square wheels and round tuits
play

Square Wheels and Round Tuits Steven M. Bellovin - PowerPoint PPT Presentation

Mar 13, 2024 •350 likes •662 views

Square Wheels and Round Tuits Steven M. Bellovin http://www.cs.columbia.edu/~smb Columbia University April 4, 2006 1 / 22 A Conversation, Circa 1981 Me: You get a lot more performance if you A Conversation, Circa 1981 A Talk, Circa 1982

  1. Square Wheels and Round Tuits Steven M. Bellovin http://www.cs.columbia.edu/~smb Columbia University April 4, 2006 1 / 22

  2. A Conversation, Circa 1981 Me: You get a lot more performance if you A Conversation, Circa 1981 A Talk, Circa 1982 buffer disk I/O The Sins of the Fathers. . . Hobbyist: But then I can’t just eject the floppy A History Lesson Me: You also need memory protection The Root Cause Hobbyist: Why? I’m the only one using the There is a Threat Cell Phone/PDA machine Viruses More Problems Me: (Argghh!) Bellovin’s Laws of Networking Interconnections We Have to Start Somewhere The Square Wheel Parts of a Solution Securing New Systems Principles Solution Characteristics Retrofits It May be Easier 2 / 22

  3. A Talk, Circa 1982 Me: Writing code in a high-level language will A Conversation, Circa 1981 A Talk, Circa 1982 improve productivity and reduce bugs The Sins of the Fathers. . . Audience: You don’t understand how small A History Lesson these machines are! The Root Cause Me: They’ll get bigger There is a Threat Cell Phone/PDA Audience: But today they’re small Viruses More Problems Bellovin’s Laws of Networking Interconnections We Have to Start Somewhere The Square Wheel Parts of a Solution Securing New Systems Principles Solution Characteristics Retrofits It May be Easier 3 / 22

  4. The Sins of the Fathers. . . “Programs written specifically for IBM A Conversation, ■ Circa 1981 A Talk, Circa 1982 compatibles could run faster by bypassing slow The Sins of the Fathers. . . MS-DOS functions, e.g. by writing video A History Lesson information directly to the area of memory The Root Cause assigned to it.” —Wikipedia entry on DOS There is a Threat Cell Phone/PDA That meant that Windows 95 had to permit Viruses ■ More Problems such behavior, and hence couldn’t really run Bellovin’s Laws of Networking Interconnections protected We Have to Start Somewhere Windows 98 couldn’t, either; on Windows XP, ■ The Square Wheel Parts of a Solution most users run as Administrator because many Securing New Systems applications require it Principles Solution Characteristics We are paying today for decisions made 25 ■ Retrofits It May be Easier years ago 4 / 22

  5. A History Lesson Mainframes, 1960 Single application at a time, A Conversation, Circa 1981 A Talk, Circa 1982 no memory protection, limited address space The Sins of the Fathers. . . A History Lesson The Root Cause There is a Threat Cell Phone/PDA Viruses More Problems Bellovin’s Laws of Networking Interconnections We Have to Start Somewhere The Square Wheel Parts of a Solution Securing New Systems Principles Solution Characteristics Retrofits It May be Easier 5 / 22

  6. A History Lesson Mainframes, 1960 Single application at a time, A Conversation, Circa 1981 A Talk, Circa 1982 no memory protection, limited address space The Sins of the Fathers. . . Minis, 1970 Single application at a time, no A History Lesson memory protection, limited address space The Root Cause There is a Threat Cell Phone/PDA Viruses More Problems Bellovin’s Laws of Networking Interconnections We Have to Start Somewhere The Square Wheel Parts of a Solution Securing New Systems Principles Solution Characteristics Retrofits It May be Easier 5 / 22

  7. A History Lesson Mainframes, 1960 Single application at a time, A Conversation, Circa 1981 A Talk, Circa 1982 no memory protection, limited address space The Sins of the Fathers. . . Minis, 1970 Single application at a time, no A History Lesson memory protection, limited address space The Root Cause Micros, 1980 Single application at a time, no There is a Threat Cell Phone/PDA memory protection, limited address space Viruses More Problems Bellovin’s Laws of Networking Interconnections We Have to Start Somewhere The Square Wheel Parts of a Solution Securing New Systems Principles Solution Characteristics Retrofits It May be Easier 5 / 22

