sen-material: slides03.tex@10da75d5db5d (annotated)

28 10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	1	\documentclass[dvipsnames,14pt,t]{beamer}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	2	\usepackage{beamerthemeplainculight}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	3	\usepackage[T1]{fontenc}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	4	\usepackage[latin1]{inputenc}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	5	\usepackage{mathpartir}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	6	\usepackage[absolute,overlay]{textpos}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	7	\usepackage{ifthen}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	8	\usepackage{tikz}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	9	\usepackage{pgf}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	10	\usepackage{calc}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	11	\usepackage{ulem}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	12	\usepackage{courier}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	13	\usepackage{listings}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	14	\renewcommand{\uline}[1]{#1}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	15	\usetikzlibrary{arrows}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	16	\usetikzlibrary{automata}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	17	\usetikzlibrary{shapes}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	18	\usetikzlibrary{shadows}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	19	\usetikzlibrary{positioning}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	20	\usetikzlibrary{calc}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	21	\usepackage{graphicx}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	22
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	23	\definecolor{javared}{rgb}{0.6,0,0} % for strings
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	24	\definecolor{javagreen}{rgb}{0.25,0.5,0.35} % comments
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	25	\definecolor{javapurple}{rgb}{0.5,0,0.35} % keywords
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	26	\definecolor{javadocblue}{rgb}{0.25,0.35,0.75} % javadoc
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	27
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	28	\lstset{language=Java,
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	29	basicstyle=\ttfamily,
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	30	keywordstyle=\color{javapurple}\bfseries,
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	31	stringstyle=\color{javagreen},
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	32	commentstyle=\color{javagreen},
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	33	morecomment=[s][\color{javadocblue}]{/*}{/},
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	34	numbers=left,
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	35	numberstyle=\tiny\color{black},
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	36	stepnumber=1,
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	37	numbersep=10pt,
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	38	tabsize=2,
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	39	showspaces=false,
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	40	showstringspaces=false}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	41
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	42	\lstdefinelanguage{scala}{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	43	morekeywords={abstract,case,catch,class,def,%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	44	do,else,extends,false,final,finally,%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	45	for,if,implicit,import,match,mixin,%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	46	new,null,object,override,package,%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	47	private,protected,requires,return,sealed,%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	48	super,this,throw,trait,true,try,%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	49	type,val,var,while,with,yield},
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	50	otherkeywords={=>,<-,<\%,<:,>:,\#,@},
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	51	sensitive=true,
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	52	morecomment=[l]{//},
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	53	morecomment=[n]{/}{/},
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	54	morestring=[b]",
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	55	morestring=[b]',
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	56	morestring=[b]"""
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	57	}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	58
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	59	\lstset{language=Scala,
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	60	basicstyle=\ttfamily,
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	61	keywordstyle=\color{javapurple}\bfseries,
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	62	stringstyle=\color{javagreen},
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	63	commentstyle=\color{javagreen},
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	64	morecomment=[s][\color{javadocblue}]{/*}{/},
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	65	numbers=left,
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	66	numberstyle=\tiny\color{black},
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	67	stepnumber=1,
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	68	numbersep=10pt,
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	69	tabsize=2,
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	70	showspaces=false,
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	71	showstringspaces=false}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	72
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	73	% beamer stuff
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	74	\renewcommand{\slidecaption}{APP 02, King's College London, 9 October 2012}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	75
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	76
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	77	\begin{document}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	78
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	79	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	80	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	81	\begin{frame}<1>[t]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	82	\frametitle{%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	83	\begin{tabular}{@ {}c@ {}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	84	\\
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	85	\LARGE Access Control and \\[-3mm]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	86	\LARGE Privacy Policies (3)\\[-6mm]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	87	\end{tabular}}\bigskip\bigskip\bigskip
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	88
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	89	%\begin{center}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	90	%\includegraphics[scale=1.3]{pics/barrier.jpg}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	91	%\end{center}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	92
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	93	\normalsize
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	94	\begin{center}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	95	\begin{tabular}{ll}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	96	Email: & christian.urban at kcl.ac.uk\\
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	97	Of$\!$fice: & S1.27 (1st floor Strand Building)\\
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	98	Slides: & KEATS (also home work is there)
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	99	\end{tabular}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	100	\end{center}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	101
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	102
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	103	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	104	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	105
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	106	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	107	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	108	\begin{frame}[c]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	109
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	110	\begin{center}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	111	\includegraphics[scale=0.45]{pics/trainwreck.jpg}\\
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	112	one general defence mechanism is\\\alert{\bf defence in depth}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	113	\end{center}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	114
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	115
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	116	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	117	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	118
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	119	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	120	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	121	\begin{frame}<1-2>[c]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	122	\frametitle{Defence in Depth}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	123
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	124	\begin{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	125	\item \alt<1>{overlapping}{{\LARGE\bf overlapping}} systems designed to provide\\ security even if one of them fails.
