security through distrusting
play

Security through Distrusting Joanna Rutkowska Invisible Things - PowerPoint PPT Presentation

Aug 09, 2023 •730 likes •1.39k views

427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Security through Distrusting Joanna Rutkowska Invisible Things Lab & Qubes OS Project Black Hat EU, London, UK, December 7, 2017 427F11FD

  1. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Security ¡through ¡Distrusting Joanna ¡Rutkowska Invisible ¡Things ¡Lab & ¡Qubes ¡OS Project Black ¡Hat ¡EU, ¡London, ¡UK, ¡December ¡7, ¡2017

  2. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 more ¡desired Trustworthy Trusted(?) Secure Trust?

  3. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Trust ¡consider ¡harmful!

  4. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Security ¡through ¡Distrusting ¡examples

  5. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Example ¡#1: ¡Pesky ¡microphones

  6. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Mics sniff ¡our ¡activities, ¡including ¡keystrokes, ¡etc. § Mics are ¡difficult ¡to ¡neutralize § § Mics naturally ¡“cross“ ¡security ¡boundaries phone mic 3 mic mic 1 2

  7. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Mics sniff ¡our ¡activities, ¡including ¡keystrokes, ¡etc. § § Mics are ¡difficult ¡to ¡neutralize Mics naturally ¡“cross“ ¡security ¡boundaries § Bluetooth ¡link Bluetooth headset phone mic mic 1 2 Different ¡vendors No ¡mics!

  8. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Example ¡#2: ¡Stateless laptop

  9. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Persistent ¡laptop ¡compromises… Persist § § Store ¡secrets § PII

  10. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Store ¡secrets Persist PII § § §

  11. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Store ¡secrets Persist PII § § §

  12. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Firmware ¡infections ¡prevented § § No ¡places ¡to ¡store ¡stolen ¡secrets § Reliable way ¡to ¡verify ¡firmware Reliable ¡way ¡to ¡ choose ¡ firmware § § Boot ¡multiple ¡environments § Share ¡laptops ¡with ¡others Stateless ¡Hardware (persistent ¡state ¡eliminated) Trusted ¡Stick

  13. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Example ¡#3: ¡Multi-­‑party ¡signatures Photo ¡via ¡Peter ¡Todd ¡(@petertoddbtc)

  14. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Wallet Wallet vs Mutli-­‑sig ¡does ¡not ¡need ¡to ¡involve ¡multiple ¡users!

  15. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Also: ¡not ¡just ¡Bitcoin wallets…

  16. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Example ¡#4: ¡Binary ¡(multi) ¡signing

  17. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Why ¡care ¡about ¡binary ¡(multi-­‑) ¡signing? § OS ¡installation ¡images § Applications § Updates § Firmware

  18. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Prime ¡target ¡for ¡backdooring!

  19. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Source Building Distribution Binary Binary code (e.g. ¡updates) Sign Create developer(s) vendor end ¡user

  20. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Source Distribution Binary Binary code (https, ¡signed ¡binaries) (e.g. ¡updates) Verify (… ¡& ¡sign!) Sign Create developer(s) vendor end ¡user

  21. Attacker ¡(back-­‑/bug-­‑door ¡injection) 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 ? ? Source Building Distribution Binary Binary code (git push) (https, ¡signed ¡binaries) (e.g. ¡updates) ? Verify (… ¡& ¡sign!) Sign Create developer(s) vendor end ¡user

  22. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 ? Source Building Distribution Binary Binary code (git push) (https, ¡signed ¡binaries) (e.g. ¡updates) ? ? Verify (… ¡& ¡sign!) Sign Create developer(s) vendor end ¡user

  23. Attacker ¡(back-­‑/bug-­‑door ¡injection) 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 ? ? Source Building Distribution Binary Binary code (git push) (https, ¡signed ¡binaries) (e.g. ¡updates) ? ? Verify (… ¡& ¡sign!) Sign Create developer(s) vendor end ¡user

  24. Attacker ¡(back-­‑/bug-­‑door ¡injection) 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 ? ? Source Building Distribution Binary Binary code (git push) (https, ¡signed ¡binaries) (e.g. ¡updates) ? ? Verify (… ¡& ¡sign!) Sign Create developer(s) vendor end ¡user

  25. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 ? Source Building Distribution Binary Binary code (git push) (https, ¡signed ¡binaries) (e.g. ¡updates) ? ? Verify (… ¡& ¡sign!) Sign Create developer(s) vendor end ¡user

