Tip: If anyone want to speed up the lecture videos a little, inspect
the page, go to the browser console, and paste this in:
document.querySelector('video').playbackRate = 1.2
1.2 Why is security important?
The contents of a man’s letters are more valuable than the
contents of his purse.
- Lord Varys
Not only that, now the contents of one’s bit-streams are also the
contents of one’s purse…
Mention:
In 2023, the latter (money) is perhaps the most common goal of
attack,
though it was not always.
1.3 Information is power.
00-Inspiration/infoIsPower.png
Conversely, the lack of information (anonymity or privacy) is also
power.
Ask the class:
What power does attaining information provide?
What power does concealing information (anonymity) provide?
What is the concrete nature of this power?
Mention: distributed, concrete, insurance, control, lack of
consequence, etc.
Data transmissions are not just used for messages, but physical
control of systems, power grids, water, manufacturing, etc.
Mention:
numerous recent historical attacks on power-grid infrastructure
International (power-plants:
https://en.wikipedia.org/wiki/2015_Ukraine_power_grid_hack )
Within the US (corporate lack of participation, backup
power-supplies)
Should any manufacturing plant be connected to the internet?
What about the engineer’s “convenience backdoor”?
1.4 Security/Privacy trade-off is
an unnecessary illusion (usually).
They’re usually not at odds.
Just do both instead!
The assertion that they are at odds is usually a concrete
power-grab.
1.5 Privacy is security, but of
different information.
e.g., security of meta-data, instead of security of message
content
This is a common mistake: “privacy is not security”
Privacy and security are not different concepts, just different
data.
Privacy is indeed security, it just refers to the protection a broader
set of data.
Mention: Apple’s recent example of “pseudo-security theater”
1.6 All security is ultimately
either physical or cryptographic.
Data stored or transmitted on a physical medium can be protected behind
a physical barrier.
Data stored or transmitted on a physical medium can be protected by
encryption.
Data stored or transmitted on a physical medium can be accessed, or
denied access, through an access control interface, present at a
computer terminal endpoint.
What stops someone attempting to bypass the access control
interface?
Examples:
your home computer?
a library computer on a public desk?
a remote web-server?
How is data on the hard drive secured?
when un-encrypted?
when encrypted?
when logged in?
when not logged in?
when off?
when on?
What about data in RAM?
when off?
when on?
when logged in?
when not logged in?
does encryption apply here?
How is a traveling message secured from being read on the way to
it’s destination?
How are network connections secured?
How does software integrity factor in?
Any exceptions?
1.7 Much of cryptography is
actually strong, though the whole system needs to be secure.
00-Inspiration/security.png
Interestingly, for the first time in human history, the thing being
locked away (information) is actually secure enough to withstand
more-or-less limitless resources of nation states (unlike for example a
physical vault).
Novel legal and social concept:
Security without obscurity (open-source cryptography)
Mention: A common mis-understanding, particularly of older
individuals
What does this resemble, historically?
Secure software can be trust-less, and it should be!
If software is not open-source, it is not trustworthy.
That is, it can not be veritably trust-less.
Don’t settle for trust, when you can have trust-less software!
1.8 Humans are the weak link 99% of
the time.
What can a algorithm designer, programmer, or IT professional do to
help?
1.9 Security is easy.
1.10 Security while still allowing
the key people access is hard.
The most clever tricks in modern security make access possible, in
unexpectedly secure ways.
This is especially true of remote access.
1.11 Most thefts are
employees.
1.12 Most “hacks” are actually
internal compromises.
For example, the DNC “hacks” were likely just leaks
(at least as far as a public executive letter written by the technical
director of the NSA,
and other high-ranking security officials said…).
1.13 Security is often driven by
cyclical arms-race phenomena.
Much in security is arbitrary,
especially offensive security,
but there are general principles to emerge.
I hope to provide you that context,
which may not be obvious.
Often, students think they will be excited about offensive
security,
only to realize that defensive security is more theoretically rich.
1.14 Security has progressed from
tinkerers’ exploits to an affair of nation states and organized
crime
Security is now the domain of elite professionals,
who are required in virtually every industry,
including government.
1.15 Full stack understanding
required
00-Inspiration/full_stack.png
When I ask professionals at national labs and in industry security
what they want out of students, what do they say?
Security is an extremely heterogeneous topic, where exploits can be
largely arbitrary, and technical details change rapidly due to an arms
race, with fundamental principles far and few between. We will try to
emphasize those principles which last the test of time.
Security is simultaneously one of the most and least formal
disciplines in computation.
e.g., human factors versus cryptography
Security is best learned by learning the entire stack.
For example knowing operating systems and networking deeply makes
much of security obvious.
Disclaimer the term “full stack” is often applied to the web stack
alone, but I use it more broadly here to refer to the entire computing
stack.
The student experience:
Often, computer science students think they are going to be
interested in security, only to realize 1/4 of it is computer
engineering, 1/4 of it is math, 1/4 of it is IT, and only about 1/4 of
it is computer science.
Often computer engineering students come into this class, not
expecting much, and realizing they like security, and the skill-sets
match well.
1.16 The most domain-general
principles within security are compartmentalization and
layering
These principles of compartmentalization and layering for the purpose of
security exist in:
physical security,
biology,
immunology,
psychology (as a syndrome and coping mechanism for a “spy”),
and throughout all components of
security/anonymity/privacy/deception generally.
Modern systems are often too complex to evaluate fully.
Further, modern systems often lack explicit trust (closed design).
Assuming that excess complexity and deficit of trust,
security by isolation or compartmentalization,
rather than security by correctness,
is likely a good strategy,
a crutch to minimize damages and losses.
1.17 This semester:
Though humans are the largest problem in security,
we will cover the technical components in this class
(this is CS; IST/BIT often covers the human component more).
By analogy, consider the difference between:
the medical professional who makes a business out of how to patch the
unhealthy habits of a self-destructive patient who vapes, eats junk
food, and sits around playing video games,
or a trainer/dietitian who optimizes the health and performance of an
elite athlete who already eats well, sleeps well, and exercises.
Both have a place in medicine and industry,
and the helping former may actually be more impactful in the
short-term.
However, we will generally avoid the former
(making your MS-Windows machine less insecure),
in favor of the latter,
(how to actually do security correctly).
We will also favor defensive over offensive security,
though will attempt to do justice to both.
Defensive security comes first.
i.e., learning defensive tactics to survive the nasty, arbitrary,
short-sighted attacks that arise in this computing environment,
that resembles Lord of the Flies / Prison Yard / Public School…
We will have several major sections of the course: ../Content.html
