Operating Systems 2015F Lecture 22: Difference between revisions

From Soma-notes
Replaced content with "==Notes== * Explain generating, format of patches for reports"
 
Line 1: Line 1:
==Video==
The video for the lecture given on November 27, 2015 [http://homeostasis.scs.carleton.ca/~soma/os-2015f/lectures/comp3000-2015f-lec22-27Nov2015.mp4 is now available].
==Notes==
==Notes==


* Explain generating, format of patches for reports
<pre>
Lecture 22
----------
 
Project
- you need to pass the oral to get credit for it
- Due December 4th by midnight, late penalty is 20%/day
 
Patching
 
Malware detection & operating systems
 
* Most Linux systems don't run "antivirus"
* Most Macs don't run antivirus
* iOS devices don't
* some Android devices do
 
What does this tell us about those operating systems?
- not that much
- it is more about what exists today rather than what could exist
 
Ideally your OS should only allow you to run "good" code.
Antivirus is what you get when you are likely to run "bad" code.
 
How do operating systems keep out bad code?
* user authentication (accounts and passwords)
* otherwise, mostly isolation
  * user permissions (not all users can access all
    resources)
    ("users" are now often applications)
  * firewalls (isolate network connections to apps)
  * supervisor versus user mode on the CPU
    (kernel vs userspace)
  * memory protection (virtual memory)
  * CPU & I/O scheduling to prevent programs from
    monopolizing resources
 
* Desktop OSs assume installed applications can be trusted
  - they are allowed to do arbitrary damage
 
* Mobile OSs do not trust most applications, or greatly limit trust
 
Android
- applications can be trusted in different ways
- user can decide what apps are trustworthy for different
  things
  - users will look at an app's permissions and decide
    whether it is worthy of the trust level requested
- regular users are not sufficiently knowledgeable to make such trust decision
 
- every app runs as a different user.  Each app can only access its own files
- but, then we have processes that accept requests from apps to access just about anything else
 
* iOS sandboxing
  - OS-level virtualization: every app gets its own userspace
  - then iOS puts things in that "sandbox" that it deems
    safe to access
 
On Android, you've always been able to install keyboards
On iOS, only recently have keyboards been added
- and they can't be used for passwords
 
on iOS, Apple-supplied apps have always had more access
 
What is antivirus?
- downloader's remorse
- or, I really shouldn't have installed that
 
How does antivirus work?
- tech equivalent to criminal profiling
  - their history
  - their behavior
  - their friends
- profiling is fundamentally hard and limited
- profiling is especially hard because of lies
 
How do you catch the lies of programs?
- surveillance
 
all antivirus need kernel-level help to work
why can't malware have kernel-level help?
  - that's a kernel-level rootkit
 
Nexus (border control) for operating systems is...
- code signing
 
Code signing in any sort of "open context" is suspect
 
App store signing is not bad
 
Traditional OSs are for running "trusted" code
 
We have the technology for running untrusted code.
It is called a web browser.
</pre>

Latest revision as of 20:42, 27 November 2015

Video

The video for the lecture given on November 27, 2015 is now available.

Notes

Lecture 22
----------

Project
 - you need to pass the oral to get credit for it
 - Due December 4th by midnight, late penalty is 20%/day

Patching

Malware detection & operating systems

* Most Linux systems don't run "antivirus"
* Most Macs don't run antivirus
* iOS devices don't
* some Android devices do

What does this tell us about those operating systems?
 - not that much
 - it is more about what exists today rather than what could exist

Ideally your OS should only allow you to run "good" code.
Antivirus is what you get when you are likely to run "bad" code.

How do operating systems keep out bad code?
 * user authentication (accounts and passwords)
 * otherwise, mostly isolation
   * user permissions (not all users can access all
     resources)
     ("users" are now often applications)
   * firewalls (isolate network connections to apps)
   * supervisor versus user mode on the CPU
     (kernel vs userspace)
   * memory protection (virtual memory)
   * CPU & I/O scheduling to prevent programs from
     monopolizing resources

* Desktop OSs assume installed applications can be trusted
  - they are allowed to do arbitrary damage

* Mobile OSs do not trust most applications, or greatly limit trust

Android
 - applications can be trusted in different ways
 - user can decide what apps are trustworthy for different
   things
   - users will look at an app's permissions and decide
     whether it is worthy of the trust level requested
 - regular users are not sufficiently knowledgeable to make such trust decision

 - every app runs as a different user.  Each app can only access its own files
 - but, then we have processes that accept requests from apps to access just about anything else
 

* iOS sandboxing
  - OS-level virtualization: every app gets its own userspace
  - then iOS puts things in that "sandbox" that it deems
    safe to access

On Android, you've always been able to install keyboards
On iOS, only recently have keyboards been added
 - and they can't be used for passwords

on iOS, Apple-supplied apps have always had more access

What is antivirus?
 - downloader's remorse
 - or, I really shouldn't have installed that

How does antivirus work?
 - tech equivalent to criminal profiling
   - their history
   - their behavior
   - their friends
 - profiling is fundamentally hard and limited
 - profiling is especially hard because of lies

How do you catch the lies of programs?
 - surveillance

all antivirus need kernel-level help to work
why can't malware have kernel-level help?
  - that's a kernel-level rootkit

Nexus (border control) for operating systems is...
 - code signing

Code signing in any sort of "open context" is suspect

App store signing is not bad

Traditional OSs are for running "trusted" code

We have the technology for running untrusted code.
It is called a web browser.