What can I do as a defender.<br />
<br />
There are always benefits and costs to any security decision, By strengthening security in one way, you can weaken it in another.<br />
<br />
For example, if you can’t risk lockouts and downtime, having passwords could cause problems.<br />
<br />
If you make usability too difficult, users can find ways to bypass your security measures. Security is always a secondary concern. The primary concerns of users are the tasks that they are using the computer systems to complete.<br />
<br />
The most secure system is one that is off, in a locked room in a secure facility. However, that system is also completely useless.<br />
<br />
Even if you do not become a computer security professional, you will design systems and make decisions that have security implications.<br />
<br />
=== Reverse Engineering ===<br />
Picked from the list at random to discuss<br />
<br />
*What is it?<br />
**Normal engineering process would be Design -> code -> system.<br />
**Reverse engineering is reversing that process. Looking at the system to figure out the code and the design. <br />
<br />
*Who?<br />
**Attackers<br />
***analyzing defenses<br />
****If you can figure out how it works, then you can find weaknesses and exploit them.<br />
You become an expert safecracker by learning about safes. In order to find flaws in systems you must have a deep knowledge of those systems. What an attacker wishes to attack he must master, and by finding the flaw, the attacker '''proves his knowledge'''. It is like solving a puzzle. That is what drives the people developing these attacks. The negative impacts are often secondary.<br />
<br />
*Defenders<br />
***Analyze defenses like attackers<br />
***Analyze attacks <br />
****(ie, figure out what a botnet does and how it works)<br />
****Botnet – illegal cloud computing.<br />
<br />
=== DRM – Digital Rights Management ===<br />
*People have been using reverse engineering crack DRM since DRM was released<br />
*Interesting thing about DRM – it works to protect the content from the legitimate user that you want to have the content. <br />
*Most secure current DRM- iOS. It is currently very difficult to crack (or “jailbreak”). In fact, it may even be “effectively unbreakable” because the cost and time involved in breaking it isn’t worth it.<br />
*Jailbreaking iOS used to be very popular, as it allowed users to use their iPhones in ways that Apple didn’t allow. However, it would also negatively impact the security of the device. <br />
*The jailbreak community showed Apple where the security flaws in their devices were found. Apple could then fix the flaws. The community would find new flaws, and Apple would fix them.<br />
*This evolution or “trial by fire” is the only way that security gets strong. No theoretical security can be trusted until it has had people try to crack it.<br />
<br />
Today, attacks get put into usable software and distributed quickly. They spread fast.<br />
<br />
Nation-states pay lost of people to reverse engineer systems and find the security holes. They do it in secret, but they can’t keep secrets, so the attacks they create get leaked.<br />
<br />
The code of much modern malware that is causing problems has been written by <br />
nation-states.<br />
<br />
We cannot make any system perfectly secure, but we don’t build systems under that assumption. We build systems that store large amounts of important data (how much data does Facebook have? Google? Governments?). We assume that we can do this securely, but we can’t.</div>Nilofarhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=SystemsSec_2018W_Lecture_1&diff=21410SystemsSec 2018W Lecture 12018-01-16T02:16:02Z<p>Nilofar: </p>
<hr />
<div>= Notes =<br />
Class 1, January 8<br />
<br />
== About the course: ==<br />
Lectures will not be posted online.<br />
<br />
Notes will be posted online.<br />
<br />
In order to succeed, you need to come to class. Things will be discussed, and you need to be present.<br />
<br />
* Grading Criteria<br />
** Midterm 20%<br />
** Final 30%<br />
** Participation 10%<br />
** Experiences 20%<br />
** Assignments (4) 20%<br />
<br />
The midterm and final will basically be short answer, possibly with some essay questions.<br />
<br />
The assignments will be in the style of the midterm and final, and will let you know how prepared you are for the exams. 2 assignments before the midterm and 2 after the midterm.<br />
<br />
Participation – being present, taking notes for the class, raising your hand, discussing things (not purely in class, also there will be a slack instance). <br />
<br />
If for some reason participation will be a problem for you, email the professor now to work it out)<br />
<br />
Experiences – in 2 portions reading and tools<br />
<br />
