SystemsSec 2018W Lecture 3
Notes
Class 3, January 15
1st Era (Time Sharing Systems)
Computing originated from cracking codes during WWII and initial computer security came from physical security measures put in place to limit physical access to the machine.
- Mainframes
- Large, powerful computers. Early models of which implemented no implicit security. It was based on access to the system.
- Batch Processing: Processing written programs in batches. Programs were written offline then queued to be ran one after the other.
- Programmers didn't actually interact with the computer, the code went through Operators.
- Switched to time sharing which allowed many users to access the same machine concurrently through multiple terminals.
Eventually people started wanting more time and resources with the computer and this caused the organization (HR) to start creating policy to manage the mainframe. Creating these policies lead to the computer getting the power to say 'No' to operations, which is the early creation of software based access control.
- Access control
- Users, Groups
- Permissions
- ACLs (Access control list)
However the number of people with knowledge about these systems was limited and all of them could easily circumvent the policy.
2nd Era (Personal Computers)
Computers for personal use. Peer to peer file sharing (via floppy disks, etc...). This era of personal computers is all about copy protection and piracy as files could now be shared among peers and copied onto their own computer.
- Copy protection
- any effort designed to prevent the reproduction of software, films, music, and other media, usually for copyright reasons.
- essentially telling a personal computer not to do what it was made to do.
- Piracy
- the unauthorized use or reproduction of another's work.
Mostly driven by people's desire to share games with their friends, the widespread sharing of software from unknown sources allowed for "malicious" programs to spread. When you introduce networking you get the invention of computer viruses (malicious software) and anti-virus software (added policy to protect resources).
3rd Era (Networking)
Computers are now interconnected, attacks are possible through the internet. See Morris Worm
More complicated security measures necessary. From an attackers perspective: find exploits, infect systems. From a defenders perspective: find exploits before they're used, patch them, or patch exploits after they're used.
"The internet today is a result of evolution."
Unix Directory System
- Labels for processes, files, directories, read/write/execute permissions.
- Users: UID
- Groups: GID
- Labels for processes, files, directories, read/write/execute permissions.
- Designed for multi-user systems. Works for single user systems as some processes require more permissions than others. Still in place due to legacy systems. Is considered robust due to evolution.
Military The military and intelligence organizations cared about security from the beginning. Developed their own systems to enforce classification levels. Was convoluted and is no longer in use.
E1 results
9 Firewall 8 Windows Defender 5 Windows Firewall 5 https 5 Google Authenticator 4 SSL 4 Passwords 3 VPN 3 uBlock Origin 3 SSH 3 KeePass 3 firewall 3 Cryptography 3 Antivirus 3 2FA 2 Wireshark 2 vpn 2 Virtual Machines 2 Valve Anti Cheat 2 traceroute 2 password 2 OpenVPN 2 netstat 2 Netcat 2 md5sum 2 Malwarebytes Anti-Malware 2 Malwarebytes 2 HTTPS 2 Filevault 2 encryption 2 Anti-virus 2 antivirus 2 access control