72 slides1 of 104 My Dad's Computer My Dad’s Computer, Microsoft, and the Future of Internet Security Bill Cheswick

Slides:



Advertisements
Similar presentations
Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)
Advertisements

Keep Your PC Safe (Windows 7, Vista or XP) Nora Lucke 02/05/2012 Documents - security.
Internet Online Safety How to have FUN and Stay in Control.
1 of 111 Cybersecurity Summit 2004 Some Thoughts on Network and Computer Security in an Academic Environment Bill Cheswick Lumeta Corp.
Upgrading Software CIT 1100 Chapter4.
What you don’t know CAN hurt you!
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
72 slides1 of 119 My Dad's Computer My Dad’s Computer, Microsoft, and the Future of Internet Security Bill Cheswick
'08 Rabat Why are we using FreeBSD? Scaleable Services Workshop AfNOG 2008 Rabat, Morocco slides by Hervey Allen presented by Joe Abley.
System Security Scanning and Discovery Chapter 14.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
1 of 137Internet Mapping, Columbia. 137 slides Clear and Present Dangers Bill Cheswick Lumeta Corp.
Web Security A how to guide on Keeping your Website Safe. By: Robert Black.
Class on Security Raghu. Current state of Security Cracks appear all the time Band Aid solutions Applications are not designed properly OS designs are.
Exam ● On May 15, at 10:30am in this room ● Two hour exam ● Open Notes ● Will mostly cover material since Exam 2 ● No, You may not take it early.
1 The Information School of the University of Washington Nov 17fit spyware © 2006 University of Washington The Dark Side of the Internet INFO/CSE.
Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.
1 Security and Software Engineering Steven M. Bellovin AT&T Labs – Research
SM3121 Software Technology Mark Green School of Creative Media.
E-Safety Quiz Keeping safe online! A guide for parents & children.
81 slides 40 Years of Internet Arms Races… Bill Cheswick
KEEP YOUR COMPUTE SAFE AND HOW TO FIX IT 1. OBJECTIVE Keep your computer safe. -Not about spam, phishing or browser hijacks Designed for the non-geek.
Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.
Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Stuart Cunningham - Computer Platforms COMPUTER PLATFORMS Computer & Network Security & User Support & Training Week 11.
Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
1 ITSK 2611 Welcome. 2 Operating System 3 What is an OS Resource Manager –Disk –Memory –CPU Device Manager –Printers –Video Card –Sound Card Utility.
Staying Safe Online Keep your Information Secure.
Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.
Securing Your Home Computer Securing Your Home Computer Jay Ferron ADMT, CISM, CISSP, MCDBA, MCSE, MCT, NSA-IAM.
CIS 460 – Network Design Seminar Network Security Scanner Tool GFI LANguard.
Module 1 Introduction to UNIX/Linux
Honeypot and Intrusion Detection System
A computer virus is a computer program that can replicate itself and spread from one computer to another. The term "virus" is also commonly, but erroneously.
1 CHAPTER 2 LAWS OF SECURITY. 2 What Are the Laws of Security Client side security doesn’t work Client side security doesn’t work You can’t exchange encryption.
Security at NCAR David Mitchell February 20th, 2007.
Lecture 16 Page 1 Advanced Network Security Perimeter Defense in Networks: Virtual Private Networks Advanced Network Security Peter Reiher August, 2014.
72 slides TBA Emergency Holographic Speaker. 72 slides My Dad’s Computer, Microsoft, and the Future of Internet Security Bill Cheswick
Lecture 1 Page 1 CS 239, Fall 2010 Distributed Denial of Service Attacks and Defenses CS 239 Advanced Topics in Computer Security Peter Reiher September.
Viruses Hackers Backups Stuxnet Portfolio Computer viruses are small programs or scripts that can negatively affect the health of your computer. A.
Intermediate 2 Software Development Process. Software You should already know that any computer system is made up of hardware and software. The term hardware.
Lecture 12 Page 1 CS 236 Online Virtual Private Networks VPNs What if your company has more than one office? And they’re far apart? –Like on opposite coasts.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
Lecture 12 Page 1 CS 236, Spring 2008 Virtual Private Networks VPNs What if your company has more than one office? And they’re far apart? –Like on opposite.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Kamran Didcote.
Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003.
Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?
NetTech Solutions Protecting the Computer Lesson 10.
Introduction to UNIX CS 2204 Class meeting 1 *Notes by Doug Bowman and other members of the CS faculty at Virginia Tech. Copyright
Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.
Role Of Network IDS in Network Perimeter Defense.
By Kyle Bickel.  Securing a host computer is making sure that your computer is secure when it’s connected to the internet  This be done by several protective.
Computer Security Sample security policy Dr Alexei Vernitski.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
Lecture 12 Page 1 CS 136, Spring 2009 Network Security: Firewalls CS 136 Computer Security Peter Reiher May 12, 2009.
Lecture 9 Page 1 CS 236 Online Firewalls What is a firewall? A machine to protect a network from malicious external attacks Typically a machine that sits.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Instructor Materials Chapter 7 Network Security
Popular Operating System Chapter 8
Wireless Network Security
Password Management Limit login attempts Encrypt your passwords
Virtual Private Networks
My Dad’s Computer, Microsoft, and the Future of Internet Security
Implementing Client Security on Windows 2000 and Windows XP Level 150
Test 3 review FTP & Cybersecurity
Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Presentation transcript:

72 slides1 of 104 My Dad's Computer My Dad’s Computer, Microsoft, and the Future of Internet Security Bill Cheswick

72 slides2 of 104 My Dad's Computer My Dad’s computer Skinny-dipping with Microsoft

3 of 104 My Dad's Computer

4 of 104 My Dad's Computer Case study: My Dad’s computer Windows XP, plenty of horsepower, two screens Applications: – (Outlook) – “Bridge:” a fancy stock market monitoring system – AIM

5 of 104 My Dad's Computer Case study: My Dad’s computer Cable access dynamic IP address no NAT no firewall outdated virus software no spyware checker

6 of 104 My Dad's Computer This computer was a software toxic waste dump It was burning a liter of oil every 500 km The popups seemed darned distracting to me

72 slides7 of 104 My Dad's Computer Botnets

8 of 104 My Dad's Computer Botnets: hoards of “owned” computers Machines subjugated by worms, viruses, or direct attacks A single botnet may have 10,000 slaves and one master The “owner” of an “owned” host want to keep others out – Some worms and viruses actually patch their entry points, after installing back doors

9 of 104 My Dad's Computer Uses for botnets Spam relays DDOS packet sources IP laundering stepping stones Web servers for phishing Criminals and terrorists have used these tools to raise money

10 of 104 My Dad's Computer Today’s botnet prices (Stefan Savage) Spam forwarding bots: 3-10 cents per week – Lower if multiplexed access – Reputation counts – No C&C over the bots or botnet

11 of 104 My Dad's Computer Today’s botnet prices (Rob Thomas) Botnets-to-order, fast connection bots: >= $1 per bot Windows-based bots on varied connections, including dialup: 10 cents/host Governmental special orders (you name the countries) up to $40 per bot Sometimes broadband bots are traded for a Gig-Ethernet-connected compromised Sun.

