# HG changeset patch # User Christian Urban # Date 1412073261 -3600 # Node ID 2555552d2c05e6df755188ed591948b80b0afe9d # Parent 0379bd6f3d21769af2ae80a0242cc1873a48957a updated diff -r 0379bd6f3d21 -r 2555552d2c05 handouts/ho02.tex --- a/handouts/ho02.tex Tue Sep 30 02:22:16 2014 +0100 +++ b/handouts/ho02.tex Tue Sep 30 11:34:21 2014 +0100 @@ -109,19 +109,19 @@ -\subsubsection*{Questions} +%\subsubsection*{Questions} -Coming back to the question of why I use online banking, but -prefer not to e-vote. +%Coming back to the question of why I use online banking, but +%prefer not to e-vote. -Why do I use e-polling in lectures? +%Why do I use e-polling in lectures? -Imagine you have a perfectly secure internet voting system, by -which I mean nobody can tamper with or steal votes between -your browser and the central server responsible for vote -tallying. What can still go wrong with such a perfectly secure -voting system, which is prevented in traditional elections -with paper-based ballots? +%Imagine you have a perfectly secure internet voting system, by +%which I mean nobody can tamper with or steal votes between +%your browser and the central server responsible for vote +%tallying. What can still go wrong with such a perfectly secure +%voting system, which is prevented in traditional elections +%with paper-based ballots? \end{document} diff -r 0379bd6f3d21 -r 2555552d2c05 slides/slides02.pdf Binary file slides/slides02.pdf has changed diff -r 0379bd6f3d21 -r 2555552d2c05 slides/slides02.tex --- a/slides/slides02.tex Tue Sep 30 02:22:16 2014 +0100 +++ b/slides/slides02.tex Tue Sep 30 11:34:21 2014 +0100 @@ -131,7 +131,6 @@ \end{frame} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% - %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \begin{frame}[c] \frametitle{Today's Lecture} @@ -145,11 +144,9 @@ \end{frame} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% - %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -\mode{ \begin{frame}[t] -\frametitle{\begin{tabular}{@ {}c@ {}}Voting as Security Problem\end{tabular}} +\frametitle{Voting as Security Problem} What are the security requirements of a voting system?\bigskip @@ -228,13 +225,12 @@ \end{bubble} \end{textblock}} -\end{frame}} +\end{frame} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \begin{frame}[t] -\frametitle{\begin{tabular}{@ {}c@ {}}Problems with Voting\end{tabular}} - +\frametitle{Problems with Voting} \begin{center}\large \begin{tabular}{rcl} @@ -387,12 +383,9 @@ \end{frame} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% - %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -\mode{ \begin{frame}[t] -\frametitle{\begin{tabular}{@ {}c@ {}}A Brief History of Voting\end{tabular}} - +\frametitle{A Brief History of Voting} \begin{itemize} \item Athenians @@ -409,7 +402,7 @@ \item French Revolution and the US Constitution got things ``started'' with paper ballots (you first had to bring your own; later they were pre-printed by parties) \end{itemize} -\end{frame}} +\end{frame} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% @@ -531,7 +524,7 @@ \only<2>{ \begin{textblock}{5.5}(0.5,14.5) -all are computers +\small all are ``computers'' \end{textblock}} \end{frame}} @@ -586,7 +579,7 @@ A non-obvious problem: \begin{itemize} -\item you can nowadays get old machines, which still store old polls +\item you can nowadays get old machines, which still store old polls\medskip \item the paper ballot box needed to be secured during the voting until counting; e-voting machines need to be secured during the entire life-time @@ -644,8 +637,8 @@ \item have a simple design in order to minimise the attack surface \end{itemize}\pause -But overall in times of NSA/state sponsered cyber-crime, e-voting is too -hard with current technology. +But overall, in times of NSA/state sponsored cyber-crime, e-voting is +too hard with current technology. \end{frame} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% @@ -655,7 +648,7 @@ \frametitle{\Large Online Banking vs.