# HG changeset patch # User Christian Urban # Date 1350394963 -3600 # Node ID 1d37142ea1ea106d82ab63f9e2877be914e03e7b # Parent e1a5d057db964374d81eddb69292fcce77cc32bf added diff -r e1a5d057db96 -r 1d37142ea1ea slides04.pdf Binary file slides04.pdf has changed diff -r e1a5d057db96 -r 1d37142ea1ea slides04.tex --- a/slides04.tex Tue Oct 16 14:20:20 2012 +0100 +++ b/slides04.tex Tue Oct 16 14:42:43 2012 +0100 @@ -109,7 +109,7 @@ \frametitle{Unix-Style Access Control} \begin{itemize} -\item Q: ``I am using Windows. Why should I care?'' \\ A: In Windows you have similar groups: +\item Q: ``I am using Windows. Why should I care?'' \\ A: In Windows you have similar AC: \begin{center} \begin{tabular}{l} @@ -125,7 +125,7 @@ \item Modern versions of Windows have more fine-grained AC than Unix; they do not have a setuid bit, but have \texttt{runas} (asks for a password).\pause -\item OS provided access control can \alert{add} to your +\item OS-provided access control can \alert{\bf add} to your security. \end{itemize} @@ -316,7 +316,7 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode{ \begin{frame}[c] -\frametitle{\begin{tabular}{@ {}c@ {}}Example: Firewall\end{tabular}} +\frametitle{\begin{tabular}{@ {}c@ {}}Example: Firewalls\end{tabular}} \begin{center} \includegraphics[scale=0.5]{pics/firewall.png} @@ -330,7 +330,7 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode{ \begin{frame}[t] -\frametitle{\begin{tabular}{@ {}c@ {}}Example: Firewall\end{tabular}} +\frametitle{\begin{tabular}{@ {}c@ {}}Example: Firewalls\end{tabular}} \begin{itemize} \item<1->What assets are you trying to protect?\\ @@ -397,7 +397,7 @@ still possible.\end{tabular}} \item<4->What other risks does the security solution cause? \only<4>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright Your mobile phone or credit card/pin might -be stolen. SIM card become valuable.\end{tabular}} +be stolen. SIM card becomes more valuable.\end{tabular}} \item<5->What costs and trade-offs does the security solution impose? \only<5>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright Banks need to establish an infrastructure. For you it might be inconvenient.\end{tabular}} @@ -489,7 +489,7 @@ \item<5->What costs and trade-offs does the security solution impose? \only<5>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright The ``hardware'' is cheap, but indirect costs can be quite high.\end{tabular}} -\item<7>[]{\bf\large No!} {\textcolor{gray}{Though in some areas they work: airport, swimming pool}} +\item<7>[]{\bf\large No!} {\textcolor{gray}{Though in some areas they work: airports, swimming pools, \ldots}} \end{itemize} @@ -499,23 +499,23 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode{ \begin{frame}[t] -\frametitle{\begin{tabular}{@ {}c@ {}}Ex: Security by Obscurity\end{tabular}} +\frametitle{\begin{tabular}{@ {}c@ {}}Ex: Security-by-Obscurity\end{tabular}} You might think it is a good idea to keep a security relevant algorithm or software secret. \begin{itemize} \item<1->What assets are you trying to protect?\\ -\only<1>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}source code, an algorithm\end{tabular}} +\only<1>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}Source code, an algorithm and things that depend on it\end{tabular}} \item<2->What are the risks to these assets?\\ \only<2>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright Can be pretty high (Oystercards).\end{tabular}} \item<3->How well does the security solution mitigate those risks?\\ \only<3>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright -Not really. The source code can be reverse engineered, stolen\ldots{}\end{tabular}} +Not really. The source code can be reverse engineered, stolen, coerced \ldots{}\end{tabular}} \item<4->What other risks does the security solution cause? \only<4>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright You prevent -scrutiny and independent advice. You also more likely than not +scrutiny and independent advice. You also more likely than not to get it wrong.\end{tabular}} \item<5>[]{\bf\large No!} \end{itemize} @@ -549,8 +549,8 @@ \begin{center} \begin{minipage}{4.5cm} \begin{itemize} -\item The outcome matches with the voter intend. -\item There might be gigantic sums at stake. +\item The outcome matches with the voters' intend. +\item There might be gigantic sums at stake and need to be defended against. \end{itemize} \end{minipage} \end{center} @@ -602,7 +602,7 @@ \begin{center} \begin{minipage}{4.5cm} \begin{itemize} -\item Only authorised voters should be able to vote up to the permitted number of votes. +\item Authorised voters should have the opportunity to vote. \end{itemize} \end{minipage} \end{center} @@ -627,23 +627,6 @@ \end{tikzpicture} \end{textblock}} -\only<6>{ -\begin{textblock}{5.5}(8,5) -\begin{tikzpicture} -\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm, text centered] -{\small -\begin{minipage}{5cm}\raggedright -\begin{center} -\begin{minipage}{4.5cm} -\begin{itemize} -\item Only authorised voters should be able to vote up to the permitted number of votes. -\end{itemize} -\end{minipage} -\end{center} -\end{minipage}}; -\end{tikzpicture} -\end{textblock}} - \end{frame}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% @@ -693,7 +676,7 @@ \begin{itemize} \item The Netherlands between 1997 - 2006 had electronic voting machines\\ -\textcolor{gray}{(hacktivists had found that they could be hacked and emitted radio signals revealing how you voted)} +\textcolor{gray}{(hacktivists had found: they can be hacked and also emitted radio signals revealing how you voted)} \item Germany had used them in pilot studies\\ \textcolor{gray}{(in 2007 a law suit has reached the highest court and it rejected electronic voting @@ -711,10 +694,11 @@ \mbox{}\\[-12mm] \begin{itemize} -\item US used mechanical machines since the 50s, later punch cards, now DREs and +\item US used mechanical machines since the 30s, later punch cards, now DREs and optical scan voting machines \textcolor{gray}{(fantastic ``ecosystem'' for study)} -\item Estonia used in 2007 the world's first Internet vote in national elections (there are earlier pilot studies) +\item Estonia used in 2007 the Internet for national elections +\textcolor{gray}{(there were earlier pilot studies in other countries)} \item India uses e-voting devices since at least 2003\\ \textcolor{gray}{(``keep-it-simple'' machines produced by a government owned company)} @@ -744,7 +728,7 @@ \item French Revolution and the US Constitution got things ``started'' with -paper ballots (you first had to bring your own, or later were pre-printed by the parties) +paper ballots (you first had to bring your own; later they were pre-printed by parties) \end{itemize} \end{frame}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% @@ -757,9 +741,9 @@ Security policies involved with paper ballots: \begin{enumerate} -\item you need to check that the ballot box is empty at the start of the poll / no false bottom (ballot stuffing) -\item you need guard the ballot box during the poll -\item tallied by a team at the end of the poll (you can have observers) +\item you need to check that the ballot box is empty at the start of the poll / no false bottom (to prevent ballot stuffing) +\item you need to guard the ballot box during the poll until counting +\item tallied by a team at the end of the poll (independent observers) \end{enumerate} \begin{center} @@ -963,8 +947,8 @@ \frametitle{\begin{tabular}{@ {}c@ {}}Lessons to be Learned\end{tabular}} \begin{itemize} -\item keep a paper trail and try to keep this secure -\item make the software open source +\item keep a paper trail and design your system to keep this secure\medskip +\item make the software open source (avoid security-by-obscurity))\medskip \item have a simple design in order to minimise the attack surface \end{itemize}