Presentation is loading. Please wait.

Presentation is loading. Please wait.

Prolog to Lecture 2 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Published byLindsey Lee Modified over 6 years ago

Similar presentations

Presentation on theme: "Prolog to Lecture 2 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008."— Presentation transcript:

1 Prolog to Lecture 2 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008

2 What’s This Prolog Stuff?
When I can, I will add a short presentation to each lecture Discussing application of material from the previous or recent lectures Generally stuff that’s pretty timely

3 Do We Really Care About Security?
Security gets a lot of lip-service But is the community out there really behind it? Particularly the industrial community that builds our software? Three recent stories suggest maybe not

4 1. Fun With Firewire Many computers have firewire interfaces
Especially laptops These interfaces allow direct access to memory No access control No nuthin’

5 What’s That Mean? Anyone who hooks up a firewire device to your laptop doesn’t need to log in He can just read and alter the memory Proof-of-concept tool1 allows you to own Windows machine in seconds 1http://

6 What’s the Response? “Well, duh, that’s what Firewire is supposed to do” In other words, we designed your computer to let anyone take it over If they have physical access All this login stuff is just window dressing to impress the rubes

7 2. Backdoor Processors Many devices come with complete processors “hidden” inside Printers, routers, storage devices, etc. They’re installed with complete OSes Which are often very badly configured Allowing anyone access

8 The Implications If attacker knows about these, And you don’t,
He’s got a hidden backdoor into your system Often these processors have network capabilities And can access the CPU you already knew you had

9 What’s That Mean? The people who put these processors in neither knew nor cared about security System management (the purpose of them) was more important They didn’t care enough to even mention they were there

10 3. Apple Patching Everyone knows Macs are “more secure” than Windows machines Well, they’re not Recent study1 shows Apple: Has more vulnerabilities Takes longer to patch them Suffers more attacks on unpatched flaws 1http://

11 What’s That Mean? Apple wasn’t entirely honest about really caring about security They aren’t spending the money to patch flaws And they have plenty to patch They’re talking the talk, not walking the walk

12 The General Lesson Just because people say they care about security doesn’t mean they do Many decisions seem to be made without even considering security implications

Download ppt "Prolog to Lecture 2 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008."

Similar presentations

FatMax 2007. Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5.

FatMax Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5.
Basic Computer Vocabulary

Basic Computer Vocabulary
PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”

PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”
Computer Systems.

Computer Systems.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
Computers They're Not Magic! (for the most part)‏ Adapted from Ryan Moore.

Computers They're Not Magic! (for the most part)‏ Adapted from Ryan Moore.
Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.

Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.
Lecture 4 Page 1 CS 236 Online Prolog to Lecture 4 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 4 Page 1 CS 236 Online Prolog to Lecture 4 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 10 Page 1 CS 236 Online Prolog to Lecture 10 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 10 Page 1 CS 236 Online Prolog to Lecture 10 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 15 Page 1 CS 236 Online Evaluating System Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 15 Page 1 CS 236 Online Evaluating System Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 15 Page 1 Advanced Network Security Perimeter Defense in Networks: Firewalls Configuration and Management Advanced Network Security Peter Reiher.

Lecture 15 Page 1 Advanced Network Security Perimeter Defense in Networks: Firewalls Configuration and Management Advanced Network Security Peter Reiher.
CSCD 303 Essential Computer Security Spring 2013 Lecture 8 - Desktop Security OS Security Compared Reading: See References.

CSCD 303 Essential Computer Security Spring 2013 Lecture 8 - Desktop Security OS Security Compared Reading: See References.
Lecture 13 Page 1 CS 236 Online Secure Programming CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 13 Page 1 CS 236 Online Secure Programming CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Operating Systems Lesson Objective: Understanding the functions of an operating system. Learning Outcome: Answer some basic questions on operating systems.

Operating Systems Lesson Objective: Understanding the functions of an operating system. Learning Outcome: Answer some basic questions on operating systems.
By: Victoria Cain CPU- the component of a computer system that PROCESSES basic operations of the system. Monitor- a cathode-ray tube used for display.

By: Victoria Cain CPU- the component of a computer system that PROCESSES basic operations of the system. Monitor- a cathode-ray tube used for display.
Chapter 1: Applying Computer Basics – Lesson 1 © 2010, 2006 South-Western, Cengage Learning.

Chapter 1: Applying Computer Basics – Lesson 1 © 2010, 2006 South-Western, Cengage Learning.
Lecture 15 Page 1 CS 236 Online Prolog to Lecture 15 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 15 Page 1 CS 236 Online Prolog to Lecture 15 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 19 Page 1 CS 236 Online Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 19 Page 1 CS 236 Online Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
CS101 Computer Software. Software Software is... Two main types of software are…

CS101 Computer Software. Software Software is... Two main types of software are…
Lecture 2 Page 1 CS 236 Online Prolog to Lecture 2 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 2 Page 1 CS 236 Online Prolog to Lecture 2 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Similar presentations

Ads by Google