diff -r e722f4ba54de -r 24bbe4e4b37b slides/slides10.tex --- a/slides/slides10.tex Thu Nov 29 02:38:24 2018 +0000 +++ b/slides/slides10.tex Tue Dec 04 00:33:26 2018 +0000 @@ -59,205 +59,12 @@ \end{frame} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -\mode{ -\begin{frame}[c] - -\large\bf -Using a compiler, \\how can you mount the\\ perfect attack against a system? - -\end{frame}} -%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% - -%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -\mode{ -\begin{frame}[c] - -{\large\bf -What is a \alert{perfect} attack?}\bigskip - -\begin{enumerate} -\item you can potentially completely take over a target system -\item your attack is (nearly) undetectable -\item the victim has (almost) no chance to recover -\end{enumerate} - -\end{frame}} -%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% - -%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -\mode{ -\begin{frame}[c] - - - \begin{center} - \begin{tikzpicture}[scale=1] - - \onslide<1->{ - \node (A) at (0,0) [draw=black, rectangle, very thick, minimum height=18mm, minimum width=17mm] {}; - \node [below right] at (A.north west) {\footnotesize\begin{tabular}{@{}l@{}} - \only<1,2>{clean}\only<3->{\alert{hacked}}\\compiler\end{tabular}};} - - - \onslide<2->{ - \node (B) at (-2,2) [draw=black, rectangle, very thick, minimum height=10mm, minimum width=12mm] {}; - \node [below right] at (B.north west) {\footnotesize\begin{tabular}{@{}l@{}}login\\(src)\end{tabular}}; - - \node (C) at (2,2) [draw=black, rectangle, very thick, minimum height=10mm, minimum width=12mm] {}; - \node [below right] at (C.north west) {\footnotesize\begin{tabular}{@{}l@{}}login\\(bin)\end{tabular}}; - - \draw[->, line width=2mm] (B) -- (C); - } - - \onslide<3->{\node [above left=-1.5mm] at (C.south east) {\footnotesize \alert{$\blacksquare$}};} - - \end{tikzpicture} - \end{center} - -\end{frame}} -%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% - - -%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -\mode{ -\begin{frame}[c] - - \begin{center} - \begin{tikzpicture}[scale=1] - - \onslide<1->{ - \node (A) at (0,0) [draw=black, rectangle, very thick, minimum height=18mm, minimum width=14mm] {}; - \node [below right] at (A.north west) {\small V0.01}; - \node [below right] (A1) at (A.south west) {\small Scala}; - \node [below right] (A1) at (A1.south west) {\small\textcolor{gray}{host language}}; - \node [above right] at (A.north west) {my compiler (src)};} - - \onslide<2->{ - \node (B) at (1.8,0) [draw=black, rectangle, very thick, minimum height=18mm, minimum width=14mm] {}; - \node [below right] at (B.north west) {\small V0.02}; - \node [below right] at (B.south west) {\small Scala}; - \node at (3,0) {\ldots}; - - \node (C) at (5,0) [draw=black, rectangle, very thick, minimum height=18mm, minimum width=14mm] {}; - \node [below right] at (C.north west) {\small V1.00}; - \node [below right] at (C.south west) {\small Scala};} - - \onslide<3->{ - \node (D) at (6.8,0) [draw=black, rectangle, very thick, minimum height=18mm, minimum width=14mm] {}; - \node [below right] at (D.north west) {\small V1.00}; - - \node (E) at (6.8,2) [draw=black, rectangle, very thick, minimum height=18mm, minimum width=14mm] {}; - \node [below right] at (E.north west) {\small V1.01};} - - \onslide<4->{ - \node (F) at (8.6,0) [draw=black, rectangle, very thick, minimum height=18mm, minimum width=14mm] {}; - \node [below right] at (F.north west) {\small V1.01}; - - \node (G) at (8.6,2) [draw=black, rectangle, very thick, minimum height=18mm, minimum width=14mm] {}; - \node [below right] at (G.north west) {\small V1.02}; - \node at (9.8,0) {\ldots}; - \node at (9.8,2) {\ldots}; - \node at (8,-2) {\textcolor{gray}{\begin{tabular}{@{}l@{}}no host language\\needed\end{tabular}}}; - } - - \end{tikzpicture} - \end{center} - -\end{frame}} -%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% - - - %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% - \mode{ - \begin{frame}<1-3> - \frametitle{\LARGE\begin{tabular}{c}Hacking Compilers - \end{tabular}} - - %Why is it so paramount to have a small trusted code base (TCB)? - \bigskip\bigskip - - \begin{columns} - \begin{column}{2.7cm} - \begin{minipage}{2.5cm}% - \begin{tabular}{c@ {}} - \includegraphics[scale=0.2]{../pics/ken-thompson.jpg}\\[-1.8mm] - \footnotesize Ken Thompson\\[-1.8mm] - \footnotesize Turing Award, 1983\\ - \end{tabular} - \end{minipage} - \end{column} - \begin{column}{9cm} - \begin{tabular}{l@ {\hspace{1mm}}p{8cm}} - - & Ken Thompson showed how to hide a Trojan Horse in a - compiler \textcolor{red}{without} leaving any traces in the source code.\\[2mm] - - & No amount of source level verification will protect - you from such Thompson-hacks.\\[2mm] - - \end{tabular} - \end{column} - \end{columns} - - \only<2>{ - \begin{textblock}{6}(4,2) - \begin{tikzpicture} - \draw (0,0) node[inner sep=3mm,fill=cream, ultra thick, draw=red, rounded corners=2mm] - {\normalsize - \begin{minipage}{8cm} - \begin{quote} - \includegraphics[scale=0.05]{../pics/evil.png} - \begin{enumerate} - \item[1)] Assume you ship the compiler as binary and also with sources. - \item[2)] Make the compiler aware when it compiles itself. - \item[3)] Add the Trojan horse. - \item[4)] Compile. - \item[5)] Delete Trojan horse from the sources of the compiler. - \item[6)] Go on holiday for the rest of your life. ;o)\\[-7mm]\mbox{} - \end{enumerate} - \end{quote} - \end{minipage}}; - \end{tikzpicture} - \end{textblock}} - - \end{frame}} - %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% - -%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -\begin{frame}[c] -\frametitle{Compilers \& Boeings 777} - -First flight in 1994. They want to achieve triple redundancy in hardware -faults.\bigskip - -They compile 1 Ada program to\medskip - -\begin{itemize} -\item Intel 80486 -\item Motorola 68040 (old Macintosh's) -\item AMD 29050 (RISC chips used often in laser printers) -\end{itemize}\medskip - -using 3 independent compilers.\bigskip\pause - -\small Airbus uses C and static analysers. Recently started using CompCert. - -\end{frame} -%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \begin{frame}[c] -{\Large\bf -How many strings are in \bl{$L(a^*)$}?}\bigskip\pause - -\normalsize -\begin{center} -\begin{tabular}{llllll} - \bl{$[]$} & \bl{$a$} & \bl{$aa$} & \bl{$aaa$} & \bl{$aaaa$} & \ldots\\ - \bl{0} & \bl{1} & \bl{2} & \bl{3} & \bl{4} & \ldots -\end{tabular} -\end{center} + \Large\bf Are there more strings in \bf{$L(a^*)$} or + \bf{$L((a + b)^*)$}? \end{frame} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%