SystemsSec 2016W Lecture 19
Data Compression
• Compression and encryption can mess with each other • People can reconstruct VoIP depending on how it was compressed
Reading: Data Compression In Network Services
• Our paper was talking about “zip bombs” and they are everywhere o Compressed archive is trivial to send to a server, but it is computationally demanding on the receiving server to process o The decompression ties up resources o Can be used against an anti-virus, scan a zip file which decompresses and fills up memory so much it crashes o Attack uses lots of spaces, repeat the same data over and over o How do you make a zip bomb, without blowing yourself up? - Hand craft it or you only have to do it once and can then send it multiple times (do hard work once VS server must do it multiple times). • Did they report every piece of software they tested? o They did web, chat, and email (IMAP), but not SMTP...? o Probably because the results of SMTP wouldn't be interesting. - SMTP have spam filters and AV, so they could be vulnerable. - But email has been under attack for so long that email servers have been hardened over the years because of constant attacks. • DOS hasn't been used on the web as much because it is usually easy to counter thanks to the service providers. • Wasn't crazy scientific did not quantify the issue and the potential damage that could be done. o Instead just affirmed there was an issue. o Paper was published because the issue was not well recognised. Was published last August... • Denial of Service o Web servers - Web servers are under attack all the time. There are many resources and tools on how to mitigate DOS attacks against a web server. - How do you stop your web server from dying when web traffic gets a spike? • Use a content distribution network to mirror your content. Good for static content. Works okay for dynamic content. • If you are offering a service you have to build it to scale properly so it can run new instances to deal with the load. o Chat server - Chat server goes down. You can just use another one. o IMAP (private email server) - IMAP is attacked. You can't access email on that specific email client. • Compression is just one way to do DOS, there are many more. o Amplification attacks: Send packet to a public server that then sends multiple to a specific target. o Create Multiple Connection: In a SYN flood attack we send SYN packets to a TCP server to tie up resources by creating excessive connections. o etc... • This paper is really about resource management. o Right way to defend against this is to limit resources appropriately.
Reading: Thermal Covert Channels
• Not about attacking a system, but about exfiltrating data o IP over thermometers • Covert Channel: data stream that people do not know about • Why do we worry about these? o Data is either escaping or entering without our knowing. o Covert channels that people care about are usually ones that go through something that shouldn't be possible or channels that have high bandwidth. o How big is it? How much data can you pass through it? - ~12 bits per second • Why is this paper interesting? o The cloud o If processes share the same core, it is possible to get information from another process just from sharing that core o Temperature patterns can leak hash data o Get secret key from another machine through the temperature of a shared core o To keep secrecy put each machine on its own core • How usable is this threat? o ~12 bits per second o In the cloud, if it is CPU intensive than it is hard to use, however the machines don't usually do CPU intensive tasks all the time o Is a real covert channel, but not very useful right now for an attack o Very hard to get a secret key using this o In the future with higher resolution thermal sensors, the attack may be much more practical o Most people should not worry about this sort of attack. There are so many other ways that an attacker can compromise you.
IPhone case
• The FBI dropped the case, the excuse they gave was that they did not need their help and had another way to do it • A lot of people were against Apple in the polls. o A large amount of the population do not know the importance of encryption o Do not understand that a backdoor can both be abused by the government and other attackers • In Paris attacks there was no encryption used, they used burner phones instead