Reading – submit a reading response. Make a diligent effort to understand the reading before coming to class. Not a summary. What was your interaction with the reading?<br />
<br />
Tools – Computer Systems Security is fundamentally an applied field. It is tied to tools. Applied learning is important. Some exercises will be provided, but other things you will come across yourself (ie try to set up a firewall, or play around with iptables, you don’t have to succeed). Write a tool response. Plan on sitting down a couple of times and doing some hacking. It is important to get your hands dirty. To start, pick something that you can handle, and maybe ramp it up as the term goes along.<br />
<br />
Assignments will be submitted through CULearn.<br />
<br />
== The material covered today: ==<br />
In the news recently: Meltdown and Spectre security flaws<br />
<br />
Meltdown in the Intel version, Spectre is the more general version.<br />
<br />
Basically every modern CPU that has high performance is affected<br />
<br />
Problem with processor design.<br />
<br />
Design strategy used to increase performance in modern processors allows for information leakage.<br />
<br />
Software programs and processes don't trust each other (and they shouldn't), but this flaw means that the barriers between them aren't fixed, you can read across them.<br />
<br />
It is a timing attack. The basis of timing attacks is that the time to compute depends on the data that you are computing. By knowing how long something takes to compute, you can figure out what is being computed. <br />
<br />
There was previously a well known timing attack on public key encryption, which was solved by responding to all requests in the same constant time.<br />
<br />
Meltdown and Spectre exploit branch predictors (ie, the processor speculates at which branch of the code will be run next and “runs ahead”. If it predicts correctly, there is a performance advantage). However, flaws were found that enabled kernel memory to be read, or a virtual machine to read data from another virtual machine running on the same processor. This particularly affects cloud computing.<br />
<br />
These types of flaws come because no one was thinking about the design from a security point of view. <br />
<br />
System Security is difficult. Attackers find flaws, defenders try to fix them. This happens in real systems, with enormous complexity. Theoretically we can design perfectly secure systems, but attackers will keep finding flaws. This game, as it is today, is weighted towards attackers. Rebalancing the game would require radical ideas.<br />
<br />
=== A (noncomprehensive) list of some security tools and methods: ===<br />
*The purpose of this list is to show what a vast area computer security is, not making a list of everything that will be covered.<br />
**Firewalls<br />
**Antivirus/Antimalware<br />
**Network monitoring/NIDS<br />
**Reverse engineering.<br />
**Cryptography (encryption/digital signing) (for system security, encryption is a tool of last resort)<br />
**Air gaps<br />
**Social Engineering<br />
**(D)DoS<br />
**White list<br />
**Black list<br />
**One way info-gate<br />
**Virtual machines<br />
**Encapsulation<br />
**Virtual memory<br />
**Formal verification<br />
**Randomization (ASLR)<br />
**Passwords<br />
**Captchas<br />
**Biometrics<br />
**Location monitoring<br />
**Mandatory access control (ie SELinux, very inconvenient)<br />
**Discretionary access control (traditional Unix, Windows…)<br />
**Automatic memory management (garbage collection)<br />
**Static analysis<br />
**Dynamic analysis<br />
<br />
Security can affect just about any area of computer science. If there is a branch that doesn’t appear to be affected by security, someone just hasn’t thought about it for long enough.<br />
<br />
This course isn’t about a specific tool or method, although many will be touched on. Primarily, we want to look at how to think about problems so that you see security issues. What can I do as an attacker? What can I do as a defender.<br />
<br />
There are always benefits and costs to any security decision, By strengthening security in one way, you can weaken it in another.<br />
<br />
For example, if you can’t risk lockouts and downtime, having passwords could cause problems.<br />
<br />
If you make usability too difficult, users can find ways to bypass your security measures. Security is always a secondary concern. The primary concerns of users are the tasks that they are using the computer systems to complete.<br />
<br />
The most secure system is one that is off, in a locked room in a secure facility. However, that system is also completely useless.<br />
<br />
Even if you do not become a computer security professional, you will design systems and make decisions that have security implications.<br />
<br />
=== Reverse Engineering ===<br />
Picked from the list at random to discuss<br />
