 All right. And there is an intern from Thursday. What do you want to know about? Is this good? Yeah. I think that's the only big news that he will spring right next week. We're going to see each other for a whole week and a half. Anything else? Cool. There's a plethora of options getting off of the exam. The other guys gave us a very nice smattering of options for whatever you want to do. There's all kinds of good stuff. I've seen some of the materials they're creating. It's going to be super helpful for you, I believe, so attend those events. Also, yeah, Pigman of Office Hours. This is on you to take advantage of all the opportunities you have available so you can do the best that you can. We'll start right on time on Thursday at 10.30 a.m. on the dock in this room. Cool. All right. So we talked about password managers. So did we come to a consensus? What do we think, password managers? Good? Bad? Good. Good? Anyone want to encounter me? Bad. Bad. You can't say that because you're not ready to get it. I mentioned this last time, but if you don't trust any of those options, then the formulaic approach of having a base password and editing that based on the URL is a fairly good one. So we kind of actually even talked about we laughed a little bit at people who maybe write down their username and password on a posted note and then post it on their computer. Right? And I hear you're writing down your username and password and giving it to another company who's not you, another entity who knows what they can do with them. Right? So that's, a lot of it does blow down the trust and do you trust. So, yeah. It's important to keep in mind that not all of these are online though. So you can have a local database. How do you know it's local? Well, it's open source. You could compile it yourself. That way you would know exactly what's running and you could be sure that it's trustworthy. How many people compile it themselves? Not many, but some people have. And how do you know there's no more ability than key pass that somebody could use to get access to your key pass database? The same way that you're sure for most things that are open source that have been reliably tested by other companies and whose source code is that you've looked at. Are there reports of more than a million ounces of key pass's source code? I think some of the previous versions, but I know some of the forks have fixed some of those. What about every single update to creation? Yeah, you have to keep up with the updates. It's not easy, but there are options which prevent you from having to rely on some other company to be on their servers and stuff like that. Sure. And you can, I guess, send and write something yourself, right? You can basically mess up the crypto, and you would not do that. Anyways, it's a complex trade-off decision. I think there's a lot of kind of factors that come into here that we've talked about. And then we talk about this a little bit of, well, one of the key downsides of password is that you should forget the password. If we think about this as an authentication mechanism, if I'm close to authenticating you, only you knowing that password. So what are the different ways that users can get access to their account even when they've forgotten their password? Email. So what happens in an email scenario? Maybe. Yeah, maybe. That's not how they do it, right? Maybe, like we said, if they're storing passwords in plain text or that's decryptable, they could actually just send you your password and now your password is in your email forever. Security questions. Security questions. So what are security questions? What was your first pet's name? What's your first pet's name? What are security questions you've seen? Your mother's name. What's the name of the street you grew up on? The street you grew up on. First school. LN, name your elementary school, favorite sports team. First car. What was it? First car. First car. That's pretty good. First or good? Yeah, maybe names of some names. So yeah, so all of these are types of, they call them security questions, right? And so what's the goal there? So when did you supply that information? Registration. So when you registered for the account on the site, similar to when you gave up using a password, you also created a number of these other questions. We have security questions. What else? A text. Yeah, so maybe they check that you have a phone number associated with that account and that you still control that phone number. So they'll send you a text and maybe you put it in the code and then that gives you now access to the account or unlocks the account. What else? Magic links. Magic links? What's that? Where they'll send you a link to your email, you just click it and then it auto-locks you in. Okay, so you go back to the email with auto-locking and so you don't actually even need another password. You just enter your email, click it, and you're locked in. What about a phone call? You're at the call. So there's different high-value things, like a bank. If you get a lot better than a bank account, it's a big pain. You have to call and talk to a person and convince them you already say they are. Probably sublime a lot of information, like security questions, other types of ways. So, yeah. And let's think about the security of those things. So what about an email? Sending an email to you. Is that secure or what are the possible threats against that? It definitely depends like how secure the person then treats their email. Okay, so it depends on the security of the person receiving their email? Yeah. Yeah, what else? Given that most emails are not sent in any security, or secure format, you know, if you were just like, looking at all the email that's sent on the internet, I'm sure you could pick up some. They're like, oh, they could just pass a review step. Let me take this and send it to whatever I want. Click the link, get an address to an account, right? So most email is sent in plain text over the internet. We're going to go over how the internet ever works. So we'll actually understand what that means. But there definitely are places where people can see those messages. What's the good thing about it? Okay. Yeah, so we prepared for passing your email that clearly doesn't work on less. Actually, I mean, some people, I mean, some email providers are going to provide an alternative email address that they may send a link to there and they're likely to deploy that, but I don't think that maybe they would try that. So you have this kind of magic link that has a magic number. One of that numbers not actually random, and it's guessable by something. So I can go and I can try to say, hey, I forgot my password for your account and I'm able to guess what that link looks like now I have access to your account. The theme here is all these things. So especially for, you know, this example. So you have to think, when you're considering the security of an authentication system, you can't just say username, password, right? It's very easy to think, okay, how are they sorting it? What are the requirements? All these kinds of things. But if no matter, even if you're, let's say your website requires 20 character passwords that are completely random and have all of your