Knowledge is power
Learn from intelligence services and hackers methods and secure your Internet
connection!
Free tutorials and guides for your computer
Many current
computer systems have a very poor level of computer security. This
computer insecurity article describes the current battlefield of computer
security exploits and defenses. Please see the computer security article for an
alternative approach, based on security engineering principles.
Security and systems design
Most current real-world computer security efforts focus on
external threats, and generally treat the computer system itself as a
trusted system. Some knowledgeable observers consider this to be a disastrous
mistake, and point out that this distinction is the cause of much of the
insecurity of current computer systems - once an attacker has subverted one part
of a system without fine-grained security, he or she usually has access to most
or all of the features of that system. Because computer systems are very
complex, and cannot be guaranteed to be free of defects, this security stance tends to produce insecure systems.
The 'trusted systems' approach has been predominant in the
design of many Microsoft software products, due to the long-standing Microsoft
policy of emphasizing functionality and 'ease of use' over security. Microsoft
claims that this is the result of consumer choice. Since Microsoft products
currently dominate the desktop and home computing markets, this has led to
unfortunate effects. However, the problems described here derive from the
security stance taken by software and hardware vendors generally, rather than
the failing of a single vendor. Microsoft is not out of line in this respect,
just far more prominent with respect to its consumer marketshare and its mistakes are more pervasive.
Financial cost
Severe financial damage has been caused by computer security
breaches, but estimating reliable costs is quite difficult. Figures in the
billions of dollars have been quoted in relation to the damage caused by
malware such as computer worms like the Code Red worm, but such estimates are
not likely exaggerated. However, other losses, such as those caused by the
compromise of credit card information, can be more easily determined, and they have been
substantial.
Reasons
There are many similarities (yet many fundamental
differences) between computer and physical security. Just like real-world
security, the motivations for breaches of computer security vary between
attackers, sometimes called hackers or crackers. Some are teenage thrill-seekers
or vandals (the kind often responsible for defacing web sites); similarly, some
web site defacements are done to make political statements. However, some
attackers are highly skilled and motivated with the goal of compromising
computers for financial gain or espionage. An example of the latter is Markus
Hess who spied for the KGB and was ultimately caught because of the efforts of
Clifford Stoll, who wrote an amusing and accurate book, The Cuckoo's Egg about
his experiences. For those seeking to prevent security breaches, the first step
is usually to attempt to identify what might motivate an attack on the system,
how much the continued operation and information security of the system are
worth, and who might be motivated to breach it. The precautions required for a
home PC are very different for those of banks' Internet banking system, and
different again for a classified military network. Other computer security writers suggest that, since an attacker
using a network need know nothing about you or what you have on your computer,
attacker motivation is inherently impossible to determine beyond guessing. If
true, blocking all possible attacks is the only plausible action to take.
To understand something about techniques for securing a
computer system, it is important to first understand the various types of "attacks"
that can be made against it. These threats can typically be classified into a
number of categories:
Code exploits
Software flaws, especially buffer overflows, are often exploited to gain control
of a computer, or to cause it to operate in an unexpected manner. Many
development methodologies rely on testing to ensure the quality of any code
released; this process often fails to discover extremely unusual potential
exploits. The code exploits often come in the form of Trojan horses, for example non-executable media files which are disguised to
function in the application.
Eavesdropping
Any data that is transmitted over a network is at some risk
of being intercepted, or even modified by a malicious person. Even machines that
operate as a closed system (ie, with no contact to the outside world) can be
eavesdropped upon via monitoring the faint electro-magnetic transmissions
generated by the hardware, such as TEMPEST. The FBI's proposed Carnivore
program, was intended to act as a system of eavesdropping protocols built into
the systems of internet service providers.
Social engineering and human
error
A computer system is no more secure than the human systems
responsible for its operation. Malicious
individuals have regularly penetrated well-designed, secure computer systems
by taking advantage of the carelessness of trusted individuals, or by
deliberately deceiving them, for example sending messages that they are the
system admin and asking for passwords.
