SystemsSec 2018W Lecture 7: Difference between revisions
(3 intermediate revisions by the same user not shown) | |||
Line 5: | Line 5: | ||
==Notes== | ==Notes== | ||
- You want cryptography whenever your rival can mess with bits. | - You want cryptography whenever your rival can mess with bits. i.e see, modify, etc. | ||
- If you're talking about an isolated device, i.e single terminal for one person. | - If you're talking about an isolated device, i.e single terminal for one person. | ||
what does crypto do for you? almost nothing. (ex: what if someone steals the system? if they mess with hardware?) | what does crypto do for you? almost nothing. (ex: what if someone steals the system? if they mess with hardware?) | ||
- TLS, SSH most common protocols nowadays for detection. | - TLS, SSH most common protocols nowadays for detection. | ||
- #1 Rule: Never do your own crypto, including implementation. | |||
'''- #1 Rule: Never do your own crypto, including implementation.''' | |||
- Most common use case on an individual system: file/file-systems encryption | - Most common use case on an individual system: file/file-systems encryption | ||
- You can encrypt a file and send it, but if you have to send it, someone has to do something on the reciever side to decrypt it. | - You can encrypt a file and send it, but if you have to send it, someone has to do something on the reciever side to decrypt it. | ||
== Trusted Software (DRM): DRM: Digital Rights Management == | |||
- Almsot no scope for confidentiality, meant mostly for preventing messing with bits. | |||
- Trusted Boot: | - Trusted Boot: | ||
== TPM: Trusted Platform Model == | |||
- This is the portion of a chip that is meant to hold secrets and can do computations without giving away info. | |||
As long as TPM is safe, all data is safe. | As long as TPM is safe, all data is safe. | ||
- An attacker must do 1 of 3 things if they want data access: break TPM, break the crypto, or get the keys. | - An attacker must do 1 of 3 things if they want data access: break TPM, break the crypto, or get the keys. | ||
- Arguably, getting the keys might be the easiest, even for a company like Apple or Microsoft (Trick one of the human(s) with the keys). | - Arguably, getting the keys might be the easiest, even for a company like Apple or Microsoft (Trick one of the human(s) with the keys). | ||
- MalwareBytes: 2 bad updates, essentially acting as a dedicated denial of service. This is a breach of trust. | - MalwareBytes: 2 bad updates, essentially acting as a dedicated denial of service. This is a breach of trust. | ||
- How did MS sign my boot order even though I have linux? Because they're allowed to. | - How did MS sign my boot order even though I have linux? Because they're allowed to. | ||
- The reason you can't have linux on an Apple device is because of trusted boot; | |||
- The reason you can't have linux on an Apple device is because of trusted boot; to startup linux, you would have to break the boot order, which would trigger security precautions. But, get the keys, and you could probably do it. | |||
Latest revision as of 05:56, 31 January 2018
Audio
Notes
- You want cryptography whenever your rival can mess with bits. i.e see, modify, etc.
- If you're talking about an isolated device, i.e single terminal for one person.
what does crypto do for you? almost nothing. (ex: what if someone steals the system? if they mess with hardware?)
- TLS, SSH most common protocols nowadays for detection.
- #1 Rule: Never do your own crypto, including implementation.
- Most common use case on an individual system: file/file-systems encryption
- You can encrypt a file and send it, but if you have to send it, someone has to do something on the reciever side to decrypt it.
Trusted Software (DRM): DRM: Digital Rights Management
- Almsot no scope for confidentiality, meant mostly for preventing messing with bits.
- Trusted Boot:
TPM: Trusted Platform Model
- This is the portion of a chip that is meant to hold secrets and can do computations without giving away info.
As long as TPM is safe, all data is safe.
- An attacker must do 1 of 3 things if they want data access: break TPM, break the crypto, or get the keys.
- Arguably, getting the keys might be the easiest, even for a company like Apple or Microsoft (Trick one of the human(s) with the keys).
- MalwareBytes: 2 bad updates, essentially acting as a dedicated denial of service. This is a breach of trust.
- How did MS sign my boot order even though I have linux? Because they're allowed to.
- The reason you can't have linux on an Apple device is because of trusted boot; to startup linux, you would have to break the boot order, which would trigger security precautions. But, get the keys, and you could probably do it.