  8. A History Lesson Mainframes, 1960 Single application at a time, A Conversation, Circa 1981 A Talk, Circa 1982 no memory protection, limited address space The Sins of the Fathers. . . Minis, 1970 Single application at a time, no A History Lesson memory protection, limited address space The Root Cause Micros, 1980 Single application at a time, no There is a Threat Cell Phone/PDA memory protection, limited address space Viruses More Problems PCs, 1990 Single application at a time, no Bellovin’s Laws of Networking Interconnections memory protection, limited address space We Have to Start Somewhere The Square Wheel Parts of a Solution Securing New Systems Principles Solution Characteristics Retrofits It May be Easier 5 / 22

  9. A History Lesson Mainframes, 1960 Single application at a time, A Conversation, Circa 1981 A Talk, Circa 1982 no memory protection, limited address space The Sins of the Fathers. . . Minis, 1970 Single application at a time, no A History Lesson memory protection, limited address space The Root Cause Micros, 1980 Single application at a time, no There is a Threat Cell Phone/PDA memory protection, limited address space Viruses More Problems PCs, 1990 Single application at a time, no Bellovin’s Laws of Networking Interconnections memory protection, limited address space We Have to Start Somewhere Embedded systems, now . . . The Square Wheel Parts of a Solution Securing New Systems Principles Solution Characteristics Retrofits It May be Easier 5 / 22

  10. A Conversation, Circa 1981 A Talk, Circa 1982 The Sins of the Fathers. . . A History Lesson The Root Cause Those who cannot remember the past are There is a Threat Cell Phone/PDA condemned to repeat it. Viruses More Problems Bellovin’s Laws of Networking —George Santayana, 1906 Interconnections We Have to Start Somewhere The Square Wheel Parts of a Solution Securing New Systems Principles Solution Characteristics Retrofits It May be Easier 6 / 22

  11. The Root Cause Vendors shipped as soon as the hardware was A Conversation, ■ Circa 1981 A Talk, Circa 1982 capable of handling base functionality The Sins of the Fathers. . . A year later, the better hardware is used for ■ A History Lesson more functionality The Root Cause By the time people think about security, ■ There is a Threat Cell Phone/PDA there’s an installed base problem Viruses More Problems Besides, no one believed there was a problem Bellovin’s Laws of ■ Networking Interconnections We have two challenges: ■ We Have to Start Somewhere The Square Wheel To ensure that new systems are designed ◆ Parts of a Solution Securing New properly Systems Principles To figure out how to retrofit legacy ◆ Solution Characteristics systems Retrofits It May be Easier 7 / 22

  12. A Conversation, Circa 1981 A Talk, Circa 1982 The Sins of the Fathers. . . A History Lesson The Root Cause There is a Threat Cell Phone/PDA “Software longa, hardware brevis” Viruses More Problems —Melinda Shore Bellovin’s Laws of Networking Interconnections We Have to Start Somewhere The Square Wheel Parts of a Solution Securing New Systems Principles Solution Characteristics Retrofits It May be Easier 8 / 22

  13. There is a Threat 34 security incidents targetted at process A Conversation, ■ Circa 1981 A Talk, Circa 1982 plants were identified between 1995 and 2003 The Sins of the Fathers. . . 29% of the incidents led to companies losing ■ A History Lesson the ability to monitor or control the plant The Root Cause 36% of external attacks came through the ■ There is a Threat Cell Phone/PDA Internet Viruses More Problems The number of incidents has been increasing Bellovin’s Laws of ■ Networking Interconnections sharply since 2000. We Have to Start Somewhere The Square Wheel Source: http://www.crime-research.org/news/ Parts of a Solution Securing New 19.10.2004/727/ Systems Principles Solution Characteristics Retrofits It May be Easier 9 / 22

