SystemsSec 2018W Lecture 3
Notes
Class 3, January 12
1st Era (Time Sharing)
Computing originated from cracking codes during WWII.
Initial computer security came from physical security. Security measures were put in place to limit physical access.
- Mainframes
- Large, powerful computers. Early models of which implemented no implicit security. It was based on access to the system.
- Batch Processing
- Processing written programs in batches. Programs were written offline then queued to be ran one after the other.
- Time Sharing
- An environment option for Mainframes. They allowed many users to access the same machine concurrently.
This caused a need for computer systems security. Policies were developed (more organizational policies than strict security), early creation of software based access control.
- Access control
- Users, Groups
- Permissions
- ACLs (Access control list)
2nd Era (Personal Computers)
Computers for personal use. Peer to peer file sharing (via floppy disks, etc...).
The era of personal computers introduced copy protection and piracy as files could now be shared among peers and copied onto their own computer.
- Copy protection
- any effort designed to prevent the reproduction of software, films, music, and other media, usually for copyright reasons.
- essentially telling a personal computer not to do what it was made to do.
- Piracy
- the unauthorized use or reproduction of another's work.
Sharing software from unknown sources allowed for "malicious" programs to spread. The invention of computer viruses and therefore anti-virus software.
3rd Era (Networking)
Computers are now interconnected, attacks are possible through the internet. See Morris Worm
More complicated security measures necessary. From an attackers perspective: find exploits, infect systems. From a defenders perspective: find exploits before they're used, patch them, or patch exploits after they're used.
"The internet today is a result of evolution."
Unix Directory System
- Labels for processes, files, directories, read/write/execute permissions.
- Users: UID
- Groups: GID
- Labels for processes, files, directories, read/write/execute permissions.
- Designed for multi-user systems. Works for single user systems as some processes require more permissions than others. Still in place due to legacy systems. Is considered robust due to evolution.
Military The military and intelligence organizations cared about security from the beginning. Developed their own systems to enforce classification levels. Was convoluted and is no longer in use.
E1 results
9 Firewall 8 Windows Defender 5 Windows Firewall 5 https 5 Google Authenticator 4 SSL 4 Passwords 3 VPN 3 uBlock Origin 3 SSH 3 KeePass 3 firewall 3 Cryptography 3 Antivirus 3 2FA 2 Wireshark 2 vpn 2 Virtual Machines 2 Valve Anti Cheat 2 traceroute 2 password 2 OpenVPN 2 netstat 2 Netcat 2 md5sum 2 Malwarebytes Anti-Malware 2 Malwarebytes 2 HTTPS 2 Filevault 2 encryption 2 Anti-virus 2 antivirus 2 access control