28c3: The Science of Insecurity
Loading...
Uploaded by 28c3 on Dec 28, 2011
Download high quality version: http://bit.ly/uSJPUL
Description: http://events.ccc.de/congress/2011/Fahrplan/events/4763.en.html
Meredith L. Patterson, Sergey: The Science of Insecurity
Why is the overwhelming majority of common networked software still not secure, despite all effort to the contrary? Why is it almost certain to get exploited so long as attackers can craft its inputs? Why is it the case that no amount of effort seems to be enough to fix software that must speak certain protocols?
The answer to these questions is that for many protocols and services currently in use on the Internet, the problem of recognizing and validating their "good", expected inputs from bad ones is either not well-posed or is undecidable (i. e., no algorithm can exist to solve it in the general case), which means that their implementations cannot even be comprehensively tested, let alone automatically checked for weaknesses or correctness. The designers' desire for more functionality has made these protocols effectively unsecurable.
In this talk we'll draw a direct connection between this ubiquitous insecurity and basic computer science concepts of Turing completeness and theory of languages. We will show how well-meant protocol designs are doomed to their implementations becoming clusters of 0-days, and will show where to look for these 0-days. We will also discuss simple principles of how to avoid designing such protocols.
- 128 likes, 4 dislikes
-
Top Comments
All Comments (18)
-
I fall asleep with this video... Worst than my lecturer...
-
@GIMBLUTAXT LOL Me too!
-
Thank you. This has really opened my eyes. I'll never look at a parser the same way again.
-
Meredith really reminds me of Amy Farrah from the big bang theory.
-
"*chough* ASN.1 *cough*" ♥
-
@Jibes tinyurl_com_7x2zawj
- 1:07:34
28c3: Taking control over the Tor networkby 28c33,752 views
- 1:06:11
28c3: Black Ops of TCP/IP 2011by 28c37,618 views
- 1:03:37
28c3: Print Me If You Dareby 28c325,357 views
- 54:47
28c3: Datamining for Hackersby 28c33,497 views
- 1:02:05
28c3: Automatic Algorithm Invention with a GPUby 28c32,570 views
- 28:20
28c3: Ooops I hacked my PBXby 28c33,038 views
- 1:01:00
28c3: The Atari 2600 Video Computer System: The Ultimate Talkby 28c34,750 views
- 56:23
28c3: Rootkits in your Web applicationby 28c33,227 views
- 59:41
28c3: Echtes Netzby 28c33,110 views
- 59:12
28c3: New Ways I'm Going to Hack Your Web Appby 28c34,577 views
- 49:26
28c3: r0ket++by 28c33,763 views
- 26:41
28c3: A Brief History of Plutocracyby 28c36,532 views
- 56:57
28c3: Effective Denial of Service attacks against web application platformsby 28c321,680 views
- 57:41
28c3: Defending mobile phonesby 28c310,401 views
- 1:06:31
28c3: KinectFusionby 28c33,036 views
- 1:02:36
28c3: Bitcoin - An Analysisby 28c33,829 views
- 1:02:55
28c3: Reverse-engineering a Qualcomm basebandby 28c32,808 views
- 45:04
28c3: Your Disaster/Crisis/Revolution just got Pwnedby 28c32,088 views
- 1:03:13
28c3: Behind the scenes of a C64 demoby 28c37,493 views
- 57:59
28c3: Hacking MFPsby 28c32,705 views
Uhm, a fixed width length field most certainly does not make a protocol context sensitive, but only blows up the (D)FA needed to recognize it. On the other hand I'm reasonably sure context sensitive grammars won't cut something like Elias codes. Otherwise, Patterson's ideas are a beautiful formalization of what I've been saying for the longest time: validate first, then compute with minimal checks. Kudos!
ssyreeni 2 months ago 5
@sTL45oUw Unfunny troll is unfunny. Go rate more kawasaki movies pls. We need your expertise there.
beatsnbleeps 1 month ago 4