  26. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Source code == ? Source Building Distribution Binary Binary code (git push) (https, ¡signed ¡binaries) (e.g. ¡updates) ? ? Verify (… ¡& ¡sign!) Sign Create developer(s) vendor end ¡user

  27. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 ? Sign Vendor ¡#3 Binary (e.g. ¡updates) Source Building Distribution Binary Binary code (git push) (https, ¡signed ¡binaries) (e.g. ¡updates) Binary ? ? Sign Verify Sign (… ¡& ¡sign!) Sign Create (e.g. ¡updates) Vendor ¡#2 developer(s) Vendor ¡#1 end ¡user

  28. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 ? Sign Vendor ¡#3 Binary (e.g. ¡updates) One ¡binary, ¡ multiple ¡signatures ! Source Building Distribution Binary Binary code (git push) (https, ¡signed ¡binaries) (e.g. ¡updates) Binary ? ? Sign Verify Sign (… ¡& ¡sign!) Sign Create (e.g. ¡updates) Vendor ¡#2 developer(s) Vendor ¡#1 end ¡user

  29. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Multi-­‑signed ¡binaries § Signed ¡by ¡people ¡from ¡different ¡countries § Different ¡organizations ¡(vendor ¡& ¡auditing) § Signed ¡by ¡different ¡ machines – In ¡the ¡same ¡organization – In ¡different ¡organization

  30. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 https://reproducible-­‑builds.org

  31. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Example ¡5: ¡Preventing ¡data ¡leaks

  32. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Your ¡data…! Some ¡software (buggy/backdoored or ¡ otherwise ¡compromised)

  33. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Your ¡data…! VPN Some ¡software (buggy/backdoored or ¡ otherwise ¡compromised)

  34. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Your ¡data…! VPN Some ¡software (buggy/backdoored or ¡ otherwise ¡compromised) Windows ¡laptop ¡(compromised ¡or ¡backdoored)

  35. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Your ¡data…! VPN Some ¡software (buggy/backdoored or ¡ otherwise ¡compromised) Different ¡device ¡(or ¡VM?) Qubes ¡TorVM (2011) § The ¡Grugq ‘s ¡P.O.R.T.A.L. ¡(2012) § Whonix (2012 – present) § Windows ¡laptop ¡(compromised ¡or ¡backdoored) § Whonix for ¡Qubes ¡(2014 ¡– present) § Tor-­‑enabled ¡routers ¡(multiple ¡ projects/products)

  36. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Cut ¡off ¡networking? Some ¡software Not ¡very ¡useful…

  37. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Qubes ¡OS ¡templates Download ¡updates, ¡etc Template ¡VM Updates server User ¡data App ¡VM No ¡networking (no ¡leaks)

  38. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Example ¡#6: ¡Compartmentalization

  39. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 “Classic” ¡compartmentalization… Work ¡VM Personal ¡VM

  40. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 “Classic” ¡compartmentalization… Work ¡VM Personal ¡VM …not ¡very ¡useful!

  41. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Personal ¡VM MOV …more ¡useful… JPG Work ¡VM PDF

  42. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Inter-­‑compartments ¡data ¡transfers

  43. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Browsing ¡VM Internet ¡ PNG ? PNG Work ¡VM

  44. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Qubes PDF/Image ¡converters: Very ¡simple ¡(& ¡trusted) ¡code! Very ¡simple ¡format ¡(& ¡easy ¡to ¡verify ¡if ¡indeed) PNG PNG PNG Internet ¡ Work ¡VM Disposable ¡VM Browsing ¡VM Very ¡complex ¡format ¡(risky ¡to ¡parse!) Very ¡complex ¡parsing ¡(very ¡risky!)

  45. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 App ¡sandboxing ¡is ¡just ¡part ¡of ¡the ¡story…

  46. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 PDF JPG MOV Work ¡VM Personal ¡VM USB ¡& ¡ Networking ¡ Graphics ¡& ¡ VPNs ¡& ¡ Root ¡of ¡trust Corporate ¡ Bluetooth ¡ stacks UI firewalling management (admin) stacks

  47. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Isolation is ¡just ¡part ¡of ¡the ¡story!