<br />
*What is it?<br />
**Normal engineering process would be Design -> code -> system.<br />
**Reverse engineering is reversing that process. Looking at the system to figure out the code and the design. <br />
<br />
*Who?<br />
**Attackers<br />
***analyzing defenses<br />
****If you can figure out how it works, then you can find weaknesses and exploit them.<br />
You become an expert safecracker by learning about safes. In order to find flaws in systems you must have a deep knowledge of those systems. What an attacker wishes to attack he must master, and by finding the flaw, the attacker '''proves his knowledge'''. It is like solving a puzzle. That is what drives the people developing these attacks. The negative impacts are often secondary.<br />
<br />
**Defenders<br />
***Analyze defenses like attackers<br />
***Analyze attacks <br />
****(ie, figure out what a botnet does and how it works)<br />
****Botnet – illegal cloud computing.<br />
<br />
=== DRM – Digital Rights Management ===<br />
*People have been using reverse engineering crack DRM since DRM was released<br />
*Interesting thing about DRM – it works to protect the content from the legitimate user that you want to have the content. <br />
*Most secure current DRM- iOS. It is currently very difficult to crack (or “jailbreak”). In fact, it may even be “effectively unbreakable” because the cost and time involved in breaking it isn’t worth it.<br />
*Jailbreaking iOS used to be very popular, as it allowed users to use their iPhones in ways that Apple didn’t allow. However, it would also negatively impact the security of the device. <br />
*The jailbreak community showed Apple where the security flaws in their devices were found. Apple could then fix the flaws. The community would find new flaws, and Apple would fix them.<br />
*This evolution or “trial by fire” is the only way that security gets strong. No theoretical security can be trusted until it has had people try to crack it.<br />
<br />
Today, attacks get put into usable software and distributed quickly. They spread fast.<br />
<br />
Nation-states pay lost of people to reverse engineer systems and find the security holes. They do it in secret, but they can’t keep secrets, so the attacks they create get leaked.<br />
<br />
The code of much modern malware that is causing problems has been written by <br />
nation-states.<br />
<br />
We cannot make any system perfectly secure, but we don’t build systems under that assumption. We build systems that store large amounts of important data (how much data does Facebook have? Google? Governments?). We assume that we can do this securely, but we can’t.</div>Nilofarhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=SystemsSec_2018W_Lecture_1&diff=21409SystemsSec 2018W Lecture 12018-01-16T02:11:51Z<p>Nilofar: </p>
<hr />
<div>= Notes =<br />
Class 1, January 8<br />
<br />
== About the course: ==<br />
Lectures will not be posted online.<br />
<br />
Notes will be posted online.<br />
<br />
In order to succeed, you need to come to class. Things will be discussed, and you need to be present.<br />
<br />
* Grading Criteria<br />
** Midterm 20%<br />
** Final 30%<br />
** Participation 10%<br />
** Experiences 20%<br />
** Assignments (4) 20%<br />
<br />
The midterm and final will basically be short answer, possibly with some essay questions.<br />
<br />
The assignments will be in the style of the midterm and final, and will let you know how prepared you are for the exams. 2 assignments before the midterm and 2 after the midterm.<br />
<br />
Participation – being present, taking notes for the class, raising your hand, discussing things (not purely in class, also there will be a slack instance). <br />
<br />
If for some reason participation will be a problem for you, email the professor now to work it out)<br />
<br />
Experiences – in 2 portions reading and tools<br />
<br />
Reading – submit a reading response. Make a diligent effort to understand the reading before coming to class. Not a summary. What was your interaction with the reading?<br />
<br />
Tools – Computer Systems Security is fundamentally an applied field. It is tied to tools. Applied learning is important. Some exercises will be provided, but other things you will come across yourself (ie try to set up a firewall, or play around with iptables, you don’t have to succeed). Write a tool response. Plan on sitting down a couple of times and doing some hacking. It is important to get your hands dirty. To start, pick something that you can handle, and maybe ramp it up as the term goes along.<br />
<br />
Assignments will be submitted through CULearn.<br />
<br />
== The material covered today: ==<br />
In the news recently: Meltdown and Spectre security flaws<br />
<br />
Meltdown in the Intel version, Spectre is the more general version.<br />
<br />
