1 / 38

WHY WE MUST ASK WHY

WHY WE MUST ASK WHY. Markus Jakobsson, Principal Scientist, PayPal Keynote, June 7, 2011 MAAWG 22 nd General Meeting, San Francisco, CA. Why Did the Internet Turn out as it Did?. We first designed it to provide features , then for usability . We never designed it with abuse

minya
Download Presentation

WHY WE MUST ASK WHY

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. WHY WE MUST ASK WHY • Markus Jakobsson, Principal Scientist, PayPal • Keynote, June 7, 2011 • MAAWG 22nd General Meeting, San Francisco, CA MAAWG | maawg.org | San Francisco, CA 2011

  2. Why Did the Internet Turn out as it Did? We first designed it to provide features, then for usability. We never designed it with abuse in mind. We did not try to predict the future. And now we are in a pickle.

  3. Predicting An Unsupervised Future “Predicting the future is much too easy, anyway. You look at the people around you, the street you stand on, the visible air you breathe, and predict more of the same. To hell with more. I want better.” Ray Bradbury

  4. To Hell With More. I want better. Who? Weak Authentication Why? Where? What? Spoofing Malware Before we can address any problem, we need to know why it occurs. Talk focus: mobile Internet. Will be huge – and we can ask “why” before it is too late.

  5. Web/App Spoofing: Why Works? Where? • An attacker is successful if • The victim is tricked, and as a result • The victim acts, benefitting the attacker Jakobsson/Leddy: www.spoofkiller.com

  6. Web/App Spoofing: Why Works? Where? Traditional countermeasures address this part (locks, colors, warnings – a user communication problem) • An attacker is successful if • The victim is tricked, and as a result • The victim acts, benefitting the attacker Jakobsson/Leddy: www.spoofkiller.com

  7. Web/App Spoofing: Why Works? Where? • An attacker is successful if • The victim is tricked, and as a result • The victim acts, benefitting the attacker Can we address this instead? Jakobsson/Leddy: www.spoofkiller.com

  8. Imagine a World Where… Where? GOOD SITE NAÏVE USER SUCCESS + = NAÏVE USER (SAME ACTION) SPOOF SITE ABORT + = Jakobsson/Leddy: www.spoofkiller.com

  9. Here is How to Do It! Where? LOG IN NOW Y Got cert? N ABORT Jakobsson/Leddy: www.spoofkiller.com

  10. We are all Pavlov’s dogs! Where? Jakobsson/Leddy: www.spoofkiller.com

  11. Demo time! Where? Demo produced by Hossein Siadaty Jakobsson/Leddy: www.spoofkiller.com

  12. Jakobsson/Leddy: www.spoofkiller.com

  13. Jakobsson/Leddy: www.spoofkiller.com

  14. Take-Home Message Where? It is more important to understand people than to understand computers. Jakobsson/Leddy: www.spoofkiller.com

  15. Now: Authentication Who? • People hate passwords – especially on handsets • Slow to enter … • … and then you realize you mistyped something! • At the same time, recall rates are low for passwords • … and reset is difficult / insecure / expensive • PINs are faster … • … but not very secure • … and reuse is rampant Jakobsson/Akavipat: www.fastword.me

  16. Understanding usability issues Who? Q. Why are passwords more painful than text? A. Text uses auto-correction/completion! Jakobsson/Akavipat: www.fastword.me

  17. Understanding recall issues Who? Q. Why are (good) passwords hard to recall? A. Good passwords are weird! (Ebbinghausen, 1885) Jakobsson/Akavipat: www.fastword.me

  18. A stab at a solution Who? Not so secure, you say? Approx. 64k words only. frog frof fro fr f frof Auto correct works Jakobsson/Akavipat: www.fastword.me

  19. A stab at a solution Who? frog flat work Auto correct works Jakobsson/Akavipat: www.fastword.me

  20. A Look at Speed Who? Jakobsson/Akavipat: www.fastword.me

  21. A Look at Security Who? Average fastword Average password Jakobsson/Akavipat: www.fastword.me

  22. Forgot your fastword? Hint: “frog” Who? EFFECTIVE RECALL: 0.36+(1-0.36)*0.48=0.67 …. 67% Jakobsson/Akavipat: www.fastword.me

  23. Forgot your fastword? Hint: “frog” Who? Average password Average fastword Jakobsson/Akavipat: www.fastword.me

  24. Big-Picture Insight Who? We can improve as basic things as passwords – if we ask “why”. Jakobsson/Akavipat: www.fastword.me

  25. Dealing with Malware What? Problem: Power Jakobsson/Johansson: www.fatskunk.com

  26. Dealing with Malware What? • Three truths: • Nasty malware is active • Active routines are in RAM • Algorithms: time-space trade-off Jakobsson/Johansson: www.fatskunk.com

  27. Dealing with Malware What? monolith kernel • Swap out all programs (malware may refuse) cache RAM Jakobsson/Johansson: www.fatskunk.com

  28. Dealing with Malware What? monolith kernel • Swap out all programs (malware may refuse) • Overwrite all “free” RAM pseudo-random content(malware refuses again) cache RAM Jakobsson/Johansson: www.fatskunk.com

  29. Dealing with Malware What? monolith kernel • Swap out all programs (malware may refuse) • Overwrite all “free” RAM • pseudo-random content(malware refuses again) cache RAM Jakobsson/Johansson: www.fatskunk.com

  30. Dealing with Malware What? monolith kernel • Swap out all programs (malware may refuse) • Overwrite all “free” RAM • pseudo-random content(malware refuses again) • 3. Compute keyed digest of all RAM (access order unknown a priori) cache RAM Jakobsson/Johansson: www.fatskunk.com

  31. Dealing with Malware What? monolith kernel • Swap out all programs (malware may refuse) • Overwrite all “free” RAM • pseudo-random content(malware refuses again) • 3. Compute keyed digest of all RAM (access order unknown a priori) cache RAM Jakobsson/Johansson: www.fatskunk.com

  32. Dealing with Malware What? monolith kernel • Swap out all programs (malware may refuse) • Overwrite all “free” RAM • pseudo-random content(malware refuses again) • 3. Compute keyed digest of all RAM (access order unknown a priori) cache External verifier provides this RAM Jakobsson/Johansson: www.fatskunk.com

  33. Dealing with Malware What? monolith kernel • Swap out all programs (malware may refuse) • Overwrite all “free” RAM • pseudo-random content(malware refuses again) • 3. Compute keyed digest of all RAM (access order unknown a priori) cache External verifier will time this (and check result of computation) RAM Jakobsson/Johansson: www.fatskunk.com

  34. Dealing with Malware What? • Malware has options: • Swap out and become inactive • Stay, cause delay, be detected • Refuse connection, be detected • Die and remain unnoticed Jakobsson/Johansson: www.fatskunk.com

  35. After test passed What? Scan flash for inactive malware, make secure backup to cloud, DRM, password manager, virtualized phone setup, banking app, vote casting, unlock data/apps, … Jakobsson/Johansson: www.fatskunk.com

  36. More detail: unlocking data/apps What? GET KEY FROM VERIFIER. FLASH RAM Application Application LOAD Encrypted storage of data and routines Decrypted storage of data and routines Jakobsson/Johansson: www.fatskunk.com

  37. THE FUTURE MATTERS TODAY Why? Anticipating problems gives us time to innovate. Jakobsson/Johansson: www.fatskunk.com

  38. Why does user education fail? A final why Contact me to talk spoofing, authentication, malware, mobile, education … and “why”!

More Related