  48. 427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Security Security as term, Possible Security violations Authentication Criteria for

Security Security as term, Possible Security violations Authentication Criteria for

BS1 WS19/20 topic-based slides Security Security as term, Possible Security violations Authentication Criteria for Trust in Computer Systems Three hearts of Windows Security DACLs A Look at Security System is secure if

988 views • 20 slides
CPSC410/611: Security Security Security Attacks Security Threats Crypto

CPSC410/611: Security Security Security Attacks Security Threats Crypto

CPSC 410 / 611 : Operating Systems CPSC410/611: Security Security Security Attacks Security Threats Crypto Authentication Examples SSL Security Threats Breach of confidentiality unauthorized access to

458 views • 18 slides
Biometrics and Security Biometrics and Security Biometrics and Security Biometrics and Security

Biometrics and Security Biometrics and Security Biometrics and Security Biometrics and Security

Biometrics and Security Biometrics and Security Biometrics and Security Biometrics and Security WS 06/07 Seminar Prof. Dr.-Ing. Jana Dittmann & Dr.-Ing. Claus Vielhauer with support from Tobias Scheidat

419 views • 16 slides
1 X.800 Security Services X.800 Security Services X.800 Security Services Data integrity

1 X.800 Security Services X.800 Security Services X.800 Security Services Data integrity

Course Overview Course Requirements EECS 498-7/8 Cryptography and Network Security: www.citi.umich.edu/u/honey/security Principles and Practice (Third Edition) Computer Security Monday & Friday, 9:00 10:30 William Stallings

670 views • 19 slides
A (re)introduction to Spring Security Agenda Before Spring Security: Acegi security

A (re)introduction to Spring Security Agenda Before Spring Security: Acegi security

A (re)introduction to Spring Security Agenda Before Spring Security: Acegi security Introducing Spring Security View layer security Whats coming in Spring Security 3 E-mail: craig@habuma.com Blog: http://www.springloaded.info

452 views • 19 slides
Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice:

634 views • 36 slides
Security Overview Security Goals The Attack Space Security Mechanisms

Security Overview Security Goals The Attack Space Security Mechanisms

CSCE Intro to Computer Systems Security Security Overview Security Goals The Attack Space Security Mechanisms Introduction to Cryptography Authentication Authorization Confidentiality Case Studies Security

472 views • 20 slides
SECURITY TESTING Towards a safer web world AGENDA 1. 3 WS OF SECURITY TESTING 2. SECURITY

SECURITY TESTING Towards a safer web world AGENDA 1. 3 WS OF SECURITY TESTING 2. SECURITY

SECURITY TESTING Towards a safer web world AGENDA 1. 3 WS OF SECURITY TESTING 2. SECURITY TESTING CONCEPTS 3. SECURITY TESTING TYPES 4. TOP 10 SECURITY RISKS Few Security Breaches Date: 2013-14 September 2016, while in negotiations to

404 views • 18 slides
On Garbled Circuits Ignacio Navarro Imperial College London Department of Computing Supervisor:

On Garbled Circuits Ignacio Navarro Imperial College London Department of Computing Supervisor:

On Garbled Circuits Ignacio Navarro Imperial College London Department of Computing Supervisor: Mahdi Cheraghchi June 2018 Abstract A very useful cryptographic tool is to allow distrusting parties to jointly compute a function revealing the

1.03k views • 84 slides
Security Security with Distributed Systems Why Security? The need for security mechanisms in

Security Security with Distributed Systems Why Security? The need for security mechanisms in

Security Security with Distributed Systems Why Security? The need for security mechanisms in distributed systems arises from the desire to share resources Resources must be protected against unauthorized access, as enemies (attackers)

1.16k views • 67 slides
Security Overview Security Goals The Attack Space Security Mechanisms

Security Overview Security Goals The Attack Space Security Mechanisms

CPSC 410/611 Operating Systems Security Security Overview Security Goals The Attack Space Security Mechanisms Introduction to Cryptography Authentication Authorization Confidentiality Case Studies

419 views • 19 slides
International and Global Security 1 Peer Discussion What is security? 2 International

International and Global Security 1 Peer Discussion What is security? 2 International

International and Global Security 1 Peer Discussion What is security? 2 International Security What is security? Freedom from threats to core values? Contestation over referent object: Individual? State? System? How is security achieved?

715 views • 11 slides
Security 101 Definition of Information Security Information security is the protection of

Security 101 Definition of Information Security Information security is the protection of

Computing Services Information Security Office Security 101 Definition of Information Security Information security is the protection of information and systems from unauthorized access, disclosure, modification, destruction or disruption. The

469 views • 22 slides
Security Update Security Plans Our Security plans are For Official Use Only, Safety

Security Update Security Plans Our Security plans are For Official Use Only, Safety

Security Update Security Plans Our Security plans are For Official Use Only, Safety Sensitive Information Not for public or media release F.S. 119.071. Required by law, rule and regulation: Homeland Security Directive 5 and 8.

