SystemsSec 2018W Lecture 7: Difference between revisions

From Soma-notes
Calvin (talk | contribs)
Calvin (talk | contribs)
Line 5: Line 5:
==Notes==
==Notes==


- You want cryptography whenever your rival can mess with bits.
- You want cryptography whenever your rival can mess with bits. i.e see, modify, etc.
i.e see, modify, etc.
 
 
- If you're talking about an isolated device, i.e single terminal for one person.
- If you're talking about an isolated device, i.e single terminal for one person.
what does crypto do for you? almost nothing. (ex: what if someone steals the system? if they mess with hardware?)
what does crypto do for you? almost nothing. (ex: what if someone steals the system? if they mess with hardware?)


- TLS, SSH most common protocols nowadays for detection.
- TLS, SSH most common protocols nowadays for detection.
- #1 Rule: Never do your own crypto, including implementation.
- #1 Rule: Never do your own crypto, including implementation.
- Most common use case on an individual system: file/file-systems encryption
- Most common use case on an individual system: file/file-systems encryption
- You can encrypt a file and send it, but if you have to send it, someone has to do something on the reciever side to decrypt it.
- You can encrypt a file and send it, but if you have to send it, someone has to do something on the reciever side to decrypt it.






Trusted Software (DRM): DRM: Digital Rights Management
**Trusted Software (DRM): DRM: Digital Rights Management**


- Almsot no scope for confidentiality, meant mostly for preventing messing with bits.
- Almsot no scope for confidentiality, meant mostly for preventing messing with bits.
- Trusted Boot:
- Trusted Boot:
- TPM: Trusted Platform Model, this is the portion of a chip that is meant to hold secrets and can do computations without giving away info.
- TPM: Trusted Platform Model, this is the portion of a chip that is meant to hold secrets and can do computations without giving away info.
As long as TPM is safe, all data is safe.
As long as TPM is safe, all data is safe.
- An attacker must do 1 of 3 things if they want data access: break TPM, break the crypto, or get the keys.
- An attacker must do 1 of 3 things if they want data access: break TPM, break the crypto, or get the keys.
- Arguably, getting the keys might be the easiest, even for a company like Apple or Microsoft (Trick one of the human(s) with the keys).
- Arguably, getting the keys might be the easiest, even for a company like Apple or Microsoft (Trick one of the human(s) with the keys).
- MalwareBytes: 2 bad updates, essentially acting as a dedicated denial of service. This is a breach of trust.
- MalwareBytes: 2 bad updates, essentially acting as a dedicated denial of service. This is a breach of trust.


- How did MS sign my boot order even though I have linux? Because they're allowed to.
- How did MS sign my boot order even though I have linux? Because they're allowed to.
- The reason you can't have linux on an Apple device is because of trusted boot;  
 
to startup linux, you would have to break the boot order, which would trigger security precautions.
- The reason you can't have linux on an Apple device is because of trusted boot; to startup linux, you would have to break the boot order, which would trigger security precautions. But, get the keys, and you could probably do it.
But, get the keys, and you could probably do it.

Revision as of 05:54, 31 January 2018

Audio

Lecture 7 Audio

Notes

- You want cryptography whenever your rival can mess with bits. i.e see, modify, etc.


- If you're talking about an isolated device, i.e single terminal for one person. what does crypto do for you? almost nothing. (ex: what if someone steals the system? if they mess with hardware?)

- TLS, SSH most common protocols nowadays for detection.

- #1 Rule: Never do your own crypto, including implementation.

- Most common use case on an individual system: file/file-systems encryption

- You can encrypt a file and send it, but if you have to send it, someone has to do something on the reciever side to decrypt it.


    • Trusted Software (DRM): DRM: Digital Rights Management**

- Almsot no scope for confidentiality, meant mostly for preventing messing with bits.

- Trusted Boot:

- TPM: Trusted Platform Model, this is the portion of a chip that is meant to hold secrets and can do computations without giving away info.

As long as TPM is safe, all data is safe.


- An attacker must do 1 of 3 things if they want data access: break TPM, break the crypto, or get the keys.

- Arguably, getting the keys might be the easiest, even for a company like Apple or Microsoft (Trick one of the human(s) with the keys).

- MalwareBytes: 2 bad updates, essentially acting as a dedicated denial of service. This is a breach of trust.


- How did MS sign my boot order even though I have linux? Because they're allowed to.

- The reason you can't have linux on an Apple device is because of trusted boot; to startup linux, you would have to break the boot order, which would trigger security precautions. But, get the keys, and you could probably do it.