Basically every modern CPU that has high performance is affected<br />
<br />
Problem with processor design.<br />
<br />
Design strategy used to increase performance in modern processors allows for information leakage.<br />
<br />
Software programs and processes don't trust each other (and they shouldn't), but this flaw means that the barriers between them aren't fixed, you can read across them.<br />
<br />
It is a timing attack. The basis of timing attacks is that the time to compute depends on the data that you are computing. By knowing how long something takes to compute, you can figure out what is being computed. <br />
<br />
There was previously a well known timing attack on public key encryption, which was solved by responding to all requests in the same constant time.<br />
<br />
Meltdown and Spectre exploit branch predictors (ie, the processor speculates at which branch of the code will be run next and “runs ahead”. If it predicts correctly, there is a performance advantage). However, flaws were found that enabled kernel memory to be read, or a virtual machine to read data from another virtual machine running on the same processor. This particularly affects cloud computing.<br />
<br />
These types of flaws come because no one was thinking about the design from a security point of view. <br />
<br />
System Security is difficult. Attackers find flaws, defenders try to fix them. This happens in real systems, with enormous complexity. Theoretically we can design perfectly secure systems, but attackers will keep finding flaws. This game, as it is today, is weighted towards attackers. Rebalancing the game would require radical ideas.<br />
<br />
=== A (noncomprehensive) list of some security tools and methods: ===<br />
*The purpose of this list is to show what a vast area computer security is, not making a list of everything that will be covered.<br />
**Firewalls<br />
**Antivirus/Antimalware<br />
**Network monitoring/NIDS<br />
**Reverse engineering.<br />
**Cryptography (encryption/digital signing) (for system security, encryption is a tool of last resort)<br />
**Air gaps<br />
**Social Engineering<br />
**(D)DoS<br />
**White list<br />
**Black list<br />
**One way info-gate<br />
**Virtual machines<br />
**Encapsulation<br />
**Virtual memory<br />
**Formal verification<br />
**Randomization (ASLR)<br />
**Passwords<br />
**Captchas<br />
**Biometrics<br />
**Location monitoring<br />
**Mandatory access control (ie SELinux, very inconvenient)<br />
**Discretionary access control (traditional Unix, Windows…)<br />
**Automatic memory management (garbage collection)<br />
**Static analysis<br />
**Dynamic analysis<br />
<br />
Security can affect just about any area of computer science. If there I a branch that doesn’t appear to be affected by security, someone just hasn’t thought about it for long enough.<br />
<br />
This course isn’t about a specific tool or method, although many will be touched on. Primarily, we want to look at how to think about problems so that you see security issues. What can I do as an attacker? What can I do as a defender.<br />
<br />
There are always benefits and costs to any security decision, By strengthening security in one way, you can weaken it in another.<br />
<br />
For example, if you can’t risk lockouts and downtime, having passwords could cause problems.<br />
<br />
If you make usability too difficult, users can find ways to bypass your security measures. Security is always a secondary concern. The primary concerns of users are the tasks that they are using the computer systems to complete.<br />
<br />
The most secure system is one that is off, in a locked room in a secure facility. However, that system is also completely useless.<br />
<br />
Even if you do not become a computer security professional, you will design systems and make decisions that have security implications.<br />
<br />
=== Reverse Engineering ===<br />
Picked from the list at random to discuss<br />
<br />
*What is it?<br />
**Normal engineering process would be Design -> code -> system.<br />
**Reverse engineering is reversing that process. Looking at the system to figure out the code and the design. <br />
<br />
*Who?<br />
**Attackers<br />
***analyzing defenses<br />
****If you can figure out how it works, then you can find weaknesses and exploit them.<br />
You become an expert safecracker by learning about safes. In order to find flaws in systems you must have a deep knowledge of those systems. What an attacker wishes to attack he must master, and by finding the flaw, the attacker '''proves his knowledge'''. It is like solving a puzzle. That is what drives the people developing these attacks. The negative impacts are often secondary.<br />
<br />
**Defenders<br />
***Analyze defenses like attackers<br />
***Analyze attacks <br />
****(ie, figure out what a botnet does and how it works)<br />
****Botnet – illegal cloud computing.<br />
<br />