JSON, lower JSON, under whatever. You can come up with complex policies. If your password recovery is insecure, right, then I don't need to break the password authentication system. I can just break the password recovery to get access. It's really important to think about these things holistically. Okay, so then what about what we just talked about, the security questions? What are some of the pros and cons there? Easy to guess. Yeah, why? Because if you're a big fan of the problem, you have to sort it out. Yeah, we're even publicly on Twitter, right? So if somebody's trying to break into your account, they can look at all public information you've ever given out, right? They could probably infer, maybe if they're, if they trick you into becoming friends with them on Facebook, they could see what high school you went to, which was one of the questions we talked about. They could probably figure out where you live, maybe you posted pictures at your parent's place, where they still live. And so based on that, they're able to be able to locate and figure out the address there. They're like really easy to remember though. They're easy to remember? Because it gets like facts about you. Are they though? I don't know, I sometimes, yeah, some of them are really tricky. It's like, what did I, or how did I capitalize this thing? Or, that's where I can get a real pain. Yeah, for some of my games, yeah. So just since they're a weakness would be that they're another thing that can be stolen, and often, I'm pretty sure those are usually stored in plain text, given that we're asking you over the phone like, oh, what are the answers to your security questions? We'll answer and then they'll immediately know. It's not like they're typing in and hitting enter. Yeah, so you think about that to how you design systems, right? So odds are your security questions are going to be stored with the password, or the hash of the password, hopefully. Just like we saw in the W3, right? The hash of the stored in plain text of the encrypted password. So similar to that, we have the risk of somebody stealing that and then probably leveraging similar questions on different sites, right? Now they're able to gain more information about you. Yeah, and furthermore, they're probably likely stored in plain text, so if they're stolen, because usually those security questions also authenticate you when you call in to be doing something. Yeah, any other things? On social engineering, what do you call it? Maybe a human in the loop, right? So now saying rather than trying to break the password authentication system, or even trying to break the technical aspect of the password recovery, if I didn't call into somebody and try to get my password changed or reset or whatever, now if I can just trick that customer service representative to do whatever I want, and there's actually a great video as you can see, there's a social engineering contest that's held every year at StepCon that they try to set up a scenario and try to trick a willing company to do certain things. There's, you can look up videos of people like social engineers who will, like a journalist will be talking to them, those give them their phone number, tell them they're provider, and then they'll call the phone company and get their password changed. That's whatever they want. And so they use social tricks like they play in the background, like a baby crying, and then say like maybe a sob story about their husband just left or something, and like they're so frazzled, they're trying to put the pieces back together, they don't know what the password is in this account, they're trying to get their bills, whatever, and at a certain point, the rest of them are like, just find here it is, you can do your password, yeah, so does that, the humans in the loop actually open you up to new types of attacks on your system? Kind of related to the humans in the loop open you up to new attacks, if you have someone who used to be a close friend, but now is, now is your adversary, then they might know some of the answers to yours. Yeah, it's crazy. And so this also goes back to something we talked about earlier on the security of your inbox, your email is super important because mainly because all of the password research emails go to your email, so if someone gets access to your email account, they have access to everything. So we've been talking a lot about different types of authentication factors, we've been talking about what you know, what you have, what you are, general cases, passwords, a secure device, like a UDT and a fingerprint. And so we talked about actually pros and cons of each of those, but then the question becomes why not combine them into combine them so that rather than only needing one type of factor to authenticate, now we're using a two factor or multi-factor authentication. So does anybody have any experience with this? Yeah, someone want to give an example of what it is? I'm like almost all of my accounts I have like an app on my phone that has Google Authenticator code. Yeah, so you have a Google Authenticator app which is a constantly changing key or password or code, let's say, series of digits. And the idea is rather than it's having a hand, it can't be a war, we'll talk about that in a second, right? Rather than saying, okay, you either tell me tell me the password you actually have to give a password and have access to a device. And this is based on our authentication categories. Anybody use Duo Security for ASU? A lot of you. Does everyone have to do it? Not yet. ETO is still working it out. Yeah, it's just like staff, studio workers, TAs, those kinds of things. Eventually every student is supposed to but that was also set two years ago, so. Yeah, so I'm not going to mention these kinds of things going to be tricky. So something I want to talk about was what it's like using Duo Security for ASU? Log in. What is it, how it's going to be? Mechanically how it's going to be about how it's going to be. All e-mail or send effects and push, push notifications. If you don't have a button or a check mark, you can then how is it, so how do you sign up for that? If you download the app and you like to use my ASU and sign up for feedback on medication and there's a way to link the app that you download with your account. That's probably a QR code that you point out on that. Oh, yeah. Okay, cool. So what is that, so it's analyzing with Studio Effective. What is this trying to do? Yeah. Diversify what it can use to like help them to beat you? And then the normal like username password. The grades of all of you in this class is dependent on my username password. If there's a machine sitting right here, a public machine that I'm supposed to use or I could use to log on to my ASU account and then whenever if anyone got that password let's say you want to use all the camera right behind here that's pointing at my computer that's watching me type or you can actually they have devices where's this there's a USB key there must be a USB drive from this keyboard so what they do is they have a device that you can plug a USB keyboard into and then plug that into the computer that will keep track of all the key addresses and just store it on that little device and