  14. Cell Phone/PDA Viruses “Prepare for the likelihood of an increasing A Conversation, ■ Circa 1981 A Talk, Circa 1982 number of threats as time goes on.” The Sins of the Fathers. . . (Microsoft.com) A History Lesson “Cardtrap.A, a Trojan that attacks Symbian ■ The Root Cause mobile phone operating systems, attempts to There is a Threat Cell Phone/PDA infect users’ PCs if they insert the phone’s Viruses More Problems memory card into their computers.” Bellovin’s Laws of Networking Interconnections (news.com) We Have to Start Somewhere “What if a virus drained your cell’s battery and ■ The Square Wheel Parts of a Solution suddenly you couldn’t be reached?” . . . “Once Securing New Systems initiated, it sends the attacker an email Principles Solution Characteristics containing the IP address of your PDA.” Retrofits (Symantec.com) It May be Easier 10 / 22

Recommend

revitalizing our downtown Why Redevelop Garden Square? ...to create a year-round DESTINATION

revitalizing our downtown Why Redevelop Garden Square? ...to create a year-round DESTINATION

Proposed redevelopment concept for Garden Square View Looking South from CIBC Public Information Session - June 17, 2014 revitalizing our downtown Why Redevelop Garden Square? ...to create a year-round DESTINATION that incorporates

213 views • 17 slides
Resources: Round Peg in a Square Hole? The purpose of this presentation is to analyze both the

Resources: Round Peg in a Square Hole? The purpose of this presentation is to analyze both the

situational awareness | preparedness | response | recovery Resources: Round Peg in a Square Hole? The purpose of this presentation is to analyze both the local jurisdictions and IMTs perspectives regarding resource ordering, tracking,

332 views • 17 slides
NEU TABLE By HAY Neu Table is a small table designed by HAY with a round or a square tabletop.

NEU TABLE By HAY Neu Table is a small table designed by HAY with a round or a square tabletop.

NEU TABLE By HAY Neu Table is a small table designed by HAY with a round or a square tabletop. Neu Table fjts a wide variety of indoor and outdoor environments, including offjces, cafs, restaurants, gardens, terraces and balconies. Neu Table

422 views • 10 slides
From OO to FPGA: From OO to FPGA: Fitting Round Objects Fitting Round Objects into Square

From OO to FPGA: From OO to FPGA: Fitting Round Objects Fitting Round Objects into Square

From OO to FPGA: From OO to FPGA: Fitting Round Objects Fitting Round Objects into Square Hardware? into Square Hardware? Stephen Kou Stephen Kou Jens Palsberg Jens Palsberg UCLA Computer Science Department UCLA Computer Science

429 views • 31 slides
Square Pegs in a Round Pipe: Wire-Compatible Unordered Delivery In TCP and TLS Michael F. Nowlan

Square Pegs in a Round Pipe: Wire-Compatible Unordered Delivery In TCP and TLS Michael F. Nowlan

Square Pegs in a Round Pipe: Wire-Compatible Unordered Delivery In TCP and TLS Michael F. Nowlan 2 Nabin Tiwari 1 Jana Iyengar 1 Syed Obaid Amin 12 Bryan Ford 2 1 Franklin & Marshall 2 Yale University College Project webpage:

514 views • 34 slides
Wheels Wheels Friction wastes energy Friction wastes energy Wheels mitigate the effects

Wheels Wheels Friction wastes energy Friction wastes energy Wheels mitigate the effects

Wheels 1 Wheels 2 Observations about Wheels Observations about Wheels Friction makes wheel Friction makes wheel- -less objects skid to a stop less objects skid to a stop Wheels Wheels Friction wastes energy Friction wastes energy

335 views • 4 slides
How to Create a Workplace Delivery Team at Your Company What is Meals on Wheels? Meals on Wheels

How to Create a Workplace Delivery Team at Your Company What is Meals on Wheels? Meals on Wheels

How to Create a Workplace Delivery Team at Your Company What is Meals on Wheels? Meals on Wheels is a community-based service that provides fresh, nutritious meals and friendly visits to seniors and individuals with short and long-term

441 views • 9 slides
Programming Robots with Westside Boiler Invasion and AndyMark Parts of Robots Sensors Computer/

