SystemsSec 2018W Lecture 3

From Soma-notes

Notes

Class 3, January 15

1st Era (Time Sharing Systems)

Computing originated from cracking codes during WWII and initial computer security came from physical security measures put in place to limit physical access to the machine.

Mainframes
Large, powerful computers. Early models of which implemented no implicit security. It was based on access to the system.
Batch Processing: Processing written programs in batches. Programs were written offline then queued to be ran one after the other.
Programmers didn't actually interact with the computer, the code went through Operators.
Switched to time sharing which allowed many users to access the same machine concurrently through multiple terminals.

Eventually people started wanting more time and resources with the computer and this caused the organization (HR) to start creating policy to manage the mainframe. Creating these policies lead to the computer getting the power to say 'No' to operations, which is the early creation of software based access control.

Access control
Users, Groups
Permissions
ACLs (Access control list)

However the number of people with knowledge about these systems was limited and all of them could easily circumvent the policy.

2nd Era (Personal Computers)

Computers for personal use. Peer to peer file sharing (via floppy disks, etc...).

The era of personal computers introduced copy protection and piracy as files could now be shared among peers and copied onto their own computer.

Copy protection
any effort designed to prevent the reproduction of software, films, music, and other media, usually for copyright reasons.
essentially telling a personal computer not to do what it was made to do.
Piracy
the unauthorized use or reproduction of another's work.


Sharing software from unknown sources allowed for "malicious" programs to spread. The invention of computer viruses and therefore anti-virus software.

3rd Era (Networking)

Computers are now interconnected, attacks are possible through the internet. See Morris Worm

More complicated security measures necessary. From an attackers perspective: find exploits, infect systems. From a defenders perspective: find exploits before they're used, patch them, or patch exploits after they're used.

"The internet today is a result of evolution."

Unix Directory System

    • Labels for processes, files, directories, read/write/execute permissions.
      • Users: UID
      • Groups: GID
  • Designed for multi-user systems. Works for single user systems as some processes require more permissions than others. Still in place due to legacy systems. Is considered robust due to evolution.

Military The military and intelligence organizations cared about security from the beginning. Developed their own systems to enforce classification levels. Was convoluted and is no longer in use.

E1 results

     9 Firewall
     8 Windows Defender
     5 Windows Firewall
     5 https
     5 Google Authenticator
     4 SSL
     4 Passwords
     3 VPN
     3 uBlock Origin
     3 SSH
     3 KeePass
     3 firewall
     3 Cryptography
     3 Antivirus
     3 2FA
     2 Wireshark
     2 vpn
     2 Virtual Machines
     2 Valve Anti Cheat
     2 traceroute
     2 password
     2 OpenVPN
     2 netstat
     2 Netcat
     2 md5sum
     2 Malwarebytes Anti-Malware
     2 Malwarebytes
     2 HTTPS
     2 Filevault
     2 encryption
     2 Anti-virus
     2 antivirus
     2 access control