12 of 104 My Dad's Computer My Dad’s computer: what the repair geek found Everything “Viruses I’ve never heard off” – Not surprising: there are 200 new ones each day Constant popups Frequent blasts of multiple web pages, mostly obscene

13 of 104 My Dad's Computer Dad’s computer: how did he get in this mess? He doesn’t know what the popup security messages mean -borne viruses Unsecured network services Executable code in web pages from unworthy sites

14 of 104 My Dad's Computer He is getting his work done Dad: “why do I care? I am getting my work done” Didn’t want a system administrator to mess up his user interface settings “Dad, hire an administrator to come check weekly.” “Not worth it?” Truly destructive attacks are rare – They aren’t lucrative or much fun – They are self-limiting

15 of 104 My Dad's Computer Recently An alien G-rated screen saver for an X-rated site appeared Changing the screen saver worked! The screen saver software removed in the correct way! Still, this should never have happened

16 of 104 My Dad's Computer More Recently Windows XP installed, with firewall What is the state of his computer now? – owned

17 of 104 My Dad's Computer This software mess is an extremely common problem

72 slides18 of 104 My Dad's Computer Skinny Dipping on the Internet

19 of 104 My Dad's Computer Angst and the Morris Worm Did the worm get past my firewall? No. Why? – Partly smart design – Partly luck…removing fingerd Peace of mind comes from staying out of the battle altogether

20 of 104 My Dad's Computer I’ve been skinny dipping on the Internet for years FreeBSD and Linux hosts Very few, very hardened network services Single-user hosts Dangerous services placed in sandboxes No known break-ins No angst

72 slides21 of 104 My Dad's Computer “You’ve got to get out of the game” -Fred Grampp

22 of 104 My Dad's Computer “Best block is not be there” - Mr. Miyagi (Pat Morita) Karate Kid

23 of 104 My Dad's Computer Secure computing requirements Secure client Secure communications Secure server client server comm

24 of 104 My Dad's Computer Secure client You don’t have that You probably can’t have that It would be expensive and inconvenient if you do have it

25 of 104 My Dad's Computer Secure communications Got it! We won the crypto wars In June 2003, NSA said that a properly implemented and vetted version of AES is suitable for Type 1 cryptography! Ssh is not perfect, but it is holding up pretty well

26 of 104 My Dad's Computer Secure servers Potentially do-able You must mistrust all clients, even with strong authentication!

27 of 104 My Dad's Computer “Unix is an administrative nightmare.” -- Dennis Ritchie

28 of 104 My Dad's Computer “GUIs don’t fix Unix’s administrative nightmare.” -- me

72 slides29 of 104 My Dad's Computer Rate a Unix systems host security? find / -perm user root -print | wc -l

30 of 104 My Dad's Computer /bin/rcp /sbin/ping /sbin/ping6 /sbin/shutdown /usr/X11R6/bin/Xwrapper /usr/X11R6/bin/xterm /usr/X11R6/bin/Xwrapper-4 /usr/bin/keyinfo /usr/bin/keyinit /usr/bin/lock /usr/bin/crontab /usr/bin/opieinfo /usr/bin/opiepasswd /usr/bin/rlogin /usr/bin/quota /usr/bin/rsh /usr/bin/su /usr/bin/lpq /usr/bin/lpr /usr/bin/lprm /usr/bin/chpass /usr/bin/login /usr/bin/passwd /usr/bin/at /usr/bin/ypchsh /usr/bin/ypchfn /usr/bin/ypchpass /usr/bin/chsh /usr/bin/chfn /usr/bin/yppasswd /usr/bin/batch /usr/bin/atrm /usr/bin/atq /usr/local/bin/screen /usr/local/bin/sudo /usr/local/bin/lppasswd /usr/sbin/mrinfo /usr/sbin/mtrace /usr/sbin/ppp /usr/sbin/pppd /usr/sbin/sliplogin /usr/sbin/timedc /usr/sbin/traceroute /usr/sbin/traceroute6 44

72 slides31 of 104 My Dad's Computer Remove the ones I never use You should never be vulnerable to the weaknesses of a feature you do not use. -- Microsoft security goal

