tankar om streck - department of computer and information...
TRANSCRIPT
Summary
• More and more of our surroundings is controlled by
software
• Tools can get new unexpected features
• Software around us becomes only more advanced =
more complicated and komplex
• Development is not the same as more robust
• Internet of Things
• Often Wireless
• Difficult to think outside the normal use
What do we see?
Demo
What is security?
Confidentiality
Availability Integrity
CIA vs AIC
Confidentiality
Availability Integrity
http://www.anniesinternetcafe.com
Healthcare
Healthcare
Another example of embedded systems
Are we without hope?
State that "attacking" SCADA systems
- a known example!
1982: Siberian Gas Pipeline Explosion.
”While the following cannot be fully confirmed, it has been reported that during the Cold War the CIA inserted malicious code into control system software leaked to the Soviet Union. The software, which controlled pumps, turbines, and valves on a Soviet gas pipeline, was programmed to malfunction after a set interval. The malfunction caused the control system to reset pump speeds and valve settings to produce pressures beyond the failure ratings of pipeline joints and welds, eventually causing an enormous explosion.”
This has more or less been verified by V. G. & Cherkashin Feifer, Spy Handler: Memoir of a KGB officer: The true story of the man who recruited Robert That Hanssen and Aldrich Ames, Basic Books, 2005.
Trust
Fides est bona,
sed custodia
est melior
2007 Pew Global Attitudes
Social trust
• QOG gives good societies
• Lack of trust provides:
• Increased transaction costs
• Increased feeling of insecurity
• Reduced use
• IT Security do not add any functionality
• IT security must be built from the beginning
Trivial example
Tailored Access Operations
Glenn Greenwald: No place to hide,
2014
Last Home-PC offer
Nytt HemPC-erbjudande
Frå[email protected] för Tommy Lodehed
Datum den 19 april 2006 13:16:[email protected]:
ÄmneNytt HemPC-erbjudandeHej,
nytt HemPC-erbjudande enligt nedan.
För PC:
www.dellhempc.nu/view/foi
Klicka på länken ovan så kommer du till beställningssidan.
OBS! När du beställt, skriv ut beställningsbekräftelsen samt låneavtalet (som skall skrivas under) och skicka till Tommy Lodehed på Inköp.
För Mac:
http://intranet.foi.se/upload/organisation/forskningsstod/enheter/ekonomi/inkop/HemMac-2006-FOI.pdf
Klicka på länken ovan så öppnas ett PDF-dokument.
Skriv ut och fyll i beställningen som skall skickas tillsammans med ett underskrivet låneavtal till Tommy Lodehed på Inköp.
Har du några frågor kontakta mig.
Hälsningar
Tommy
Tommy Lodehed
FOI Inköp/FOI Purchasing Office
Phone: 46 13 378117 / Fax: 46 13 378067
Email: [email protected]
www.dellhempc.nu/view/foi
More of the same contract
www.dellhempc.nu/view/forsvaret
Login at Dell
Personnummer
UTAN bindestreck
So what?
• Could there be something on a home PC that
does not should not be there?
• Do we take work home?
A new quote
"So Snowden returned to the NSA, the This time as
an employee of Dell Corporation, which
collaborated with the Agency. "
Glenn Greenwald: No place to hide,
2014
Risks with increased security?