Denial of service attacks
Denial of service attacks differ slightly from those listed
above, in that they are not primarily a means to gain unauthorized access or
control of a system. They are instead designed to overload the capabilities of a
machine or network, and thereby render it unusable. This type of attack is, in
practice, very hard to prevent, because the behavior of whole
networks needs to be analyzed, not only of small pieces of code.
Indirect attacks
Attacks in which one or more of the attack types above are
launched from a third party computer which has been taken over remotely. The
term usually used is "zombie
computer". By using someone else's computer to launch an attack, it becomes
far more difficult to track down the actual attacker.
Backdoors
Methods of bypassing normal
authentication or giving remote access to a computer to somebody who knows about
the backdoor, while intended to remain hidden to casual inspection. The backdoor
may take the form of an installed program (e.g., Back Orifice) or could be in the form of an existing "legitimate" program,
or executable file.
Direct access attacks
Someone gaining physical access to a computer can install all
manner of devices to compromise security, including
operating system modifications, software worms, keyboard loggers, and covert
listening devices. The attacker can also easily download large quantities of
data onto backup devices, e.g CD-ROM or DVD-ROM, or onto portable media such as
keydrives, digital cameras or digital audio players.
Reducing vulnerabilities
Computer
code is regarded by some as just a form of mathematics. It is theoretically
possible to prove the correctness of computer programs (within very limited
circumstances) though the likelihood of actually achieving this in large-scale
practical systems is regarded as unlikely in the extreme by most with practical
experience in the industry -- see Bruce Schneier et al.
It's also possible to protect messages in transit (ie,
communications) by means of cryptography. One method of encryption —the one-time
pad —has been proven to be unbreakable when correctly used. This method was used
by the Soviet Union during the Cold War, though flaws in their implementation
allowed some cryptanalysis (See Venona Project). The method uses a matching pair
of key-codes, securely distributed, which are used once-and-only-once to encode
and decode a single message. For transmitted computer encryption this method is
difficult to use properly (securely), and highly inconvenient as well. Other
methods of encryption, while breakable in theory, are often virtually impossible to
directly break by any means publicly known today. Breaking them requires some
non-cryptographic input, such as a stolen key, stolen plaintext (at either end
of the transmission), or some other extra cryptanalytic information.
Social engineering and direct computer access (physical) attacks can only be
prevented by non-computer means, which can be difficult to enforce, relative to
the sensitivity of the information. Even in a highly disciplined environment,
such as in military organizations, social engineering attacks can still be
difficult to foresee and prevent.
In practice, only a small fraction of computer program code
is mathematically proven, or even goes through extensive
security audits, so it's usually possible for a determined cracker to read,
copy, alter or destroy data in well secured computers. You can reduce a
cracker's chances by keeping your systems up to date, using a security scanner
or/and hiring competent people responsible for security. The effects of data
loss/damage can be reduced by careful backing up and insurance.
Security measures
A state of computer "security" is the conceptual ideal,
attained by the use of the three processes:
Prevention,
Detection, and
Response.
User account access controls and cryptography can protect systems files and data, respectively.
Firewalls are by far the most common prevention systems from a network
security perspective as they can (if properly configured) block the normal
packet types, preventing some kinds of attacks.
Intrusion Detection Systems (IDS's) are designed to detect network attacks
in progress and assist in post-attack forensics, while audit trails and logs
serve a similar function for individual systems.
"Response" is necessarily defined by the assessed
security requirements of an individual system and may cover the range from
simple upgrade of protections to notification of legal authorities,
counter-attacks, and the like. In some special cases, a complete destruction
of the system is favored.
Today, computer security comprises mainly "preventive"
measures, like firewalls or an Exit Procedure. We could liken a firewall to the
building of a good fence around your warehouse. Firewalls are common amongst
machines that are permanently connected to the internet (though not universal,
as demonstrated by the large numbers of machines "cracked" by worms like the
Code Red worm which would have been protected by a properly-configured
firewall). However, relatively few organisations maintain computer systems with
effective detection systems, and fewer still have organised response mechanisms
in place.