32 of 104 My Dad's Computer /bin/rcp /sbin/ping /sbin/ping6 /sbin/shutdown /usr/X11R6/bin/Xwrapper /usr/X11R6/bin/xterm /usr/X11R6/bin/Xwrapper-4 /usr/bin/keyinfo /usr/bin/keyinit /usr/bin/lock /usr/bin/crontab /usr/bin/opieinfo /usr/bin/opiepasswd /usr/bin/rlogin /usr/bin/quota /usr/bin/rsh /usr/bin/su /usr/bin/lpq /usr/bin/lpr /usr/bin/lprm /usr/bin/chpass /usr/bin/login /usr/bin/passwd /usr/bin/at /usr/bin/ypchsh /usr/bin/ypchfn /usr/bin/ypchpass /usr/bin/chsh /usr/bin/chfn /usr/bin/yppasswd /usr/bin/batch /usr/bin/atrm /usr/bin/atq /usr/local/bin/screen /usr/local/bin/sudo /usr/local/bin/lppasswd /usr/sbin/mrinfo /usr/sbin/mtrace /usr/sbin/ppp /usr/sbin/pppd /usr/sbin/sliplogin /usr/sbin/timedc /usr/sbin/traceroute /usr/sbin/traceroute6

33 of 104 My Dad's Computer /sbin/ping /sbin/ping6 /usr/X11R6/bin/xterm /usr/X11R6/bin/Xwrapper-4 /usr/bin/crontab /usr/bin/su /usr/bin/lpq /usr/bin/lpr /usr/bin/lprm /usr/bin/login /usr/bin/passwd /usr/bin/at /usr/bin/chsh /usr/bin/atrm /usr/bin/atq /usr/local/bin/sudo /usr/sbin/traceroute /usr/sbin/traceroute6

72 slides34 of 104 My Dad's Computer Some should not need root, or shouldn’t be setuid Least privilege

35 of 104 My Dad's Computer /sbin/ping /sbin/ping6 /usr/X11R6/bin/xterm /usr/X11R6/bin/Xwrapper-4 /usr/bin/crontab /usr/bin/su /usr/bin/lpq /usr/bin/lpr /usr/bin/lprm /usr/bin/login /usr/bin/passwd /usr/bin/at /usr/bin/chsh /usr/bin/atrm /usr/bin/atq /usr/local/bin/sudo /usr/sbin/traceroute /usr/sbin/traceroute6

36 of 104 My Dad's Computer /usr/X11R6/bin/Xwrapper-4 /usr/bin/su /usr/bin/passwd /usr/bin/chsh /usr/local/bin/sudo

37 of 104 My Dad's Computer AIX 4.2 & 242 & a staggering number \\ BSD/OS 3.0 & 78\\ FreeBSD 4.3 & 42 & someone's guard machine\\ FreeBSD 4.3 & 47 & 2 appear to be third-party\\ FreeBSD 4.5 & 43 & see text for closer analysis \\ HPUX A & 227 & about half may be special for this host \\ Linux (Mandrake 8.1) & 39 & 3 appear to be third-party \\ Linux (Red Hat ) & 39 & 2 third-party programs \\ Linux (Red Hat ) & 31 & 2 third-party programs\\ Linux (Red Hat 5.0) & 59\\ Linux (Red Hat 6.0) & 38 & 2--4 third-party \\ Linux & 26 & approved distribution for one university \\ Linux & 47 \\ Linux 7.2 & 42\\ NCR Intel 4.0v3.0 & 113 & 34 may be special to this host \\ NetBSD 1.6 & 35 \\ SGI Irix 5.3 & 83 \\ SGI Irix 5.3 & 102 \\ Sinux 5.42c1002 & 60 & 2 third-party programs\\ Sun Solaris 5.4 & 52 & 6 third-party programs\\ Sun Solaris 5.6 & 74 & 11 third-party programs\\ Sun Solaris 5.8 & 70 & 6 third-party programs\\ Sun Solaris 5.8 & 82 & 6 third-party programs\\ Tru64 4.0r878 & 72 & \\ Setuid-root

72 slides38 of 104 My Dad's Computer Can my Dad (and millions like him) get out of the game?