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	126	\end{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	127
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	128
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	129	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	130	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	131
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	132	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	133	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	134	\begin{frame}[c]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	135	\frametitle{PALs}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	136
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	137	\begin{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	138	\item \alert{Permissive Action Links} prevent unauthorised use of nuclear weapons (so the theory)
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	139	\end{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	140
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	141	\begin{center}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	142	\includegraphics[scale=0.25]{pics/nuclear1.jpg}\hspace{3mm}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	143	\includegraphics[scale=0.25]{pics/nuclear2.jpg}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	144	\end{center}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	145
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	146
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	147	\onslide<3->{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	148	modern PALs also include a 2-person rule
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	149	}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	150
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	151	\only<2->{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	152	\begin{textblock}{11}(3,2)
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	153	\begin{tikzpicture}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	154	\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	155	{\begin{minipage}{8cm}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	156	US Air Force's Strategic Air Command worried that in times of need the
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	157	codes would not be available, so until 1977 quietly decided to set them
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	158	to 00000000\ldots
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	159	\end{minipage}};
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	160	\end{tikzpicture}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	161	\end{textblock}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	162
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	163
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	164	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	165	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	166
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	167	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	168	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	169	\begin{frame}[c]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	170
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	171	\begin{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	172	\item until 1998, Britain had nuclear weapons that could be launched from airplanes\bigskip\pause
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	173
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	174	\item these weapons were armed with a bicycle key
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	175
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	176	\begin{center}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	177	\begin{tabular}[b]{c}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	178	\includegraphics[scale=1.05]{pics/britkeys1.jpg}\\
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	179	\small nuclear weapon
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	180	\end{tabular}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	181	\hspace{3mm}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	182	\begin{tabular}[b]{c}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	183	\includegraphics[scale=0.35]{pics/britkeys2.jpg}\\
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	184	\small bicycle lock
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	185	\end{tabular}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	186	\end{center}\bigskip\pause
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	187
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	188	\item the current Trident nuclear weapons can be launched from a submarine without any code being transmitted
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	189	\end{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	190
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	191	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	192	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	193
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	194
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	195
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	196	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	197	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	198	\begin{frame}[c]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	199	\frametitle{}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	200
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	201
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	202	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	203	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	204
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	205	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	206	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	207	\begin{frame}[c]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	208	\frametitle{\begin{tabular}{@ {}c@ {}}Plain-text Passwords at IEEE\end{tabular}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	209
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	210	\small\textcolor{gray}{On 25 September 2012, a report on a data breach at IEEE:}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	211
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	212
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	213	\begin{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	214	\item IEEE is a standards organisation (not-for-profit)
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	215	\item many standards in CS are by IEEE\medskip
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	216	\item 100k plain-text passwords were recorded in logs
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	217	\item the logs were openly accessible on their FTP server
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	218	\end{itemize}\bigskip
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	219
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	220	\begin{flushright}\small
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	221	\textcolor{gray}{\url{http://ieeelog.com}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	222	\end{flushright}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	223
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	224	\only<2>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	225	\begin{textblock}{11}(3,2)
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	226	\begin{tikzpicture}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	227	\draw (0,0) node[inner sep=2mm,fill=white, ultra thick, draw=red, rounded corners=2mm]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	228	{\normalsize\color{darkgray}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	229	\begin{minipage}{7.5cm}\raggedright\small
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	230	\includegraphics[scale=0.6]{pics/IEEElog.jpg}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	231	\end{minipage}};
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	232	\end{tikzpicture}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	233	\end{textblock}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	234
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	235	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	236	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	237
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	238
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	239	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	240	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	241	\begin{frame}[c]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	242	\frametitle{\begin{tabular}{@ {}c@ {}}Virgin Mobile (USA)\end{tabular}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	243
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	244	\begin{flushright}\small
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	245	\textcolor{gray}{\url{http://arstechnica.com/security/2012/09/virgin-mobile-password-crack-risk/}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	246	\end{flushright}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	247
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	248	\begin{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	249	\item for online accounts passwords must be 6 digits