then so you put that in before class and then after class just take that device out and then now you have my username password and I don't know about it and this machine doesn't even know about it because it's not anything running on this machine and then there that's then beyond you could maybe try to infect this machine install a root kit that's running in the kernel that's logging keystrokes, the key logger that's logging all the keys that type in in my username password Anyways, a lot of vectors for you can steal my username password particularly if I'm used to typing in or using a password on a random machine so I don't control so the idea behind two factor authentication or multi-factor authentication is saying okay but so now to get into my account if I have duo security enabled what do you need? or one of the options on duo call text or call push do you know often? I don't know if I've seen that I'm going to check it's a call I'm not sure about call I know there's call or I know there's push and then there's also enter like a one time six digit password so that's just like the duo appendicator your duo app can generate passwords so you can do it offline if you're on a plane or something and you can't access your phone do we have to send me a push call me or enter a passcode but if you opt not to use the app it'll just send you like six different text messages and then it'll tell you like enter the one that ends in zero nine and then you have to like look through that's interesting okay cool for the hard non-app options so basically all those three options so push to an app that's running on my phone a text message to my phone or a passcode that's generated by the app on my phone all those options require that you have the phone so this means now if you wanted to log into my account what do you actually have to do you have to not only steal my phone but you're actually breaking my phone passcode on my phone and then you have to break into my phone and be able to authenticate to the app so it's raising the bar significantly for an attacker rather than just stealing my username password because we just talked about all the ways that that's easy to do to now or I guess the other way to do it you can steal my phone if there's a way you can get malware onto my phone so download a malicious app that comprises the operating system of an iPhone I'll tell you like a remote iPhone compromise it's probably worth at least one to two million dollars if you were selling or buying that x-ray from somebody so I'm not I don't think your grade in my class is worth that much so I would not recommend that route okay cool so everyone understands how it works mechanically duo so then what do you think about it people have actually used it it sucks why app can be glitchy yeah that's it you're signing it on your phone yeah so you get into a treaty territory let's say when you start thinking about what does multi-factor or two-factor authentication mean when you're actually authenticating on the exact same device that's used for a second factor right so in that case again is it real or are you really getting the two-factor authentication benefits there's a lot of hands that people use it yeah in the back so I left my phone at home yeah so you will leave your device at home when I walk out of your house I was going to say there's an option for it to remember you for seven days so I guess it's meant that could it possibly be for purpose for like six days I'm not using it basically right so yeah it does open some kind of attack window where it is remembering you it's a little bit there's a bunch of other features that they probably use like if you log in from a brand new laptop even browser it would try to authenticate you again so it only remembers you for seven days on that browser so it is theoretically possible for an attacker to if they have your password and were inside your machine to use your actual browser itself to log in so it's possible but it does raise your bar if you lose your phone then you can't get into your accounts yeah so then we still have the same problem of how do you then recover your account has anyone done that before yeah do you want to explain what happens with definitely yeah weighs back in right so actually the second factor there is kind of interesting the push device to your phone means that you actually have that device the passcode generated by the app also means that you have that device but the calling you just means that you have a phone that is able to receive calls from that number right which you can get by having a new phone yeah that's interesting anybody like it I mean I use a password manager so most of my passwords are like completely garbled mess but since I took after authentication on ASU's website I can actually make that a password that isn't completely garbled messed oh if that my password gets leaked I still have the took after authentication of protection I'm not sure how I feel about that though using it's incentivizing me to use more passwords but yeah that's a old carload joke that people would use really good drivers if they were just a big spike on the spirit sharing though maybe a similar thing is you think you're getting all these good security benefits so you are the more relaxed type of person the interesting thing I'm leaving the device at home I definitely agree at the same time lose your keys you can't get access to things so it's there's a similar type of thing there we're just not used to that in the virtual world that this common is your one access point yeah I mean I personally I think I've used a decent amount I like duo it's actually nice do you know why does it do a why does it do a pop up in the app that you click on rather than a text message Simjacking Simjacking where somebody can get access to your phone number or track somebody to get access so yeah that makes that more difficult so anyways yeah I think it is a good thing but it's a difficult transition and I hope in the future things will get better so I you're doing these things in the name of security right it's the same reason you lock your house when you leave everyday because you don't want people to break in same reason why we got things like this we don't want people to break into our house do you know preference from the duo security to like a six kill and that Google will give you um I mean whatever they'll offer do you go to choose that for all your two passersby personally I like the duo because it pops up on the watch so I can just click it right there and that's pretty nice like so it's very little in terms of like actual impediment it can be a pain like when I'm on a plane using wifi and my phone's on a wifi and then I have to dig out the passcode so but yeah I do have I mean Google, GitHub and Dropbox are all on Google Authenticator for me so I do a multi-backer there and I think also last pass I also have on Authenticator so yeah I mean these are just nice things like easy things to do to raise the level beyond just feel my username okay we talked a little bit about captures so yeah we're not going to go over this we already talked about this but yeah and we even somebody looked up the acronym so we've all seen this we've talked about captures other