72 slides39 of 104 My Dad's Computer Arms Race Games Viruses and malware

40 of 104 My Dad's Computer Virus arms race Early on, detectors used viral signatures Virus encryption and recompilation (!) has thwarted this Virus detectors now simulate the code, looking for signature actions Virus writers now detect emulation and behave differently Virus emulators are slowing down, even with Moore’s Law.

41 of 104 My Dad's Computer Virus arms race I suspect that virus writers are going to win the detection battle, if they haven’t already – Emulation may become too slow – Even though we have the home-field advantage – Will we know if an undetectable virus is released? Best defense is to get out of the game. – Don’t run portable programs, or – Improve our sandbox technology People who really care about this worry about Ken Thompson’s attack – Read and understand “On Trusting Trust”

42 of 104 My Dad's Computer Getting out of the virus game Don’t execute roving programs of unknown provenance Trusted Computing can fix the problem, in theory

72 slides43 of 104 My Dad's Computer Arms Race Games Password sniffing and cracking

44 of 104 My Dad's Computer Password sniffing and cracking arms race Ethernet has always been sniffable WiFi is the new Ethernet

45 of 104 My Dad's Computer Password sniffing and cracking arms race Password cracking works 3% to 60% of the time using offline dictionary attacks – More, if the hashing is misdesigned (c.f. Microsoft) This will never get better, so… We have to get out of the game

46 of 104 My Dad's Computer Password sniffing and cracking arms race This battle is mostly won, thanks to SSL, IP/SEC, and VPNs. There are many successful businesses using these techniques nicely. Current clear text services: – SNMP – POP3 – AIM

47 of 104 My Dad's Computer Password sniffing is not a problem for Dad SSL fixes most of it AIM is interceptible – Fixable…will it be?

48 of 104 My Dad's Computer Authentication/Identification Arms races Password/PIN selection vs. cracking Human-chosen passwords and PINs can be ok if guessing is limited, and obvious choices are suppressed Password cracking is getting better, thanks to Moore’s Law and perhaps even botnets

72 slides49 of 104 My Dad's Computer It is poor engineering to rely on the security savvy of the user base

50 of 104 My Dad's Computer

51 of 104 My Dad's Computer Users are not going to pick passwords that are resistant to dictionary attacks. Period. Either don’t let them pick passwords – Inconvenient for the users – Not a panacea (see below) Or don’t give the bad guys a chance to run dictionary attacks---get out of the game – That means passwords are validated on the server, not the client – Ssh agent keys get this wrong – Bank ATM cards get this right

52 of 104 My Dad's Computer Don’t let users pick passwords Machine can choose them. Then they get written down and/or forgotten. Not good, though post-it passwords don’t involve the usual threat models. Bad idea. – Password aging is a bad idea. Good passwords are hard to think up and remember Use multifactor authentication, i.e. hardware tokens or one-time passwords

53 of 104 My Dad's Computer Hardware tokens It would be nice if the server end is open source The business model has never been one for global adoption Challenge/response form factor is the safest, but not accepted

54 of 104 My Dad's Computer One-Time-Passwords are not perfect I installed these at Bell Labs in the early 1990s “We never had an undetected break-in” – me “Yes, you did.” – Steve Branigan

72 slides55 of 104 My Dad's Computer Arms Race Games User deception

56 of 104 My Dad's Computer User education vs. user deception Phishing, spam offers, etc. We will continue losing this one Even experts sometimes don’t understand the ramifications of choices they are offered

57 of 104 My Dad's Computer Authentication arms race: predictions USA needs two factor authentication for social security number. (Something better than MMN or birth date.) I don’t see this improving much, but a global USB dongle would do it Don’t wait for world-wide PKI.