393 views • 11 slides
Com puter Security Part One Security as a subject Security is an old problem in the

Com puter Security Part One Security as a subject Security is an old problem in the

Com puter Security Part One Security as a subject Security is an old problem in the computing world, and are parallel to even older problems outside computing Required level of security is always related to what you protect

237 views • 23 slides
ZIGDIGGITY ZIGBEE HACKING TOOLKIT AUGUST 7-11, 2019 http://zigdiggity.c om NEW ZIGBEE HACKING

ZIGDIGGITY ZIGBEE HACKING TOOLKIT AUGUST 7-11, 2019 http://zigdiggity.c om NEW ZIGBEE HACKING

ZIGDIGGITY ZIGBEE HACKING TOOLKIT AUGUST 7-11, 2019 http://zigdiggity.c om NEW ZIGBEE HACKING TOOLKIT FREE, OPEN-SOURCE WHAT IS ZIGDIGGITY??? + = RaspBee radio + Raspberry Pi ZigDiggity - GitHub Code http://zigdiggity.com BISHOPFOX

617 views • 23 slides
Advisory Board Meeting Friday, April 3 rd 10:00am 11:30am CST Overview New board members

Advisory Board Meeting Friday, April 3 rd 10:00am 11:30am CST Overview New board members

Advisory Board Meeting Friday, April 3 rd 10:00am 11:30am CST Overview New board members President Pietruszkiewicz Update Masters of Leadership Embrace Student Marketing ChangeLab Changemaker Challenges Center Update Center Priorities

204 views • 19 slides
Speaking Data: Simple, Functional Programming with Clojure Paul deGrandis :: @ohpauleez

Speaking Data: Simple, Functional Programming with Clojure Paul deGrandis :: @ohpauleez

Speaking Data: Simple, Functional Programming with Clojure Paul deGrandis :: @ohpauleez Overview Clojure in ten ideas The key to understanding Clojure is ideas, not language constructs - Stu Halloway Everything I say

1.16k views • 56 slides
Bayesian Meta-Learning CS 330 1 Reminders Homework 2 due next Friday. Project group form due

Bayesian Meta-Learning CS 330 1 Reminders Homework 2 due next Friday. Project group form due

Bayesian Meta-Learning CS 330 1 Reminders Homework 2 due next Friday. Project group form due today Project proposal due in one week . Project proposal presentations in one week . (full schedule released on Friday) 2 Plan for Today Why be

550 views • 35 slides
Set 10 Search Engines & SEO Outline How do search engines work? Basic operation

Set 10 Search Engines & SEO Outline How do search engines work? Basic operation

IT452 Advanced Web and Internet Set 10 Search Engines & SEO Outline How do search engines work? Basic operation What makes a good one? What makes it difficult? Web Design with search engines in mind Search Engines

628 views • 16 slides
Mastering the Nmap Scripting Engine by Fyodor and David Fifield

Mastering the Nmap Scripting Engine by Fyodor and David Fifield

Insecure.Org Insecure.Org Mastering the Nmap Scripting Engine by Fyodor and David Fifield http://insecure.org/presentations/BHDC10/ Black Hat Briefings Las Vegas Defcon 18 July 28; 4:45 PM; Augustus 5+6 July 30; 5:00 PM; Track One

622 views • 34 slides
Standardization for the black hat Daniel J. Bernstein University of Illinois at Chicago &

Standardization for the black hat Daniel J. Bernstein University of Illinois at Chicago &

1 Standardization for the black hat Daniel J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven 1 bada55.cr.yp.to BADA55 Crypto including How to manipulate curve standards: a white paper for the

879 views • 45 slides
Six Thinking Hats Decision Making: . . . Metalevel Heuristic Methodology: Acknowledgments

Six Thinking Hats Decision Making: . . . Metalevel Heuristic Methodology: Acknowledgments

Overview Natural First Steps in . . . Decision Making: . . . Six Thinking Hats Decision Making: . . . Metalevel Heuristic Methodology: Acknowledgments Towards a Reference Home Page Fuzzy-Logic-Based Title Page Explanation

121 views • 8 slides

More recommend