=== DRM – Digital Rights Management ===<br />
*People have been using reverse engineering crack DRM since DRM was released<br />
*Interesting thing about DRM – it works to protect the content from the legitimate user that you want to have the content. <br />
*Most secure current DRM- iOS. It is currently very difficult to crack (or “jailbreak”). In fact, it may even be “effectively unbreakable” because the cost and time involved in breaking it isn’t worth it.<br />
*Jailbreaking iOS used to be very popular, as it allowed users to use their iPhones in ways that Apple didn’t allow. However, it would also negatively impact the security of the device. <br />
*The jailbreak community showed Apple where the security flaws in their devices were found. Apple could then fix the flaws. The community would find new flaws, and Apple would fix them.<br />
*This evolution or “trial by fire” is the only way that security gets strong. No theoretical security can be trusted until it has had people try to crack it.<br />
<br />
Today, attacks get put into usable software and distributed quickly. They spread fast.<br />
<br />
Nation-states pay lost of people to reverse engineer systems and find the security holes. They do it in secret, but they can’t keep secrets, so the attacks they create get leaked.<br />
<br />
The code of much modern malware that is causing problems has been written by <br />
nation-states.<br />
<br />
We cannot make any system perfectly secure, but we don’t build systems under that assumption. We build systems that store large amounts of important data (how much data does Facebook have? Google? Governments?). We assume that we can do this securely, but we can’t.</div>Nilofarhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=SystemsSec_2018W_Lecture_1&diff=21408SystemsSec 2018W Lecture 12018-01-16T02:11:37Z<p>Nilofar: </p>
<hr />
<div>= Notes =<br />
Class 1, January 8<br />
<br />
== About the course: ==<br />
Lectures will not be posted online.<br />
<br />
Notes will be posted online.<br />
<br />
In order to succeed, you need to come to class. Things will be discussed, and you need to be present.<br />
<br />
* Grading Criteria<br />
** Midterm 20%<br />
** Final 30%<br />
** Participation 10%<br />
** Experiences 20%<br />
** Assignments (4) 20%<br />
<br />
The midterm and final will basically be short answer, possibly with some essay questions.<br />
<br />
The assignments will be in the style of the midterm and final, and will let you know how prepared you are for the exams. 2 assignments before the midterm and 2 after the final.<br />
<br />
Participation – being present, taking notes for the class, raising your hand, discussing things (not purely in class, also there will be a slack instance). <br />
<br />
If for some reason participation will be a problem for you, email the professor now to work it out)<br />
<br />
Experiences – in 2 portions reading and tools<br />
<br />
Reading – submit a reading response. Make a diligent effort to understand the reading before coming to class. Not a summary. What was your interaction with the reading?<br />
<br />
Tools – Computer Systems Security is fundamentally an applied field. It is tied to tools. Applied learning is important. Some exercises will be provided, but other things you will come across yourself (ie try to set up a firewall, or play around with iptables, you don’t have to succeed). Write a tool response. Plan on sitting down a couple of times and doing some hacking. It is important to get your hands dirty. To start, pick something that you can handle, and maybe ramp it up as the term goes along.<br />
<br />
Assignments will be submitted through CULearn.<br />
<br />
== The material covered today: ==<br />
In the news recently: Meltdown and Spectre security flaws<br />
<br />
Meltdown in the Intel version, Spectre is the more general version.<br />
<br />
Basically every modern CPU that has high performance is affected<br />
<br />
Problem with processor design.<br />
<br />
Design strategy used to increase performance in modern processors allows for information leakage.<br />
<br />
Software programs and processes don't trust each other (and they shouldn't), but this flaw means that the barriers between them aren't fixed, you can read across them.<br />
<br />
It is a timing attack. The basis of timing attacks is that the time to compute depends on the data that you are computing. By knowing how long something takes to compute, you can figure out what is being computed. <br />
<br />
There was previously a well known timing attack on public key encryption, which was solved by responding to all requests in the same constant time.<br />
<br />