72 slides58 of 104 My Dad's Computer Arms Race Games Hardware destruction

59 of 104 My Dad's Computer Arms race (sort of) hardware destruction IBM monochrome monitor Some more recent monitors – Current ones? Hard drives? Beat the heads up? EEPROM write limits – Viral attack on.cn and.kr PC motherboards – Other equipment Anything that requires a hardware on-site service call

60 of 104 My Dad's Computer Arms race (sort of) hardware destruction Rendering the firmware useless – This can be fixed (mostly) with a secure trusted computing base.

72 slides61 of 104 My Dad's Computer Arms Race Games The bug release/software update race

62 of 104 My Dad's Computer Software upgrade race: literally a race Patches are analyzed to determine the weakness Patch-to-exploit time is now down below 10 hours – NB: spammers have incentive to do this work Now the good guys are trying to obfuscate code! Future difficult to say: dark side obscures everything.

63 of 104 My Dad's Computer Arms Races: simulation/emulation Jails – Cliff Stoll and SDInet Honeypots – Honeynet – honeyd The deception toolkit---Fred Cohen

72 slides64 of 104 My Dad's Computer Microsoft client security It has been getting worse: can they skinny-dip safely?

72 slides65 of 104 My Dad's Computer Rate a computer’s network security? netstat –an | wc -l

66 of 104 My Dad's Computer Windows ME Active Connections - Win ME Proto Local Address Foreign Address State TCP : :0 LISTENING TCP : :0 LISTENING UDP :1025 *:* UDP :1026 *:* UDP :31337 *:* UDP :162 *:* UDP :137 *:* UDP :138 *:*

67 of 104 My Dad's Computer Windows 2000 Proto Local Address Foreign Address State TCP : :0 LISTENING TCP : :0 LISTENING TCP : :0 LISTENING TCP : :0 LISTENING TCP : :0 LISTENING TCP : :0 LISTENING TCP : :0 LISTENING TCP : :0 LISTENING TCP : :0 LISTENING UDP :445 *:* UDP :1038 *:* UDP :6514 *:* UDP :6515 *:* UDP :1108 *:* UDP :500 *:* UDP :4500 *:*

68 of 104 My Dad's Computer Windows XP: this laptop, pre- SP2 Proto Local Address Foreign Address State TCP ches-pc:epmap ches-pc:0 LISTENING TCP ches-pc:microsoft-ds ches-pc:0 LISTENING TCP ches-pc:1025 ches-pc:0 LISTENING TCP ches-pc:1036 ches-pc:0 LISTENING TCP ches-pc:3115 ches-pc:0 LISTENING TCP ches-pc:3118 ches-pc:0 LISTENING TCP ches-pc:3470 ches-pc:0 LISTENING TCP ches-pc:3477 ches-pc:0 LISTENING TCP ches-pc:5000 ches-pc:0 LISTENING TCP ches-pc:6515 ches-pc:0 LISTENING TCP ches-pc:netbios-ssn ches-pc:0 LISTENING TCP ches-pc:3001 ches-pc:0 LISTENING TCP ches-pc:3002 ches-pc:0 LISTENING TCP ches-pc:3003 ches-pc:0 LISTENING TCP ches-pc:5180 ches-pc:0 LISTENING UDP ches-pc:microsoft-ds *:* UDP ches-pc:isakmp *:* UDP ches-pc:1027 *:* UDP ches-pc:3008 *:* UDP ches-pc:3473 *:* UDP ches-pc:6514 *:* UDP ches-pc:6515 *:* UDP ches-pc:netbios-ns *:* UDP ches-pc:netbios-dgm *:* UDP ches-pc:1900 *:* UDP ches-pc:ntp *:* UDP ches-pc:1900 *:* UDP ches-pc:3471 *:*

69 of 104 My Dad's Computer FreeBSD partition, this laptop (getting out of the game) Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address tcp4 0 0 *.22 tcp6 0 0 *.22

72 slides70 of 104 My Dad's Computer It is easy to dump on Microsoft, but many others have made the same mistakes before