Programming Robots with Westside Boiler Invasion and AndyMark Parts of Robots Sensors Computer/

Programming Robots with Westside Boiler Invasion and AndyMark Parts of Robots Sensors Computer/ Attachments Brain Movement Mecanum Wheels Omni Wheels Intake Wheels Movement Plaction Wheels Pneumatic Wheels Scooper Shooting

655 views • 8 slides
Fitting a Round Peg in a Square Hole: Japanese Resource Grammar in GF Elizaveta Zimina 29th

Fitting a Round Peg in a Square Hole: Japanese Resource Grammar in GF Elizaveta Zimina 29th

Fitting a Round Peg in a Square Hole: Japanese Resource Grammar in GF Elizaveta Zimina 29th August, 2013 GF Summer School 2013, Frauenchiemsee, Germany Stylistic Differentiation plain style: informal spoken language, in most books,

332 views • 12 slides
Domai Domain St Station ion A SQUARE PEG IN A ROUND HOLE Domai Domain St Station ion

Domai Domain St Station ion A SQUARE PEG IN A ROUND HOLE Domai Domain St Station ion

Me Melbourne Met Metro Rai Rail Domai Domain St Station ion A SQUARE PEG IN A ROUND HOLE Domai Domain St Station ion Presenter: William M. McIntosh B.E.(Hons), M.Sc., MAusIMM(CP) Background: Engineer educated in Melbourne and

269 views • 23 slides
Wheels Wheels wheels and burn rubber or if you just barely wheels and burn rubber or

Wheels Wheels wheels and burn rubber or if you just barely wheels and burn rubber or

Wheels 1 Wheels 2 Introductory Question Introductory Question The light turns green and youre in a hurry. The light turns green and youre in a hurry. Will your car accelerate faster if you skid your Will your car accelerate faster

179 views • 5 slides
Toy Example Toy Example Toy Example Toy Example Toy Example D 1 weak classifiers = vertical or

Toy Example Toy Example Toy Example Toy Example Toy Example D 1 weak classifiers = vertical or

Toy Example Toy Example Toy Example Toy Example Toy Example D 1 weak classifiers = vertical or horizontal half-planes Round 1 Round 1 Round 1 Round 1 Round 1 h 1 D 2 " 1 =0.30 ! =0.42 1 Round 2 Round 2 Round 2 Round 2 Round

188 views • 5 slides
Wounded Wheels Restoring Heroes and Hot Rods Wounded Wheels Restoring Heroes and Hotrods

Wounded Wheels Restoring Heroes and Hot Rods Wounded Wheels Restoring Heroes and Hotrods

Wounded Wheels Restoring Heroes and Hot Rods Wounded Wheels Restoring Heroes and Hotrods Wh Who a o and nd Wh What t We We Are A federally recognized 501(c)(3) public charity Modifying iconic American muscle cars

437 views • 10 slides
Wounded Wheels Restoring Heroes and Hot Rods Wounded Wheels Restoring Heroes and Hotrods

Wounded Wheels Restoring Heroes and Hot Rods Wounded Wheels Restoring Heroes and Hotrods

Wounded Wheels Restoring Heroes and Hot Rods Wounded Wheels Restoring Heroes and Hotrods Th The e big Th Three ee Engineering and design concepts applied to commonly available resources that provide accessibility in new ways

765 views • 21 slides
MicheleErwin@AllWheelsUp.org www.AllWheelsUp.org WHO IS ALL WHEELS UP? AWU is a 501(c)(3)

MicheleErwin@AllWheelsUp.org www.AllWheelsUp.org WHO IS ALL WHEELS UP? AWU is a 501(c)(3)

MicheleErwin@AllWheelsUp.org www.AllWheelsUp.org WHO IS ALL WHEELS UP? AWU is a 501(c)(3) non-for-profit organization AWU is the ONLY organization in the world crash testing wheelchair restraints for In-cabin use @allwheelsup All Wheels

355 views • 31 slides
TagYoure It! TagYoure It! Michelle Cummings M.S. Training Wheels Michelle