Meltdown and Spectre exploit branch predictors (ie, the processor speculates at which branch of the code will be run next and “runs ahead”. If it predicts correctly, there is a performance advantage). However, flaws were found that enabled kernel memory to be read, or a virtual machine to read data from another virtual machine running on the same processor. This particularly affects cloud computing.<br />
<br />
These types of flaws come because no one was thinking about the design from a security point of view. <br />
<br />
System Security is difficult. Attackers find flaws, defenders try to fix them. This happens in real systems, with enormous complexity. Theoretically we can design perfectly secure systems, but attackers will keep finding flaws. This game, as it is today, is weighted towards attackers. Rebalancing the game would require radical ideas.<br />
<br />
=== A (noncomprehensive) list of some security tools and methods: ===<br />
*The purpose of this list is to show what a vast area computer security is, not making a list of everything that will be covered.<br />
**Firewalls<br />
**Antivirus/Antimalware<br />
**Network monitoring/NIDS<br />
**Reverse engineering.<br />
**Cryptography (encryption/digital signing) (for system security, encryption is a tool of last resort)<br />
**Air gaps<br />
**Social Engineering<br />
**(D)DoS<br />
**White list<br />
**Black list<br />
**One way info-gate<br />
**Virtual machines<br />
**Encapsulation<br />
**Virtual memory<br />
**Formal verification<br />
**Randomization (ASLR)<br />
**Passwords<br />
**Captchas<br />
**Biometrics<br />
**Location monitoring<br />
**Mandatory access control (ie SELinux, very inconvenient)<br />
**Discretionary access control (traditional Unix, Windows…)<br />
**Automatic memory management (garbage collection)<br />
**Static analysis<br />
**Dynamic analysis<br />
<br />
Security can affect just about any area of computer science. If there I a branch that doesn’t appear to be affected by security, someone just hasn’t thought about it for long enough.<br />
<br />
This course isn’t about a specific tool or method, although many will be touched on. Primarily, we want to look at how to think about problems so that you see security issues. What can I do as an attacker? What can I do as a defender.<br />
<br />
There are always benefits and costs to any security decision, By strengthening security in one way, you can weaken it in another.<br />
<br />
For example, if you can’t risk lockouts and downtime, having passwords could cause problems.<br />
<br />
If you make usability too difficult, users can find ways to bypass your security measures. Security is always a secondary concern. The primary concerns of users are the tasks that they are using the computer systems to complete.<br />
<br />
The most secure system is one that is off, in a locked room in a secure facility. However, that system is also completely useless.<br />
<br />
Even if you do not become a computer security professional, you will design systems and make decisions that have security implications.<br />
<br />
=== Reverse Engineering ===<br />
Picked from the list at random to discuss<br />
<br />
*What is it?<br />
**Normal engineering process would be Design -> code -> system.<br />
**Reverse engineering is reversing that process. Looking at the system to figure out the code and the design. <br />
<br />
*Who?<br />
**Attackers<br />
***analyzing defenses<br />
****If you can figure out how it works, then you can find weaknesses and exploit them.<br />
You become an expert safecracker by learning about safes. In order to find flaws in systems you must have a deep knowledge of those systems. What an attacker wishes to attack he must master, and by finding the flaw, the attacker '''proves his knowledge'''. It is like solving a puzzle. That is what drives the people developing these attacks. The negative impacts are often secondary.<br />
<br />
**Defenders<br />
***Analyze defenses like attackers<br />
***Analyze attacks <br />
****(ie, figure out what a botnet does and how it works)<br />
****Botnet – illegal cloud computing.<br />
<br />
=== DRM – Digital Rights Management ===<br />
*People have been using reverse engineering crack DRM since DRM was released<br />
*Interesting thing about DRM – it works to protect the content from the legitimate user that you want to have the content. <br />
*Most secure current DRM- iOS. It is currently very difficult to crack (or “jailbreak”). In fact, it may even be “effectively unbreakable” because the cost and time involved in breaking it isn’t worth it.<br />
*Jailbreaking iOS used to be very popular, as it allowed users to use their iPhones in ways that Apple didn’t allow. However, it would also negatively impact the security of the device. <br />
*The jailbreak community showed Apple where the security flaws in their devices were found. Apple could then fix the flaws. The community would find new flaws, and Apple would fix them.<br />