types of authentication mechanisms this is what we talked about like token based authentication so this is like the UVT example or there's RSA tokens you can get that have constantly changing numbers on them as well we can try to do kind of IP address based authentication so are you only allowed people access to your service from either a VPN or based on a certain IP address so this isn't interesting anybody have a car that will unlock when you get close so yeah so it's kind of interesting right because what does it mean by close you have to touch that yeah so how do you know that guy there like waiting for you to get close and then touching the handle well if you do the driver's side it only opens the driver's side or only unlocks the driver's side how far away will they do that from and can the attacker boost the signal so you can be three blocks away and they unlock your car and get into your car yeah mine is like two car lengths away because there's the entire car yeah so the mental orientation and and yes it's very interesting actually I have an attack where they're able to kind of boost the signal such that you can be in your house and they essentially trick the car to make the key make them think that the key is closer or trick them to think the car is closer and so they can unlock the car in a driveway and sometimes even start it because it thinks that the car the key is in the car start the car and start driving away but these are all kind of trying to authenticate based on proximity which is a very different kind of concept that we look at I guess the only redeeming thing of that is when the car starts to drive away realizes that the key is not in the car and it stops the car I think it depends on the car I don't know that they always do I know mine will stop oh man mine will let you drive but if you stop the car you can't restart it without the key yeah so maybe the interesting thing is that they just drive out of the back of the truck go away yeah some cars are like so old that you could leave the key and drive off of it and then you'll lose the key forever because it actually happened where when our friends left the key on the other car drove off and basically he never got the key back so he had to like shut down the car and just wait until a new key arrived yeah so yeah these are all like a very different type and then there's other ways they've shown researchers have looked at the ways that this works and they actually in some cases broken the cryptography used there to talk to the cars and maybe uncovered keys that are used so they can make a universal key that opens any car for that maker yeah actually there's a super interesting story where I believe they did this with I remember the manufacturer I want to say Volkswagen and then Volkswagen like sued the researchers it was a big deal and like even the also sued the conference where they were speaking at so they didn't speak that year but they did the next year so anyways it's all kinds of crazy stuff but yeah we talked about like biometrics right so we have fingerprint readers voice recognition, face recognition kind of the scary thing is we talked about bringing fingerprints right some of these fingerprints how would you break voice recognition recordings yeah but we're like what deep learning yeah you can use machine learning models so you can train it based on snippets of somebody's voice and you can synthesize a voice speech that's exactly like theirs actually I think it was two years ago 2018 Defconn Falls one of the of my fellow organizers if you know Yan I think he just forced me to do six he created a channel called Adam2 which basically they would go to, he'd train a machine learning model on my voice and then he would ask them for a phrase and then they would have to send an audio file that passed and matched as my voice in that phrase so teams used all these YouTube videos that I have a class on whatever and downloaded them and chopped it up into snippets to make like bypass this voice authentication mechanism by stealing my voice basically it was horrible for the team's end for me we pulled it off face recognition right we talked about some of the difficulties there I need to check if that face is live because it could be a picture or it could be a mass so how do you check that? I don't think this was mentioned before I remember reading something about the algorithm that was used in most fingerprint readers it was that eventually researchers managed to create a universal fingerprint that matched like 70% of fingerprints yeah that was a I can't remember exactly where that research was from but basically it wasn't that 70% of us have fingerprints that are the same that would be kind of crazy or yes again it's what we think of for fingerprints what they found was that when you store fingerprints you have to store features from that fingerprint you have to use an algorithm to compare similarities and they were able to basically explain how these machine learning algorithms work to create fingerprints that would work and unlock 75% of people's phones just because it happened to have the right features where the machine learning model would say yes this is the same person yeah that was a super interesting one it was like a skeleton fingerprint and yeah some other types of authentication research a super interesting topic is this notion of continuous authentication right so in most systems that we use authenticate us right before using the system and then just let us have free access to the system right but how do you know that a user is actually still the same user right so you can think of so they've done all kinds of stuff looking at you can look at typing because people have kind of a similar pattern when they type so as they're using a system you can lock them out because you detect that it's somebody different typing you can just lock up the machine and start typing you can have for mobile devices they do date detection so apparently you know how people walk is roughly the same same for one person different for others you can use that as an authentication mechanism and kind of I think we're pretty used to this when using web applications I would say it's necessarily continuous but there is so if you for instance were to go I don't know let's say for Amazon is a good example so when you go purchase an item and if you're purchasing it to an address that's already been used or the credit card that's already been used it just happens automatically you don't do anything but if you change the address you can do an address when you have to do put in the card again the credit card again because they don't want you somebody have hacked into your account and then changing items to a new address of the hackers using a previously used credit card so at least they make you type in that same credit card again or a different credit card okay and there's a lot of research into replacing passwords kind of going back to the notion that we agree that passwords are not the best form of authentication but they're the most widely used and so there's types of basically trying to do and we talk about this I think with the UB keys of essentially having some device or some key that you can maybe store not exactly a