~E-Voting} \begin{itemize} -\item online banking: if fraud occurred you try to identify who did +\item online banking: if fraud occurs you try to identify who did what (somebody's account got zero)\bigskip \item e-voting: some parts can be done electronically, but not the actual voting @@ -673,13 +666,12 @@ \end{center} \begin{itemize} -\item guaranties anonymity +\item can guarantee anonymity \item integrity by electronic means\bigskip \item how to achieve the same in ``software''? \end{itemize} - \end{frame} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% @@ -752,30 +744,28 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -\mode{ \begin{frame}[c] \frametitle{Unix-Style Access Control} -How to do access control? In Unix you have +How to do control access? In Unix you have \begin{itemize} -\item you have users and you have groups/roles: - +\item users and you have groups/roles: \item some special roles: root \end{itemize} - -\end{frame}} +\end{frame} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% - %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -\mode{ \begin{frame}[c] \frametitle{Unix-Style Access Control} +\small \begin{itemize} -\item Q: ``I am using Windows. Why should I care?'' \\ A: In Windows you have similar AC: +\item +Q: ``I am using Windows. Why should I care?'' \\ +A: In Windows you have similar AC: \begin{center} \begin{tabular}{l} @@ -784,23 +774,22 @@ authenticated users\\ server operators\\ power users\\ -network configuration operators\\ +network configuration operators \end{tabular} \end{center}\medskip -\item Modern versions of Windows have more fine-grained AC than Unix; they do not have a setuid bit, but -have \texttt{runas} (asks for a password).\pause +\item Modern versions of Windows have more fine-grained AC than Unix; + they do not have a setuid bit, but have \texttt{runas} (asks for a + password).\pause -\item OS-provided access control can \alert{\bf add} to your -security. +\item OS-provided access control can \alert{\bf add} to your security. + (defence in depth) \end{itemize} - -\end{frame}} +\end{frame} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -\mode{ \begin{frame}[c] \frametitle{\begin{tabular}{c}Network Applications:\\[-1mm] Privilege Separation\end{tabular}} @@ -826,39 +815,36 @@ \end{center} \begin{itemize} -\item the idea is make the attack surface smaller and -mitigate the consequences of an attack +\item the idea is make the attack surface smaller and mitigate the + consequences of an attack \end{itemize} - -\end{frame}} +\end{frame} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -\mode{ \begin{frame}[c] -\frametitle{Lessons from Access Control} +\frametitle{Weaknesses of Unix AC} Not just restricted to Unix: \begin{itemize} -\item if you have too many roles (i.e.~too finegrained AC), then - hierarchy is too complex\\ - \textcolor{gray}{you invite situations like\ldots let's be root}\bigskip +\item if you have too many roles (i.e.~too finegrained AC), then + hierarchy is too complex\\ \textcolor{gray}{you invite situations + like\ldots let's be root}\bigskip \item you can still abuse the system\ldots - \end{itemize} -\end{frame}} +\end{frame} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -\mode{ \begin{frame}[c] -\frametitle{\begin{tabular}{@ {}c@ {}}A ``Cron''-Attack\end{tabular}} +\frametitle{A ``Cron''-Attack} -The idea is to trick a privileged person to do something on your behalf: +The idea is to trick a privileged person to do something on your +behalf: \begin{itemize} \item root:\\\texttt{rm /tmp/*/*}\bigskip\bigskip\pause @@ -872,14 +858,12 @@ \end{minipage} \end{itemize} - -\end{frame}} +\end{frame} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -\mode{ \begin{frame}[c] -\frametitle{\begin{tabular}{@ {}c@ {}}A ``Cron''-Attack\end{tabular}} +\frametitle{A ``Cron''-Attack} \begin{enumerate} \item attacker \textcolor{gray}{(creates a fake passwd file)}\\ @@ -897,19 +881,36 @@ \only<2>{ \begin{textblock}{11}(2,5) -\begin{tikzpicture} -\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm] -{\normalsize\color{darkgray} -\begin{minipage}{9cm}\raggedright -To prevent this kind of attack, you need additional +\begin{bubble}[8cm] +\normalsize To prevent this kind of attack, you need additional policies (don't do such operations as root). -\end{minipage}}; -\end{tikzpicture} +\end{bubble} \end{textblock}} -\end{frame}} +\end{frame} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\begin{frame}[c] +\frametitle{\Large Buffer Overflow Attacks} + +\begin{center} +\begin{columns}[b] +\begin{column}{.4\textwidth} +\centering +\includegraphics[scale=1.2]{pics/barrier.jpg}\\ +first lecture +\end{column} +\begin{column}<2>{.4\textwidth} +\centering +\includegraphics[scale=0.32]{pics/trainwreck.jpg}\\ +next week +\end{column} +\end{columns} +\end{center} + +\end{frame} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \end{document}