*This evolution or “trial by fire” is the only way that security gets strong. No theoretical security can be trusted until it has had people try to crack it.<br />
<br />
Today, attacks get put into usable software and distributed quickly. They spread fast.<br />
<br />
Nation-states pay lost of people to reverse engineer systems and find the security holes. They do it in secret, but they can’t keep secrets, so the attacks they create get leaked.<br />
<br />
The code of much modern malware that is causing problems has been written by <br />
nation-states.<br />
<br />
We cannot make any system perfectly secure, but we don’t build systems under that assumption. We build systems that store large amounts of important data (how much data does Facebook have? Google? Governments?). We assume that we can do this securely, but we can’t.</div>Nilofarhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=SystemsSec_2018W_Lecture_1&diff=21407SystemsSec 2018W Lecture 12018-01-16T02:10:58Z<p>Nilofar: </p>
<hr />
<div>= Notes =<br />
Class 1, January 8<br />
<br />
== About the course: ==<br />
Lectures will not be posted online.<br />
<br />
Notes will be posted online.<br />
<br />
In order to succeed, you need to come to class. Things will be discussed, and you need to be present.<br />
<br />
* Grading Criteria<br />
** Midterm 20%<br />
** Final 30%<br />
** Participation 10%<br />
** Experiences 20%<br />
** Assignments (4) 20%<br />
<br />
The midterm and final will basically be short answer, possibly with some essay questions.<br />
<br />
The assignments will be in the style of the midterm and final, and will let you know how prepared you are for the exams. 2 assignments before the midterm and 2 after the midterm.<br />
<br />
Participation – being present, taking notes for the class, raising your hand, discussing things (not purely in class, also there will be a slack instance). <br />
<br />
If for some reason participation will be a problem for you, email the professor now to work it out)<br />
<br />
Experiences – in 2 portions reading and tools<br />
<br />
Reading – submit a reading response. Make a diligent effort to understand the reading before coming to class. Not a summary. What was your interaction with the reading?<br />
<br />
Tools – Computer Systems Security is fundamentally an applied field. It is tied to tools. Applied learning is important. Some exercises will be provided, but other things you will come across yourself (ie try to set up a firewall, or play around with iptables, you don’t have to succeed). Write a tool response. Plan on sitting down a couple of times and doing some hacking. It is important to get your hands dirty. To start, pick something that you can handle, and maybe ramp it up as the term goes along.<br />
<br />
Assignments will be submitted through CULearn.<br />
<br />
== The material covered today: ==<br />
In the news recently: Meltdown and Spectre security flaws<br />
<br />
Meltdown in the Intel version, Spectre is the more general version.<br />
<br />
Basically every modern CPU that has high performance is affected<br />
<br />
Problem with processor design.<br />
<br />
Design strategy used to increase performance in modern processors allows for information leakage.<br />
<br />
Software programs and processes don't trust each other (and they shouldn't), but this flaw means that the barriers between them aren't fixed, you can read across them.<br />
<br />
It is a timing attack. The basis of timing attacks is that the time to compute depends on the data that you are computing. By knowing how long something takes to compute, you can figure out what is being computed. <br />
<br />
There was previously a well known timing attack on public key encryption, which was solved by responding to all requests in the same constant time.<br />
<br />
Meltdown and Spectre exploit branch predictors (ie, the processor speculates at which branch of the code will be run next and “runs ahead”. If it predicts correctly, there is a performance advantage). However, flaws were found that enabled kernel memory to be read, or a virtual machine to read data from another virtual machine running on the same processor. This particularly affects cloud computing.<br />
<br />
These types of flaws come because no one was thinking about the design from a security point of view. <br />
<br />
System Security is difficult. Attackers find flaws, defenders try to fix them. This happens in real systems, with enormous complexity. Theoretically we can design perfectly secure systems, but attackers will keep finding flaws. This game, as it is today, is weighted towards attackers. Rebalancing the game would require radical ideas.<br />
<br />
=== A (noncomprehensive) list of some security tools and methods: ===<br />