password but cryptographic based authentication so that based on like the private keys stored in your either phyto ship or whatever or UB key you can authenticate to a system something we didn't talk about is access or authentication delegation so this idea that for instance you go to some random website rather than creating an account with that website you log in with facebook and so you log in with facebook and you tell facebook hey tell this website who I am so in this way so there's actually a lot of examples of these one is the main example of how all these work is o-off 2.0 this is the latest version here and also if you use any asu online services you'll actually notice they won't be able to log you in with asu there's also if you use zoom with asu that actually logs you in with asu similar thing and they use the microsoft 365 version of email for asu or even the google work you go to google.com with your asu email and it redirects you to asu's login that you log in and they log you into gmail so all this has to do with will have you authenticate and google know and trust that asu actually verified your identity so there's interesting kind of questions there any questions, thoughts on authentication? alright and now we get to go into networks we're recording good okay so now we're going to look at network security and before we get to the actual security part we're going to need to do a crash force overview of how networks actually work and this is not at the level of depth that you're going to get when you take the networking course it'll be much more fine-grained here we're going to hit all the details that we need to so we can understand how networks work and and it all starts with kind of a suite of protocols that are used to transmit that and it's actually kind of a fascinating problem when you really start thinking about it the question this is something that we use so much either with our cell phones or laptops or whatever how does data or information get from your laptop to google and backwards there's actually several entities that go along the way it has to traverse ASU's network and then it has to go to ASU's CenturyLink internet service provider that packet then has to go from there to google's service provider and then into google's network and then finally to google it and that packet has to make it all the way back to you potentially stopping at 15, 20, 30 different servers or switches or whatever that are routing and changing traffic and stuff actually works and it's really based on this idea of the TPDIP's protocol suite and the other really cool thing is it's based on this notion of abstraction and encapsulation so we're going to study kind of the layers that we need to each layer handles a very specific networking thing so we'll look at it, it's better in this example so at the lowest layer we have the physical layer which is how actually these bits, these ones and zeros get translated physically so if you think about right now most of you are on wi-fi so how does your ones and zeros get from your machine to your wi-fi access one and this is actually no very little about wireless networking I don't know how that works some physics magic other types of physical layers would be an internet cable probably to play with that or maybe a coaxial cable or a motor needs to use to get data physically from your privacy or even between countries we have a fiber optic cable that are run in the ocean that carry used light to send your bits and your data from one place to another it's kind of crazy so on top of that we have the link layer so this is the layer that basically handles the question of how do you two links physically send information and how do they communicate with each other so this would answer the question of how does data get from your laptop to the access point above that then we have the internet layer so this deals with how does data get from your laptop to google and back above that we'll talk about two different TCP and UDP how do we send data so that we know the other side can read it this is actually a super interesting complex problem that you should be thinking about how would I design a protocol such that I can talk to a remote machine any of us can go away at any time and but how do I know that the other side received my information that I sent super interesting, super cool and then on top of that we have all these different applications that have been built using this whole stack so things like HTTPS the web that we think about HTTPS is just an application that runs on top of the internet SMTP is the mail transport protocol is how e-mails get sent out DNS how we look up and translate domain names to IP addresses NSB the network file system how you can access files over the network so this is an important point I'll probably reiterate multiple times as you can see this entire thing you can think of as like TCP, IP stack or the network stack or you can think of as like the internet stack so this is one of the key things is the web is just one application that's running on this whole thing right so the web and the internet are two very distinct different things so it's important to kind of remember that we're gonna start with okay yes okay we're gonna start at how do you name things so think about physical how does you write you have a system where you can sit down, write some message out put it into an envelope put 40 cents on it and it can get sent to anywhere in the United States how does the person who gets that message know where to get it where to send it after spending right on there so you write an address on your envelope so what is an address apartment building basically based on this location now you can name something and it has kind of a hierarchy right we have the country name we have a state so it breaks it up to know what state are you in and then the city, what city do you live in and those are broken up into zip codes and then you have from there maybe a street and a building number kind of the important thing is you need something that uniquely identifies you right for that place how do I get information from me to another place why do I need a way to talk about that place so similarly in networks we need to know who to talk to we need some type of address where does data go and computers as we talked about a lot they are very bad at dealing with things like strings when we talked about authentication systems we said sure we log in with the username password but that just ties us to some, usually some integer that gives us an ID in the system right just like on Unix systems have UIDs, group IDs all that kind of stuff we don't want to be dealing with I want to talk to google.com we want to talk to an integer basically so the idea is we have this notion of an IP address which is essentially when you boil it down there is a 32 bit integer it's nothing fancy it's 32 bits we usually do not write out the full 32 bits of the number that would get kind of a little weird for historical reasons we use this notion of dotted decimal which you've probably seen before so what we've done this is exactly the same as 32 bits what we've done is we've taken each byte so 32 bits into a byte so 32 bits into 4 bytes so on the far left is the