71 of 104 My Dad's Computer ftp stream tcp nowait root /v/gate/ftpd telnet stream tcp nowait root /usr/etc/telnetd shell stream tcp nowait root /usr/etc/rshd login stream tcp nowait root /usr/etc/rlogind exec stream tcp nowait root /usr/etc/rexecd finger stream tcp nowait guest /usr/etc/fingerd bootp dgram udp wait root /usr/etc/bootp tftp dgram udp wait guest /usr/etc/tftpd ntalk dgram udp wait root /usr/etc/talkd tcpmux stream tcp nowait root internal echo stream tcp nowait root internal discard stream tcp nowait root internal chargen stream tcp nowait root internal daytime stream tcp nowait root internal time stream tcp nowait root internal echo dgram udp wait root internal discard dgram udp wait root internal chargen dgram udp wait root internal daytime dgram udp wait root internal time dgram udp wait root internal sgi-dgl stream tcp nowait root/rcv dgld uucp stream tcp nowait root /usr/lib/uucp/uucpd Default services SGI workstation

72 of 104 My Dad's Computer More default services mountd/1 stream rpc/tcp wait/lc root rpc.mountd mountd/1 dgram rpc/udp wait/lc root rpc.mountd sgi_mountd/1 stream rpc/tcp wait/lc root rpc.mountd sgi_mountd/1 dgram rpc/udp wait/lc root rpc.mountd rstatd/1-3 dgram rpc/udp wait root rpc.rstatd walld/1 dgram rpc/udp wait root rpc.rwalld rusersd/1 dgram rpc/udp wait root rpc.rusersd rquotad/1 dgram rpc/udp wait root rpc.rquotad sprayd/1 dgram rpc/udp wait root rpc.sprayd bootparam/1 dgram rpc/udp wait root rpc.bootparamd sgi_videod/1 stream rpc/tcp wait root ?videod sgi_fam/1 stream rpc/tcp wait root ?fam sgi_snoopd/1 stream rpc/tcp wait root ?rpc.snoopd sgi_pcsd/1 dgram rpc/udp wait root ?cvpcsd sgi_pod/1 stream rpc/tcp wait root ?podd tcpmux/sgi_scanner stream tcp nowait root ?scan/net/scannerd tcpmux/sgi_printer stream tcp nowait root ?print/printerd 9fs stream tcp nowait root /v/bin/u9fs u9fs webproxy stream tcp nowait root /usr/local/etc/webserv

72 slides73 of 104 My Dad's Computer Firewalls and intranets try to get us out of the network services vulnerability game

72 slides74 of 104 My Dad's Computer What my dad, and many (most?) computer users really need

72 slides75 of 104 My Dad's Computer Most of my Dad’s problems are caused by weaknesses in features he never uses or needs.

72 slides76 of 104 My Dad's Computer A proposal: Windows OK

77 of 104 My Dad's Computer Windows OK Thin client implemented with Windows It would be fine for maybe half the Windows users – Students, consumers, many corporate and government users It would be reasonable to skinny dip with this client – Without firewall or virus checking software

78 of 104 My Dad's Computer Windows OK No network listeners – None of those services are needed, except admin access for centrally-administered hosts Default security settings All security controls in one or two places Security settings can be locked

79 of 104 My Dad's Computer Windows OK (cont) There should be nothing you can click on, in or a web page, that can hurt your computer – No portable programs are executed ever, except… ActiveX from approved parties – MSFT and one or two others. List is lockable

80 of 104 My Dad's Computer Windows OK Reduce privileges in servers and all programs Sandbox programs – Belt and suspenders

81 of 104 My Dad's Computer Office OK No macros in Word or PowerPoint. No executable code in PowerPoint files The only macros allowed in Excel perform arithmetic. They cannot create files, etc.