*The purpose of this list is to show what a vast area computer security is, not making a list of everything that will be covered.<br />
**Firewalls<br />
**Antivirus/Antimalware<br />
**Network monitoring/NIDS<br />
**Reverse engineering.<br />
**Cryptography (encryption/digital signing) (for system security, encryption is a tool of last resort)<br />
**Air gaps<br />
**Social Engineering<br />
**(D)DoS<br />
**White list<br />
**Black list<br />
**One way info-gate<br />
**Virtual machines<br />
**Encapsulation<br />
**Virtual memory<br />
**Formal verification<br />
**Randomization (ASLR)<br />
**Passwords<br />
**Captchas<br />
**Biometrics<br />
**Location monitoring<br />
**Mandatory access control (ie SELinux, very inconvenient)<br />
**Discretionary access control (traditional Unix, Windows…)<br />
**Automatic memory management (garbage collection)<br />
**Static analysis<br />
**Dynamic analysis<br />
<br />
Security can affect just about any area of computer science. If there I a branch that doesn’t appear to be affected by security, someone just hasn’t thought about it for long enough.<br />
<br />
This course isn’t about a specific tool or method, although many will be touched on. Primarily, we want to look at how to think about problems so that you see security issues. What can I do as an attacker? What can I do as a defender.<br />
<br />
There are always benefits and costs to any security decision, By strengthening security in one way, you can weaken it in another.<br />
<br />
For example, if you can’t risk lockouts and downtime, having passwords could cause problems.<br />
<br />
If you make usability too difficult, users can find ways to bypass your security measures. Security is always a secondary concern. The primary concerns of users are the tasks that they are using the computer systems to complete.<br />
<br />
The most secure system is one that is off, in a locked room in a secure facility. However, that system is also completely useless.<br />
<br />
Even if you do not become a computer security professional, you will design systems and make decisions that have security implications.<br />
<br />
=== Reverse Engineering ===<br />
Picked from the list at random to discuss<br />
<br />
*What is it?<br />
**Normal engineering process would be Design -> code -> system.<br />
**Reverse engineering is reversing that process. Looking at the system to figure out the code and the design. <br />
<br />
*Who?<br />
**Attackers<br />
***analyzing defenses<br />
****If you can figure out how it works, then you can find weaknesses and exploit them.<br />
You become an expert safecracker by learning about safes. In order to find flaws in systems you must have a deep knowledge of those systems. What an attacker wishes to attack he must master, and by finding the flaw, the attacker '''proves his knowledge'''. It is like solving a puzzle. That is what drives the people developing these attacks. The negative impacts are often secondary.<br />
<br />
**Defenders<br />
***Analyze defenses like attackers<br />
***Analyze attacks <br />
****(ie, figure out what a botnet does and how it works)<br />
****Botnet – illegal cloud computing.<br />
<br />
=== DRM – Digital Rights Management ===<br />
*People have been using reverse engineering crack DRM since DRM was released<br />
*Interesting thing about DRM – it works to protect the content from the legitimate user that you want to have the content. <br />
*Most secure current DRM- iOS. It is currently very difficult to crack (or “jailbreak”). In fact, it may even be “effectively unbreakable” because the cost and time involved in breaking it isn’t worth it.<br />
*Jailbreaking iOS used to be very popular, as it allowed users to use their iPhones in ways that Apple didn’t allow. However, it would also negatively impact the security of the device. <br />
*The jailbreak community showed Apple where the security flaws in their devices were found. Apple could then fix the flaws. The community would find new flaws, and Apple would fix them.<br />
*This evolution or “trial by fire” is the only way that security gets strong. No theoretical security can be trusted until it has had people try to crack it.<br />
<br />
Today, attacks get put into usable software and distributed quickly. They spread fast.<br />
<br />
Nation-states pay lost of people to reverse engineer systems and find the security holes. They do it in secret, but they can’t keep secrets, so the attacks they create get leaked.<br />
<br />
The code of much modern malware that is causing problems has been written by <br />
nation-states.<br />
<br />
We cannot make any system perfectly secure, but we don’t build systems under that assumption. We build systems that store large amounts of important data (how much data does Facebook have? Google? Governments?). We assume that we can do this securely, but we can’t.</div>Nilofar