topmost byte so the most significant byte expressed in decimal so it's 0 to 255 and then a dot and then the next byte 0 to 255 and then a dot and the next byte 0 to 255 and finally 0 to 255 make sense? questions? okay, so we got an address back to this if you're watching a movie or something that they're doing, if you see something like this I don't know, 10 dot 300 dot 20 dot 1 why is this an invalid IP address? the second one doesn't fit 300 yeah, the 300, right? these are all bytes so they are 0 to 255 you can't enlarge them that can 236 or anything higher so it's a clear easy way to say this is a movie and nobody knows what they're doing okay something interesting IP addresses, they can be manual too or you can actually manually decide them, I guess they're always confused we will probably not get in super-depth in that but yes, you're you can have your own create your own address the question is, will anybody listen to you or talk to you, that's a kind of interesting part but yeah, you can and this is how you can try to and why you need things like HTTPS to identify people because you can pretend to be the IP address of google.com and nobody necessarily will know but also maybe nobody sent you packets so anyways, okay so now we have a concept of an address right so now we can have we'll call this u for us and we have g for google so we'll kind of start simple and we'll get more and more complicated as we go so we have some IP address and google our IP address so we want to send them some piece of information so just like when you're sending um a postcard, or sending let's say something through the mail right here I'm just going to call this data so I have something I'm trying to send from me to google it doesn't really matter what it is right now we'll ignore that when I'm sending some bit of information to google that's like the letter I'm writing what do I write on that envelope so how do I get it from me to google well I need one thing versus google like where's it going, right so I need to probably write something like the destination is IP address google, yeah so usually when you write a letter what else do you put on the envelope your address your address, why do you put your address so if they get lost so if they get lost they can come back to you but also if the other person responds to you where do they write back to you right so it's a way so that they can communicate back to you so we also need the source of IP and as we'll see there's other stuff that is added here essentially this is the idea of this encapsulation so we take the time that we want to send and we say we'll add some headers to this this source IP and destination IP are headers of the IP address layer that says okay this is going to google's IP and it's from the user's IP and then we'll see exactly how this happens but essentially something happens and it gets to google and then google can then maybe type of a reply that they can then put inside of an IP packet and what would be the destination there the IP address of us and the source IPG google's IP and they can send this and this will go back to us and this seems kind of crazy but as we'll see the IP protocol understanding at this level is representing basically the glue of the internet so you have this notion of how do you send information between two IP addresses on the internet and the crazy thing is in the things I feel like that it does not provide to you so if you think hey I'm going to develop a communication mechanism what are some properties maybe that you want and data being sent from one person to another after default encryption maybe it's encrypted so nobody else can read it but the other person received my message you can also think about the most it's actually all things you can get through there you get a certified delivery so you get a legally finding notice that somebody received the email the message that he sent they do verify the sender too so that person is who they say they are the IP address is who they say they are the message wasn't changed in transit nobody changed the message in transit what about key bugging so we talked about the mail actually may if something happens to your mail they can either send you a notice or send it back to you what happens if that address doesn't exist is the post office just throwing your message away no they send it back to you they return to the sender this person doesn't even live here the address existed but the person you're trying to talk to doesn't exist these are all things you may want your communication network and surprisingly it turns out IP provides none of these not a single thing that we talked about and even worse it even provides less guarantees so other things when you send a letter you wouldn't magically think that two or three letters appear right but with digital data you can easily create a copy of some message that you're trying to send and two copies arrive or you know if you think about the post office if you've sent maybe a letter every day I don't know one two three four five six you probably expect them to arrive roughly in that order we'll make that six to arrive first and then one a month later so yeah basically the IP layer provides almost nothing it is connectionless so you don't establish a connection it's all based on what we think of as all many different things you can call it a datagram or just think of it as a chunk of data so just like send some data to somebody it is unreliable or maybe another way to think of this is it doesn't provide any reliability guarantees there's no guarantee that your message will get to the person even if it's possible and they're up best effort so best effort meaning they'll try to do it but hey if it fails stuff it was snowing we just threw the letters away I didn't feel like delivering mail today and this means that things that like delivery integrity ordering non-duplication and bandwidth are not guaranteed your message will get dropped and changed at any point along the way and this runs all of our networks every single data that you're sending it uses this so why does anything work people build systems on either end what is that are they trying to fix these problems kind of in some sense you do need these properties on the networking system the interesting thing comes into these layers that we talked about so if we look at the internet everything you build on is building on the internet layer so think about it this way every type of electronic communication that you want to do require a guarantee that every integration you send is received what's an example somebody said no where is it what's an example a service that you want a network thing like the service that you build that doesn't require so streaming other ways to think about streaming video if you dropped a frame of video the video will still continue touching the live stream you don't care that that frame is gone we don't care to forget about it we want to keep going some more things with voice calls if you're having a voice call with somebody you wouldn't want to if a message got dropped having to wait like the five seconds or whatever until that gets re-sensed to then continue the communication want that communication to continue online games so