TagYoure It! TagYoure It! Michelle Cummings M.S. Training Wheels Michelle

TagYoure It! TagYoure It! Michelle Cummings M.S. Training Wheels Michelle Cummings M.S. Training Wheels www.training-wheels.com Energizer Games Pair Tag Evolution Viper Tag Wagon Wheel Tag

617 views • 16 slides
P owe rPC Xe n Round Peg, Square Hole? Hollis Blanchard Jimi Xenidis B acking: LTC (Hollis)

P owe rPC Xe n Round Peg, Square Hole? Hollis Blanchard Jimi Xenidis B acking: LTC (Hollis)

P owe rPC Xe n Round Peg, Square Hole? Hollis Blanchard Jimi Xenidis B acking: LTC (Hollis) commitment to productizing on Xen Research commitment to using Xen for Virtualization Research Power.org, commitment to PPC based open

713 views • 8 slides
DELIVERY l i m u a S h a h S 0 1 0 2 U L k . c a H net-square # who am i

DELIVERY l i m u a S h a h S 0 1 0 2 U L k . c a H net-square # who am i

Hi! Your exploits have arrived. EXPLOIT DELIVERY l i m u a S h a h S 0 1 0 2 U L k . c a H net-square # who am i Saumil Shah, CEO Net-square LinkedIn: saumilshah net-square The Web Has Evolved "The amount of

1.01k views • 37 slides
GB Auto The Ghabbour Group of Companies Everything on Wheels GB Auto, S.A.E I nitial

GB Auto The Ghabbour Group of Companies Everything on Wheels GB Auto, S.A.E I nitial

EVERYTHING ON WHEELS GB Auto The Ghabbour Group of Companies Everything on Wheels GB Auto, S.A.E I nitial Public Offering Investor Presentation I nvestor Presentation | February 2008 GB Auto 1 I. Executive Summary GB Auto GB

1.03k views • 38 slides
Heres to the crazy ones . The misfits. The rebels. The troublemakers. The round pegs in the

Heres to the crazy ones . The misfits. The rebels. The troublemakers. The round pegs in the

Heres to the crazy ones . The misfits. The rebels. The troublemakers. The round pegs in the square holes. The ones who see things differently. Theyre not fond of rules. And they have no respect for the status quo. You can quote them,

910 views • 36 slides
Most traditional stories are like a round, crocheted potholder. The storyteller goes round and

Most traditional stories are like a round, crocheted potholder. The storyteller goes round and

Alberta Jones Assistant Professor, School of Education, U of A Southeast Ph.D. Candidate-Indigenous Studies, U of A Fairbanks June, 2016 Most traditional stories are like a round, crocheted potholder. The storyteller goes round and round

575 views • 20 slides
GB Auto The Ghabbour Group of Companies Everything on Wheels GB Auto, S.A.E Initial

GB Auto The Ghabbour Group of Companies Everything on Wheels GB Auto, S.A.E Initial

EVERYTHING ON WHEELS GB Auto The Ghabbour Group of Companies Everything on Wheels GB Auto, S.A.E Initial Public Offering Investor Presentation Investor Presentation | March 2008 GB Auto 1 GB Auto I. Executive Summary GB

541 views • 38 slides
I-SQU SQUARE ARE Proudly udly making ing the e dream am of f a b better tter Ir

I-SQU SQUARE ARE Proudly udly making ing the e dream am of f a b better tter Ir

I-SQU SQUARE ARE Proudly udly making ing the e dream am of f a b better tter Ir Irondequo ndequoit it a reality lity Welcome to I-Square! Background of I-Square I-Square is a redeveloped, pedestrian-friendly, mixed- use Town

587 views • 19 slides
1 Outline Chi-square test Logistic regression 2 Chi-square test 3 Chi-Square Test -

1 Outline Chi-square test Logistic regression 2 Chi-square test 3 Chi-Square Test -

Dongmei Li Department of Public Health Sciences Office of Public Health Studies University of Hawaii at Mnoa 1 Outline Chi-square test Logistic regression 2 Chi-square test 3 Chi-Square Test - Example Data below reveal a

547 views • 31 slides

More recommend