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	250	\item you must cycle through 1M combinations (online)\pause\bigskip
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	251
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	252	\item he limited the attack on his own account to 1 guess per second, \alert{\bf and}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	253	\item wrote a script that cleared the cookie set after each guess\pause
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	254	\item has been fixed now
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	255	\end{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	256
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	257
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	258
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	259	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	260	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	261
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	262
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	263	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	264	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	265	\begin{frame}[c]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	266	\frametitle{\begin{tabular}{@ {}c@ {}}Smash the Stack for Fun \ldots\end{tabular}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	267
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	268	\begin{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	269	\item ``smashing the stack attacks'' or ``buffer overflow attacks''
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	270	\item one of the most popular attacks;\\ attack of the (last) decade\\ ($>$ 50\% of security incidents reported at CERT are related to buffer overflows)
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	271	\begin{flushright}\small
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	272	\textcolor{gray}{\url{http://www.kb.cert.org/vuls}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	273	\end{flushright}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	274	\medskip
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	275	\item made popular in an article by Elias Levy\\ (also known as Aleph One):\\
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	276	\begin{center}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	277	{\bf ``Smashing The Stack For Fun and Profit''}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	278	\end{center}\medskip
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	279
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	280	\begin{flushright}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	281	\small\textcolor{gray}{\url{http://www.phrack.org}, Issue 49, Article 14}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	282	\end{flushright}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	283
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	284	\end{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	285
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	286
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	287	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	288	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	289
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	290	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	291	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	292	\begin{frame}[c]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	293	\frametitle{\begin{tabular}{c}The Problem\end{tabular}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	294
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	295	\begin{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	296	\item The basic problem is that library routines in C look as follows:
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	297	\begin{center}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	298	{\lstset{language=Java}\fontsize{8}{10}\selectfont%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	299	\texttt{\lstinputlisting{app5.c}}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	300	\end{center}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	301	\item the resulting problems are often remotely exploitable
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	302	\item can be used to circumvents all access control
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	303	(botnets for further attacks)
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	304	\end{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	305
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	306	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	307	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	308
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	309	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	310	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	311	\begin{frame}[c]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	312	\frametitle{\begin{tabular}{c}Variants\end{tabular}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	313
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	314	There are many variants:
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	315
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	316	\begin{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	317	\item return-to-lib-C attacks
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	318	\item heap-smashing attacks\\
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	319	\textcolor{gray}{\small(Slammer Worm in 2003 infected 90\% of vulnerable systems within 10 minutes)}\bigskip
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	320
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	321	\item ``zero-days-attacks'' (new unknown vulnerability)
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	322	\end{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	323
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	324	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	325	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	326
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	327
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	328
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	329	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	330	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	331	\begin{frame}[c]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	332
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	333	\small
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	334	\texttt{my\_float} is printed twice:\bigskip
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	335
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	336	{\lstset{language=Java}\fontsize{8}{10}\selectfont%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	337	\texttt{\lstinputlisting{C1.c}}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	338
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	339
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	340	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	341	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	342
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	343	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	344	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	345	\begin{frame}[c]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	346
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	347	\begin{center}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	348	\only<1>{\includegraphics[scale=0.9]{pics/stack1}\;\;}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	349	\only<2>{\includegraphics[scale=0.9]{pics/stack2}\;\;}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	350	\only<3>{\includegraphics[scale=0.9]{pics/stack3}\;\;}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	351	\end{center}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	352
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	353
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	354	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	355	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	356
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	357	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	358	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	359	\begin{frame}[c]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	360
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	361	{\lstset{language=Java}\fontsize{8}{10}\selectfont%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	362	\texttt{\lstinputlisting{C2.c}}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	363
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	364
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	365	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	366	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	367
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	368	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	369	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	370	\begin{frame}[c]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	371
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	372	\small