think about it you have now 20 people normal games like 16-8 people but other people are using a service and now you're all limited to the slowest persons basically bandwidth or latency because you have to wait for everyone's packets to get there to be acknowledged and then everything just holds still until something happens so there's actually networking scenarios where you don't want all those things that we thought we wanted and as you built it at this bottom middle layer and said ok this IP is going to be awesome it's going to be reliable it's going to validate integrity all these things now anything you build on top of that inherits that even if it wants it or doesn't so it's actually a super smart design decision to say hey let's not add that to my speed here maybe we can add it to the entire so we'll see PCP handles some of this and UDP does it and so those give you different tradeoffs between what to do and what to use and it also makes it simpler so the other thing I don't really talk about is these protocols were designed in the early days of the internet and so if you're trying to build a complex system you should try to make it as simple as possible to see if it will actually work first but the problem is if you're successful now think about what if we just change one of these layers that would be insane we'd have to all literally everyone would have to take their computers like unplug it from the internet upgrade and then turn them back on all at the same time and if this sounds insane they actually did that for the precursor to TCP was NCP the network control protocol I believe and it had some significant flaws that they had a flag day we're literally at the time the internet was so small they just shut everything down upgraded and turned it back off now think about trying to do that with billions literally there's a billion people on Facebook like think about how many devices are out there that would just be impossible I have an idea is basically that these IP data grants and this is a whole notion of an address if you have an IP address of someone you can send them packets or data grants and then as we saw so IP is kind of in this middle layer and then it depends on a lower link level protocol for things to actually move from one machine to the other we'll talk about that in a second specifically we'll focus on Ethernet and so super interesting very cool if you're interested in this stuff everything that we're going to talk about all these protocols and everything is all open so you can just google for RFC make a request for comments this is a standard I believe it's the internet engineering task force manages the RFC thing so if you think you actually have a better standard for whatever system you write an RFC you send it out, you look at comments on it and then eventually it's adopted so everything about IP is defined in this RFC so think of IP datagram 32 it's just a string of ones and zeros so it's just data that's adding the header just like we had in that picture on top of the actual data itself so very first thing in the first four bits is the version number why is that important so think about this from protocol design so the very first four bits that you read from this header is the version number if you don't know the version before you have the data then you don't know how to interpret the data right each version may change the format of the rest of this packet right so we're at well most IP than IPv4 still now so the version number would say 4 and then that determines how you parse and understand the rest of this packet better if it's IPv6 if the integer here is 6 then you realize and know that how to parse it differently so if you're interested in design decision when you're designing something A have a version number inside of protocol and B have a B basically the first thing that you read and then that controls how you read everything else then we have a bunch of stuff so important thing here would be total length so the length of I believe the header maybe the message itself an identifier which we'll probably not get into a couple important things a time to live field so this is something that is basically used to prevent zombie packets or undead packets I don't know the right term so if we think of our network here and so we send a packet to Google do we know anything about the networks that are in between us and Google no we don't know how to configure we don't know who runs them and we don't care that's the beautiful thing but because we don't know who's running them how do we know that we send a packet into the network and somebody has messed up and even just two machines so the packet goes in here and this person says okay where does this packet go for IP Google here and this switch says where does the packet go for IP Google here and this says where does the packet go for IP Google here and they're just constantly passing this data back and forth so you can easily get this through the misconfigurations and if you have nothing in place to prevent this literally your messages will just go forever and be stuck in the network forever so to prevent this they have this feature this notion that they call time to live so every hop along the way this time to live number is decremented by one so it starts at some value it doesn't really matter 60, 80, whatever and then every hop is decremented and then when it reaches zero it's thrown away it's like a maximum number of hops you could make or could you have a packet just died before it reaches it is 8 bits so the most is 255 so yeah and also then restricts the size of which is interesting it's like half way through I don't think it ever gets reset I think that would mess things up the nice thing is you may get a reply back like we talked about the mail saying hey your packet was lost because of the time to live fail and this identifier actually uniquely identifies that packet so you would know what packet it was so yeah interesting thing there protocol is also kind of interesting we're going to go to that for now some important things we have source IP and destination IP so this is interesting this is useful this is what we need in this packet this is kind of the main thing that we drew on that packet and it's 32 bits so it's exactly 32 bits we have some options and then some padding and then finally the data of the packet that we're sending so we have a nice way to think about data that's being sent what is the HL I don't remember I'll stop my head there somebody can look that up I can make something up but nothing makes sense right now so I the CERT I know the service type was used because they thought you want quality of service features to say oh this is high priority traffic or low priority traffic or whatever so you can route it properly but of course then they realized that their traffic is high priority so it's a silly feature I'm going to get header length yeah it is cool yeah that makes sense so header length and then the total length awesome thank you and then other interesting thing we have a header checksum so what's a checksum something that helps you verify that previous information was correct yeah so it kind of depends but the checksum helps you verify that kind of verify that