Reflections on Trusting Trust Ken Thompson. Communication of the ACM, Vol. 27, No. 8, August 1984, pp. 761-763. Copyright 1984, Association for Computing.

Slides:

Advertisements

Similar presentations

© 2001 By Default! A Free sample background from Slide 1 Eggs have the potential to cause catastrophic damage to private.

Advertisements

CHAPTER 2 GC101 Program’s algorithm 1. COMMUNICATING WITH A COMPUTER  Programming languages bridge the gap between human thought processes and computer.

Communications of the ACM (CACM), Vol. 32, No. 6, June 1989

The Top 5 Mistakes Supervisors Make …and other important HR information.

CIS-74 Computer Software Quality Assurance Systematic Software Testing Chapter 1: An Overview of the Testing Process.

Tamper Resistant Software An Implementation By David Aucsmith, IAL “This paper describes a technology for the construction of tamper resistant software.”

CSS 548 Dan Chock.  What are some ways that compilers can affect application security? ◦ Improving Application Security  Checking for and preventing.

1 Anti Virus vs virus System i-Specific Anti-Virus Product Ali ameen al said.

A Taxonomy of Computer Program Security Flaws C. E. Landwehr, A. R. Bull, J. P. McDermott and W.S. Choi -- Presented by: Feng Hui Luo ACM Computing Surveys,

1 Avoiding Plagiarism (or, The Right way to Write)

Trusting the Trust Budi Rahardjo Inixindo Security Day Seminar The Executive Club, Jakarta, 19 March 2009.

Debugging: Catching Bugs ( I ) Ying Wu Electrical & Computer Engineering Northwestern University ECE230 Lectures Series.

Security: Attacks. 2 Trojan Horse Malicious program disguised as an innocent one –Could modify/delete user’s file, send important info to cracker, etc.

Why Security Testing Is Hard by Herbert H. Thompson presented by Carlos Hernandez.

Computer Security Computer Security as a principle; Computer Security in UNIX for specific; Conclusion.

With Microsoft Access 2010© 2011 Pearson Education, Inc. Publishing as Prentice Hall1 PowerPoint Presentation to Accompany GO! with Microsoft ® Access.

BACKDOORS in Software Seminar on Software University of Turku January 2008 Eino Malinen.

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

1 Lecture 24 Hiding Exploit in Compilers bootstrapping, self-generating code, tombstone diagrams Ras Bodik Mangpo and Ali Hack Your Language! CS164: Introduction.

Universe Design Concepts Business Intelligence Copyright © SUPINFO. All rights reserved.

How to Write a Five Paragraph Essay

Copyright Shanna Smith & Tom Bohman (2003). This work is the intellectual property of the authors. Permission is granted for this material to be shared.

. 4.1 Understanding ethical and social issues related to systems. 4.2 Ethics in an information society. 4.3 The moral dimensions of information systems.

© 2006 Jupitermedia Corporation Webcast TitleSuccessful Rollout Planning 1 January 19, :00pm EST, 11:00am PST George Spafford, President Spafford.

Today’s Agenda: 8 Bad Listening Habits to Kick How-to ID the Important Stuff Bad habits to break ID-ing the important stuff.

DCT 1123 PROBLEM SOLVING & ALGORITHMS INTRODUCTION TO PROGRAMMING.

Created by NW 2012 – please note all copyright on images used is property of copyright holder. Note: some of the more complicated descriptions are taken.

CHAPTER 4 Information Security. CHAPTER OUTLINE 4.1 Introduction to Information Security 4.2 Unintentional Threats to Information Security 4.3 Deliberate.

Introduction to Computer Programming

Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)

© Janice Regan, CMPT 128, Jan CMPT 128 Introduction to Computing Science for Engineering Students Creating a program.

Digital Citizenship Jessica L. Webb ED 505. Netiquette Netiquette Social Media- interactive dissemination of information through the internet. Netiquette-

Joseph Pettaway ED505. What is Digital Citizenship? Concepts that aids individuals in learning and understanding how to use technology appropriately.

March 13, 2001CSci Clark University1 CSci 250 Software Design & Development Lecture #15 Tuesday, March 13, 2001.

CIT 380: Securing Computer Systems Security Solutions.

Fault Tolerance via the State Machine Replication Approach Favian Contreras.

Introduction to Interactive Media The Interactive Media Development Process.

1 Precise Enforcement of Policies After we have a policy, is there always a mechanism to enforce it? If so, can we devise a generic procedure for developing.

Computers Are Your Future Tenth Edition Spotlight 1: Ethics Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall1.

Contracts, Commissions and Copyright By Kara, Rachel, Katie and Owen.

Advanced English Writing

Digital Citizenship. Topics  Netiquette  Copyright and Fair Use  Plagiarism  Safety on the Internet  Safety on your Computer.

Operating system Security By Murtaza K. Madraswala.

MSc project report Q&A session. Outline You should all be focusing on your report now Some guidance on the report structure Q&A session.

Security CS Introduction to Operating Systems.

Cassidy Culligan Digital Citizenship Project ED 505.

Security & Trusting Trust Swarun Kumar Based on slides courtesy: Jorge Simosa MIT Spring 2013.

James McQuillen. Data protection Act 1998 The main aim of it is to protect people's fundamental rights and freedom to a particular right to privacy of.

Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Unit OS7: Security 7.1. The Security Problem.

1 Subverting the Type System and Reflections on Trusting Trust Ras Bodik, Thibaud Hottelier, James Ide UC Berkeley CS164: Introduction to Programming Languages.

PRESENTER PRIYANKA GUPTA.  Testing the complete system with respect to requirements.  In System testing, the functionalities of the system are tested.

Digital Citizen Project By: Frances Murphey Technology and Education.

CIT 380: Securing Computer Systems Security Solutions Part 2.

The Digital Crime Scene: A Software Perspective Written By: David Aucsmith Presented By: Maria Baron.

Christian Morality and Social Justice Chapter 40 Honoring God.

Digital Citizenship By Lisa Brackett ED 505. Netiquette on Social Media Sites What is it? “Netiquette is the etiquette guidelines that govern behavior.

Reflections on Trusting Trust Ken Thompson. Overview Introduction Introduction “Cutest Program” “Cutest Program” Stage 1 Stage 1 Stage 2 Stage 2 Stage.

Reviewing Reports. Can you match them from memory? Definition (Listen and write) Introduction The facts which have been discovered. Findings Practical.

Software Development Process CS 360 Lecture 3. Software Process The software process is a structured set of activities required to develop a software.

Computer Ethics. Ethics Notes Ethics: standards of honesty, morality, and fairnessEthics: standards of honesty, morality, and fairness Public Data: information.

OVERVIEW Learn about effective communication Learn how to plan, organize, and write a variety of speeches Deliver speeches on a variety of topics You will.

Literature Review: Sources Referencing Synthesis.

Internship Presentation by Gary Esworthy. Overview About me About MobilVox Living Arrangements Work Environment Project Summary Project Details (User.

Digital Citizenship Project Submitted by: Etta Pope Instructor: Laurie Fowler.

Insecure PCs virus malware phishing spam spyware botnets DNS spoofing identity theft Trojan horse buffer overflow DoS attack worm keyloggers cross-site.

Mark Ryan Professor of Computer Security 25 November 2009

PRINCIPALES OF OBJECT ORIENTED PROGRAMMING

Organizing Your Speech

CS-3013 Operating Systems Hugh C. Lauer

Research Paper Overview.

Presentation transcript:

Reflections on Trusting Trust Ken Thompson. Communication of the ACM, Vol. 27, No. 8, August 1984, pp Copyright 1984, Association for Computing Machinery, Inc. Reviewer: Katherine Rosie

27/09/00K8 (1.1)2 Paper Overview Introduction. This is an award acceptance “speech”. Stage I, II, III. A staged development outlining a potential threat. Moral. A number of points regarding trust and security Quote: “You can’t trust code that you did not totally create yourself”

27/09/00K8 (1.1)3 Stage I Definition: A self reproducing program: “when compiled and executed, will produce as output an exact copy” of itself. Such a program has two “important properties”: 1.It can be easily written by another program. 2.Anything within the program will be reproduced.

27/09/00K8 (1.1)4 Stage II “The C Compiler is written in C” example.c C Compiler (1.0) example(1 ) C Compiler (1.1) example(2 ) Key: Boxes: Source code Ovals: Compiled Binary Coloured Ovals: Include change introduced by version 1.1 of compiler

27/09/00K8 (1.1)5 Stage III Focusing on compilation of a single line of source. Miscompilations could be due to: A compiler “bug”. A fault caused by a genuine mistake. A “Trojan Horse”. A deliberate fault creating a gap in the security of the resulting binary. compile(s) char *s; { … }

27/09/00K8 (1.1)6 Stage III – Login compile C Compiler (1.0) Process “login” command. C Compiler (1.1) Change from version 1.0 (Trojan Horse): Process login command to accept additional password hoogenband login (1) “login” command accepts: userid and passwd login (2) “login” command accepts: userid, passwd and hoogenband if( match(s, “login”)) { compile(“bug”); return; }

27/09/00K8 (1.1)7 Stages I,II,III = Security Threat C Compiler (1.1) Process “login” command. C Compiler (1.0/1.1) C Compiler (1.0) login (2) “login” command accepts: userid, password and hoogenband Fault is identified in behavior of compiler version 1.1. The source is unavailable. Version 1.1 source contained a second (replicating) Trojan Horse. Attempt to remove fault using 1.0 source fails because the compilation is identified and the Trojan Horses are replicated.

27/09/00K8 (1.1)8 Morals (from the author) “You can’t trust code that you did not totally create yourself” Media role in reporting computer crime: –“The act of breaking into a computer system has to have the same social stigma as breaking into a neighbor’s house. –It should not matter that the neighbor’s door is unlocked. –The press must learn that misguided use of a computer is no more amazing than drunk driving of an automobile.”

27/09/00K8 (1.1)9 Conclusions The author uses a technical example to stimulate thought on the problems inherent in misplaced trust. Trust at a very low level. He also uses the podium he has been given in receiving an award to convey his personal concerns. I would recommend that any developer keep in mind that the end result of a compilation may not be what they expect.

27/09/00K8 (1.1)10 Discussion Point 1: Is the threat of a Compiler with a Trojan Horse still valid today? Point 2: Was it a good idea to publish the technical detail of this threat?