lectures.alex.balgavy.eu

Lecture notes from university.
git clone git://git.alex.balgavy.eu/lectures.alex.balgavy.eu.git
Log | Files | Refs | Submodules

Lecture 1_ Intro & History.md (2185B)

      1 +++
      2 title = "Lecture 1: Intro & History"
      3 +++
      4 # Lecture 1: Intro & History
      5 ## QUANTUM - the NSA is always watching
      6 SSO (special source operations site) connected to internet router sees the "QUANTUM tasked" packet to a legitimate server, forwards it to TAO's FOXACID server
      7 - TAO: tailored access operations (NSA project)
      8 - FOXACID: NSA's "exploit orchestrator" that can attack target computers in different ways
      9 
     10 Then, FOXACID injects a URL into the packet and sends back to computer, often beating the legitimate packet reply back.
     11 The server checks if the target browser is exploitable, and if yes, it sends exploit back to target.
     12 
     13 QUANTUM affects linkedin, youtube, facebook, twitter, and basically everything else.
     14 Oh and the NSA also has partners in other countries, so they cover other national services too.
     15 
     16 First stage:
     17 - VALIDATOR: backdoor Trojan on Windows that contacts a Listening Post, allows it to add more sophisticated malware
     18 - OLYMPUSFIRE: software implant on Windows, gives complete access, essentially adds your computer to a botnet
     19 
     20 **The lesson:** many security threats start in the network, such as this one, where a legitimate reply was spoofed
     21 
     22 ## Security
     23 Combination of:
     24 - confidentiality (privacy)
     25 - integrity (consistency)
     26 - availability
     27 
     28 Systems are made by people, so they're not perfect.
     29 Some apps work as designed but contain vulnerabilities.
     30 
     31 Security *error*: made by human
     32 Security *bug*: consequence of error (also "vulnerability"), can be "exploited", compromising the security of the system
     33 
     34 ## Security analysis
     35 Determining the security of the system, wrt:
     36 - set of known design guidelines
     37 - set of known security problems
     38 - its environment
     39 
     40 ## Some history
     41 Started with phone phreaking and "Captain Crunch" (John Draper), who used the whistle that comes in boxes of Capn Crunch to authorise long-distance calls.
     42 
     43 The Morris worm:
     44 - consisted of main program and bootstrap program
     45 - first step:
     46     - buffer overflow in `fingerd`, bug in `sendmail` program allowing commands to be executed
     47     - sucks in bootstrap program from infecting machine
     48 - second step: bootstrap program compiled and run, fetching precompiled version of main program