Fred Sam Joe Fred Sam Joe A BRIEF HISTORY OF COMMUNICATIONS - - PowerPoint PPT Presentation

fred sam joe fred sam joe a brief history of
SMART_READER_LITE
LIVE PREVIEW

Fred Sam Joe Fred Sam Joe A BRIEF HISTORY OF COMMUNICATIONS - - PowerPoint PPT Presentation

Oct 07, 2023 126 likes •351 views

THERE AND BACK AGAIN BRIAN CHESS SEPTEMBER 2013 Fred Sam Joe Fred Sam Joe A BRIEF HISTORY OF COMMUNICATIONS SECURITY 6 COMPUTER SECURITY 7 THE PROGRAMMER "Programming is hard" Donald Knuth Programmers not historically

slide-1
SLIDE 1

THERE AND

BACK AGAIN

BRIAN CHESS SEPTEMBER 2013

slide-2
SLIDE 2
slide-3
SLIDE 3

Fred Sam Joe

slide-4
SLIDE 4

Fred Sam Joe

slide-5
SLIDE 5
slide-6
SLIDE 6

A BRIEF HISTORY OF COMMUNICATIONS SECURITY

6

slide-7
SLIDE 7

COMPUTER SECURITY

7

slide-8
SLIDE 8

THE PROGRAMMER

"Programming is hard" Donald Knuth

  • Programmers not historically responsible for security.
  • Programmers already have one hard job to do.

8

slide-9
SLIDE 9

DEFENSIVE PROGRAMMING IS NOT ENOUGH

Defensive programming: "Write the program to cope with small disasters." [Kernighan and Plauger] A C function with no error checking: void printMsg(FILE* file, char* msg) { fprintf(file, msg); } Crashes when file or msg is null.

9

slide-10
SLIDE 10

10

Error checking added:

void printMsg(FILE* file, char* msg) { if (file == NULL) { logError("attempt to print to null file"); } else if (msg == NULL) { logError("attempt to print null message"); } else { fprintf(file, msg); } }

DEFENSIVE PROGRAMMING IS NOT ENOUGH

No more crashes. Fixed? Hint: AAA1_%08x.%08x.%08x.%08x.%08x.%n

slide-11
SLIDE 11

THIS IS ENOUGH

11

Must also defend against format string attacks:

void printMsg(FILE* file, char* msg) { if (file == NULL) { logError("attempt to print to null file"); } else if (msg == NULL) { logError("attempt to print null message"); } else { fprintf(file, "%.128s", msg); } }

slide-12
SLIDE 12

SOFTWARE QUALITY VS. SOFTWARE SECURITY

QUALITY

  • Cannot be bolted on
  • Must be built in
  • Does the program do what

it's supposed to do?

  • Will the users be happy?
  • Are common cases smooth

and easy?

  • Will people pay for it?

SECURITY

  • Cannot be bolted on
  • Must be built in
  • Does the program have

“bonus” features?

  • Will the attackers get what

they want?

  • Are there corner cases we

haven't considered?

  • What do we stand to lose?

12

slide-13
SLIDE 13

THE EXPLOITABILITY TRAP

13

Clearly Dangerous Clearly Safe “I’ll fix it if you show me an exploit.” Trap

slide-14
SLIDE 14

CITI IPHONE INFO LEAK

14

slide-15
SLIDE 15

BER BERTRAND TRAND RUSSELL USSELL’S CHICKEN S CHICKEN

15

Food Shelter Companions Food Shelter Companions

slide-16
SLIDE 16

Success is foreseeing failure.

– Henry Petroski

slide-17
SLIDE 17

STATIC ANALYSIS IS GOOD

slide-18
SLIDE 18

STATIC ANALYSIS = GOOD

= getInputFroNetwork(); copyBuffer( , ); exec( ); buff buff newBuff newBuff (command injection)

slide-19
SLIDE 19

CHAINSAW

slide-20
SLIDE 20

Building Security In Maturity Model (BSIMM)

http://www.bsi-mm.com

MEASURING PROCESS

20

slide-21
SLIDE 21

THERE AND

BACK AGAIN

BRIAN CHESS SEPTEMBER 2013