nothing was changed so for instance actually there's actually a checksum on your credit card number I don't know if you know this or not but it's a I think I called a long LUHN where you run this check on a credit card number and if the end value is not correct it means that it's an invalid credit card number so this is how sometimes and the idea is they can tell you to mistype your credit card number before talking to your bank so they can know just right then similar kind of similar idea here except the important thing for us is that this is not a cryptographically secure hash function so it is it can easily detect if a bit is accidentally flipped but if an attacker can actually just compute the checksum so it's not anything that's actually cryptographically secure okay cool so important thing to think about and this is going to be a theme that we're going to look at now let's look at this packet from a security perspective so even just thinking about and we'll let's put this next to our cool diagram so now we have a little more details into what's cool so now we have more details of what's in this packet right we just had source IP, destination IP right so let's think about this and this is what I always like to do what's really important when thinking about and analyzing these situations in terms of security so we constructed this situation where we're IPU we want to set a packet of IPG but from Google's perspective so the machine there that has the IP address G when it receives this packet so it receives this packet right it receives a packet that is destination IP address G source IP address U with some data what can it and actually we know that it's actually all of this header information here in this diagram what data can it trust and what data can't it trust or what does it know maybe another thing to think about it knows the destination IP address why? right it's the machine is G it knows it has the IP address G it just got a packet it can check did this packet come is it destined for IPG right yes cool this packet is definitely for me what else can it trust about this packet I guess the checksum verifies that the header is valid yeah so you use the checksum verify that there weren't any random bit flips along the way that invalidated the header checksum what about the source IP right it's got a packet it says it's from IPU it goes great let me respond to that did you just say that you can make your own IP or someone said that can you trust that yeah so we don't know and if we think about it I gotta zoom in a little bit so we think about it from Google's perspective all it knows is it's connected to the network it's got a packet destined for it and that packet has the source IP of IPU it does not know that that machine even exists that it's on, that it's controlled by anyone as we'll see and it turns out that we'll use we'll use eve here eve can actually inject a packet and completely control the headers and send whatever data she wants to Google, Google gets it sees the source and says well this is the source of IPU right Google has actually no way of knowing where this packet actually came from so this is what we're looking at when we talk about all the things we want about authentication, all that stuff nothing exists like that in the IP layer at all anybody can spoon for pretending anyone had an IP layer now let's think though what happens okay Google gets this packet from eve Google replies to it yeah it goes back to IPU and not eve right so eve maybe doesn't see the reply so that may influence things but now we're trying to understand what type of things, what kind of things can attire control, what types of things in a packet can be trusted not trusted so basically all of this stuff in red actually technically everything an attacker can control things that they'll mess with are usually the things in red this is how so now we've looked at the header we've looked at IP addresses we've looked at in terms of addresses there now we need to think about well how does data actually move from one place to another so we use this kind of just like squiggles right stuff happens, we send a packet out and it goes somewhere we know from so we basically have the IP header and the IP data that we're trying to send all of these packets and all this information is essentially encapsulated one inside the other in terms of like an onion so that is actually going to be at the link layer and that's going to make up the link layer data and the link layer will have some header data so first we're going to talk we're going to talk about specifically how that happens we need a slightly tour to think about okay so we just had IPG we had IPU IPU but the question is where does the data go who's the first person that takes our data right we just have IP addresses we know so we think again going back to the post office analogy we know there is a we can take our letter drop it off at any post office we may have a mailbox that we could put it into that somebody continually checks to take our messages we need actually some similar type of notion of where does this message go and to think about that more we need to think about well networks are actually so rather than thinking about it just like I send some stuff somewhere and it goes somewhere else we actually have different kind of notions here so we have we're here maybe we're connected to I don't want to call it GW I'll call it GW right there actually maybe several of us Alice and Bob so the way to think about this is maybe physically right so right now we're all connected to the same access point so this would be our link so it's us it's Alice it's Bob we're all connected to the same access point another way to think about this is cables so you can think about ethernet cables we're all connected to the same I'm calling it a gateway now but we're all on the same local network and actually I'm going to start changing my terminology what is the term internet internet is interconnected networks intranet means inside I guess outside between there we go that makes no sense right so internet is a connection of different networks so actually what we have here and the way this ends up working is we have our local network we're all connected on some switch or access point whatever and we need to know we'll call it our gateway right now so who's the person that can get data out of our local network because we know and we'll talk about how we need a way to say is Google's IP address on our local network if not we need to give it to our gateway so we think our gateway is connected to another switch and now I'm going to draw a little diagram switches will be like this so the gateway is connected there and then it has another gateway that's connected to our ISP and anyways all so and so until we get to Google so we expand our notion we don't just have IP addresses we actually need to know who's on our local network based on their IP address and who's not on our local network so we know where to send the data because if they're on our local network we'll see we can use the link layer to talk to Alice and Bob can all talk to each other through the link layer and we'll talk about that in about two weeks in all time cool alright see you on Thursday good luck