Current News item

I recently read an article about the XO laptop and how they are going to implement the security on these machines. The operating system of the laptop is based off of the Linux, but the security aspects and the functionality are different. The article is from Wired News and is called, "High security for $100 Laptop" and was written by Ryan Singel. The article discusses the functionality of the XO laptop and the security of the laptop. The security system of the laptop is controlled by Bitfrost developed by Ivan Krstic. The UI or user interface is controlled by Sugar and can be explained in more detail here.

First, the goal of the $100 dollar laptop is to be able to supply a computer to every one, all over the world at a price that everyone can afford. With this being said, security is tough because the operator's variety is tremendous. Children and adults alike from all over the world without much or any previous computer experience will be the operators of these machines.

What Bitfrost is trying to do is to make the design so that there are not any initial flaws that will plague the system from the beginning. Hopefully, when the XO laptop is shipped and then opened, the laptop is ready for use without having or needed to install a bunch of updates and patches.

Another feature of Bitfrost is to prevent pop-ups security questions to the user. The security rules for the operating system are already pre-set so the user does not have any interaction in setting up the security of the system. If more security is needed, then the user can go into the system and manually set the needed permissions. Another aspect of Bitfrost is that each of the programs run independently somewhat like on its own VM. This is another layer of security that tries to prevent breaches.

Bitfrost also will distribute public keys that require activation through the internet. If the internet is not available, then dongles will be used to keep the laptop operational. This might sound good in practice, but what is there to prevent the creation mass illegal dongles. If someone steals a XO laptop, they are going to know that without the activation maintenance, then the laptop is useless. I give thieves a little more credit in finding a way to get around the periodic public key maintenance.

Although I would like to believe that Bitfrost can provide adequate protection to the users, I find their optimism foolish. If the OLPC project goes to plan, and even half of the children receive laptops, hackers will find a way to manipulate the XO laptop.

Class Critique

The first class critique I am going to write is about my first day of class. The topics of discussion were Components of information security, Threats (and vulnerabilities), Policy, Mechanisms (controls), Security Goals, Trust and Assumptions, Assurance, and Operational issues.

The first topic, Components of information security, deal with the idea of a three legged approach to security. This CIA model, or Confidentiality, Integrity, and Availability, are the main concepts of what the best way is to secure a system. The idea of Confidentiality is to keep sensitive information secure and away from unintended parties. In information security, the medical field is particularly interested in the Confidentiality of their files because it has sensitive information pertaining to their patient’s records. The idea of integrity is to maintain the correctness of the information. If the integrity of bank files were in question this would cause massive uprising because how would we know that the amount of money in your account is correct? Availability is the last leg and it is just as it sounds. A system has to be available for people to use or what good is it? All of these ideas mesh together to make one secure system and without an aspect, the system is not secure.

Threats to a computer are a broad category and can be broken down into smaller, more definable components: Disclosure (Snooping), Modification or alteration, Spoofing, repudiation of origin, denial of Receipt, delay, and denial of service. A more in-depth description of all of these topics can be found here.

The threats to a computer are targeted toward specific vulnerabilities. These vulnerabilities include but not limited to, hardware, software, data, networks, and people. As long as there is new technology, there will always be new vulnerabilities and threats. Attackers are the people who exploit these vulnerabilities. As with every attacker, computer or non-computer, they need motivation, opportunity, and a method of how to attack. Although an every day burger might use a firearm as their method, a computer attacker might use a virus or worm as theirs.

In general, the class started out well and the first lecture was a nice introduction to information security. As specific and technical information security can be, this lecture provided a nice overview about the topic.

Class Critique

Software security is a vital aspect of Information Security. Some software is intended to be troublesome and is known as malicious software. Malicious software is a broad category that encompasses everything from viruses, Trojan horses, to ad-ware and spy-ware. But not all malicious software has a negative purpose. Occasionally, the software works perfectly normal, but has a hidden method to grant access to a remote user. This would be a case of malicious software.

Another problem with software is sometimes completely unintentional. These are call software vulnerabilities and when exploited cause the program to do odd and unintentional things. In class our teacher demonstrated classic software vulnerability, a buffer overflow on a Linux machine. He exploited the fact that functions in C that accept a string as an argument do not have a limit on how long the string can be. So, to fully use this exploit, the goal was to fill the memory buffer and overflow into the System memory. Once the string entered into the system memory space, the string is needed to match the location of the return address with the location of the start of the teachers shell code. The shell code just so happens to be contained in the string passed along as part of the initial argument. I though this was a great example of implementing an easy and quick software vulnerability.

This is not the only example buffer overflows can be seen. Buffer overflows are common and without adequate protection can have devastating results. For more information on buffer overflows, the wiki site is here.

Incomplete mediation is another type of software vulnerability. This software vulnerability is exploited by the user being able to change the data once it has been authorized. For example, a website that requires the total value of the shopping cart to be passed in the address as an argument. A hypothetical example could be something like this. If I went to a website call shophere and spent 300 dollars on junk, and the website validated the information like this:

www.shophere.com/checkout/total=300.

What would prevent the user from changing the total to 30 dollars to make their order look something like this:

www.shophere.com/checkout/total=30.

With this poor software design, this software vulnerability can occur. Software vulnerabilities, while in a perfect world wouldn't exist, appear everywhere. But this idea also relates to the main aspects of software security. Would it be more cost effective to create a perfect piece of software, spending millions of dollars, or is it more effective to repair and fix any exploit that occurs?