82 of 104 My Dad's Computer Vulnerabilities in OK Buffer overflows in processing of data (not from the network) Stop adding new features and focus on bug fixes Programmers can clean up bugs, if they don’t have a moving target – It converges, to some extent

72 slides83 of 104 My Dad's Computer Thin Clients What I am thinking about these days

72 slides84 of 104 My Dad's Computer XP SP2 Bill Gets It

85 of 104 My Dad's Computer Microsoft’s Augean Stables: a task for Hercules 3000 oxen, 30 years, that’s roughly one oxen-day per line of code in Windows It’s been getting worse since Windows 95

86 of 104 My Dad's Computer XP SP2: Bill gets it “a feature you don’t use should not be a security problem for you.” “Security by design” – Too late for that, its all retrofitting now “Security by default” – No network services on by default Security control panel – Many things missing from it – Speaker could not find ActiveX security settings There are a lot of details that remain to be seen.

87 of 104 My Dad's Computer Microsoft really means it about improving their security Their security commitment appears to be real It is a huge job Opposing forces are unclear to me It’s been a long time coming, and frustrating

88 of 104 My Dad's Computer Microsoft secure client arms race Microsoft might win, but it is going to be a while This endeavor has no parallel that I can think of

89 of 104 My Dad's Computer

90 of 104 My Dad's Computer Windows XP: this laptop, with SP 2

91 of 104 My Dad's Computer SP2 is just a start: more work is needed Security panel and ActiveX permissions – Also, list of trusted signers needed Still too many network services – They may not be reachable from outside the box Clicking may still be dangerous

92 of 104 My Dad's Computer SP2 isn’t going to be easy to deploy Many people rely on unsafe configurations, even if they don’t realize it Future SPs won’t be easy either, especially if they follow my advice It is a good sign that these installations are hard – Visiting the dentist after 20 years of neglect Company deployments have trouble with version skew

72 slides93 of 104 My Dad's Computer Other Solutions for my Dad, and others

94 of 104 My Dad's Computer Lindows/OpenOffice Tastes almost, but not quite, unlike tea. Lumeta’s choice…

72 slides95 of 104 My Dad's Computer Dad, buy a Mac

96 of 104 My Dad's Computer Are Macs safer than Windows? Clearly they are at present I assert they would be, even if Macintosh owned the market – Much cleaner software

97 of 104 My Dad's Computer Build an OS from scratch Not as hard as you might think “I couldn’t sleep this weekend, so I rewrote the TCP/IP stack” Plan 9 Various other research operating systems Has to keep up with current WinTel hardware – Centrino is a step backward for me

98 of 104 My Dad's Computer Build an OS from scratch Start from scratch, with audibility as the principal goal – Like the old A1 systems The goal might be to run IE with demonstrable safety

99 of 104 My Dad's Computer Software scales Linus can write a kernel Don Knuth can write a kernel – Or inetd. Or a TCP/IP stack… Profit is not necessarily required to obtain the software we need LinuxSE

100 of 104 My Dad's Computer Summary: we ought to win these battles We control the playing field DOS is the worse they can do, in theory We can replicate our successes We can converge on a secure-enough environment

101 of 104 My Dad's Computer These problems effect most other user classes, too My Dad’s model (the 3270 terminal) is not the only model for Internet security – Supercomputer centers have a different user and security models Multi-user environments are hard – There is a lot of assembly required

102 of 104 My Dad's Computer Conclusions We will lose the virus detection game We will win the virus prevention game We have mostly won the sniffing battle Internet security is already good enough for many consumer applications A fully-”owned” computer may still seem to be ok to the user – This is one of Milton Friedman’s “third party effects,” which he says is a valid target of government regulation

103 of 104 My Dad's Computer Conclusions We’ve actually gotten noticeably better at Internet security in the past decade – Strong encryption is easy and can be ubiquitous – Robust clients are increasingly possible – Much server software is stronger now – Microsoft is trying to clean up their act None of this is easy to explain to non- technical users

72 slides104 of 104 My Dad's Computer My Dad’s Computer, Microsoft, and the Future of Internet Security Bill Cheswick

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.