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	373	A programmer might be careful, but still introduce vulnerabilities:\bigskip
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	374
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	375	{\lstset{language=Java}\fontsize{8}{10}\selectfont%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	376	\texttt{\lstinputlisting{C2a.c}}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	377
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	378
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	379	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	380	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	381
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	382	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	383	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	384	\begin{frame}[c]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	385	\frametitle{\begin{tabular}{c}Payloads\end{tabular}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	386
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	387	\begin{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	388	\item the idea is you store some code as part to the buffer
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	389	\item you then override the return address to execute this payload\medskip
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	390	\item normally you start a root-shell\pause
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	391	\item difficulty is to guess the right place where to ``jump''
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	392	\end{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	393
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	394	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	395	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	396
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	397	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	398	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	399	\begin{frame}[c]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	400	\frametitle{\begin{tabular}{c}Payloads (2)\end{tabular}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	401
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	402	\begin{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	403	\item another difficulty is that the code is not allowed to contain \texttt{$\backslash$x00}:
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	404
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	405	\begin{center}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	406	\texttt{xorl \%eax, \%eax}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	407	\end{center}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	408	\end{itemize}\bigskip\bigskip
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	409
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	410	{\lstset{language=Java}\fontsize{8}{10}\selectfont%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	411	\texttt{\lstinputlisting{app5.c}}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	412
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	413	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	414	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	415
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	416
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	417	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	418	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	419	\begin{frame}[c]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	420	\frametitle{\begin{tabular}{c}Format String Vulnerability\end{tabular}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	421
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	422	\small
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	423	\texttt{string} is nowhere used:\bigskip
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	424
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	425	{\lstset{language=Java}\fontsize{8}{10}\selectfont%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	426	\texttt{\lstinputlisting{C6.c}}}\bigskip
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	427
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	428	this vulnerability can be used to read out the stack
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	429
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	430	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	431	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	432
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	433	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	434	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	435	\begin{frame}[c]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	436	\frametitle{\begin{tabular}{c}Protections against BO Attacks\end{tabular}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	437
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	438	\begin{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	439	\item use safe library functions
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	440	\item ensure stack data is not executable (can be defeated)
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	441	\item address space randomisation (makes one-size-fits-all more difficult)
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	442	\item choice of programming language (one of the selling points of Java)
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	443
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	444	\end{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	445
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	446	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	447	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	448
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	449	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	450	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	451	\begin{frame}[c]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	452	\frametitle{\begin{tabular}{c}Security Goals\end{tabular}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	453
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	454	\begin{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	455	\item Prevent common vulnerabilities from occurring (e.g. buffer overflows)\pause
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	456	\item Recover from attacks (traceability and auditing of security-relevant actions)\pause
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	457	\item Monitoring (detect attacks)\pause
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	458	\item Privacy, confidentiality, anonymity (to protect secrets)\pause
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	459	\item Authenticity (eeded for access control)\pause
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	460	\item Integrity (prevent unwanted modification or tampering)\pause
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	461	\item Availability and reliability (reduce the risk of DoS attacks)
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	462	\end{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	463
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	464	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	465	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	466
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	467
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	468
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	469	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	470	\mode<presentation>{
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	471	\begin{frame}[c]
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	472	\frametitle{\begin{tabular}{c}Homework\end{tabular}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	473
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	474	\begin{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	475	\item Assume format string attacks allow you to read out the stack. What can you do
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	476	with this information?\bigskip
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	477
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	478	\item Assume you can crash a program remotely. Why is this a problem?
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	479	\end{itemize}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	480
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	481	\end{frame}}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	482	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	483
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	484
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	485	\end{document}
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	486
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	487	%%% Local Variables:
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	488	%%% mode: latex
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	489	%%% TeX-master: t
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	490	%%% End:
10da75d5db5d pushed Christian Urban <urbanc@in.tum.de> parents: diff changeset	491

author	Christian Urban <urbanc@in.tum.de>
	Mon, 08 Oct 2012 10:34:12 +0100
changeset 28	10da75d5db5d
child 29	5d0f7da375da
permissions	-rw-r--r--