Well, this course has been investigating of threats to humanity throughout the years, including a pandemia. But living through one is a quite different experience. The seminar started years ago with a critical view on surveillance and european security research and its connections to the military. In later years the absolute disaster of IT-Security - failing to secure user data all over the world - became a focus and we looked at ways to improve software (e.g. with capabilities). How to build secure software became a focal point. Finally the problem of building resilient systems moved into our view and together with it the realization that we need to build damage reducing systems. Only systems with this property will survive all kinds of attacks. IT-Security technology is unable to provide this property alone. We need architectures built with damage reduction and resilience in mind, even if this is more costly or less efficient. During the corona crisis we are learning how costly it can be to let only the controllers decide about where critical medical supplies will come from. The worlds medical supply chain turned out to be not resilient at all when the one country delivering shut its operations down due to the pandemia.
This results in the seminar covering many interdisciplinary topics, trying to understand the behavior of different subsystems interacting in all kinds of ways, fueled by the ever increasing power of technology and change. If you decide to participate you will be looking at a wide range of topics from software-technology to power grids, financial and political systems and much more. The following is a list of possible topics for the seminar in the summer term of 2020 and we will have to select the things that interest us the most. The idea is that you will pick some topic and - with the help of the papers listed under the topic - will give us an overview. You will start by setting up some g During the course you will be responsible for the topic and investigate research questions and connections to other topics. Group work is possible and with some topics even advised. But before you select something, take a look at
| the lockpickinglawyer |
to get some encouragement...
you need a working knowledge of IT-Security basics for this course! You also need a software development background and possibly some (distributed) systems knowledge. You will learn to build damage reducing systems and we will also investigate current attacks to check our understanding, but again: this is not an IT-Security course! Go and
| have yourself tested |
if you are already ItSec positive...
Robustness of our IT-Systems is a key requirement. Here we look at techniques, patterns and approaches toward achieving this. Feedback concepts are becoming more popular in this context. And how does all this relate to resilience, critical infrastructure and catastrophies?
|
| All File Systems are Not Created Equal: On the Complexity of Crafting Crash Consistent Applications |
| Laura Nolan: Black Swans - what breaks our systems |
| Keynote: High Reliability Infrastructure Migrations - Julia Evans, Software Engineer, Stripe - YouTube |
| Close Loops & Opening Minds: How to Take Control of Systems, Big & Small, Colm MacCarthaigh (slides,video) |
| Advanced Database Systems: Recovery Protocols, Andy Pavlo |
| Gray failure: the Achilles’ heel of cloud-scale systems |
| Redundancy Does Not Result in Resiliency |
| Systems @Scale Delos:Storage for the Facebook Control Plane |
| How To Build a Thrust Vectored Model Rocket - National Rocketry Conference 2020 |
| Understanding, detecting and localizing partial failures in large system software |
| coping-with-complexity |
| Architectures that scale deep, Ben Siglman |
| Building secure and reliable sysystems, Google (brand new free book) |
| From abstract thinking to empirical observations: A change in computer science? |
| Failover Conference talks: excellent info on resilience in systems |
| Deployment at Slack |
| How Cloudflare scales and deploys |
Our operating systems and the security concepts behind them are 60 years old, at least. And like the language used to create them (C), they suffer from "ambient authority": to much power available at any moment. Sandboxing, ACLs and role models cannot overcome this. We need to understand the reasons and look at new approaches. There are serious connections from this topic to critical infrastructure and cybersecurity
| What are capabilities? |
| Fuchsia and Zirkon |
| Zirkon Kernel Concepts |
| CheriABI: Enforcing Valid Pointer Provenance and Minimizing Pointer Privilege in the POSIX C Run-time Environment |
| Time Protection: The Missing OS Abstraction |
| Rethinking the Linux Kernel |
| Capabilities |
| Microkernel beweisbar fehlerfrei |
When states created new departments for cyber security - in many cases within the military - they also created a huge number of security specialists ready to apply their knowledge. A typical case where the cure might be worse than the disease. ITSec is firmly establishing itself as a constant part of our life (and costs). But is it going to solve the problem or does it work like the military: build a parasitic organisation which in the case of the USA sucks more than 700 Billion Dollars a year from the taxpayer.
| CHESNEY ON CYBERSECURITY LAW , POLICY , AND INSTITUTIONS (v.3.0) (2020) |
| Crypto AG Was Owned by the CIA |
| MARKET FORCES. THE DEVELOPMENT OF THE EU SECURITY-INDUSTRIAL COMPLEX |
| Sicherheitsindustrieller Komplex: Bürgerrechtler warnen vor "militarisiertem Panopticon" in der EU |
| Secure EU Societies |
| Man on the loop |
| Cold war sabotage techniques |
| Marriott Data Breach Is Traced to Chinese Hackers as U.S. Readies Crackdown on Beijing |
| Threat Hunting - another thing inherited from the military? |
Corona did surprise many people. In security it is especially bad when you miss some important new development. New developments in hardware, artificial intelligence etc. pose new chances and problems and need to be investigated early on.
| Modern Mass Surveillance: Identify, Correlate, Discriminate |
| HDFI : Hardware-Assisted Data-flow Isolation, Chengyu Song et.al. (capability in hardware?) |
| Securing Firefox with WebAssembly By Nathan Froyd |
| Can we build trustable hardware? |
| betrusted new solution |
| Geo-fencing, monitoring etc. |
| To Track Coronavirus, Israel Moves to Tap Secret Trove of Cellphone Data |
| voice assistents allow new attack vectors |
| Internet Voting? |
| contact tracing |
| Covid-19: Neues Geschäftsfeld für Rüstungsfirmen |
| Covid App, Immunitätsausweis etc. |
| Securing systems with AI (MIcrosoft) |
Even before Corona health information was a very much sought after topic. It is a billion dollar treasure and can mean a lot of harm for people when it gets into the wrong hands. How should we handle health data today? It the Gematik approach used and enforced in Germany valid? What are the economic forces behind the discussion around privacy of health data?
| Security of Health Information |
| Sicherheitsrisiken durch TI: gematik weist Vorwürfe zurück 2019 |
| Freie Ärzteschaft warnt vor unsachgemäßer Konnektor-Installation |
| 36C3: Unsichere Patientendaten |
| Big Data: Die Fieberkurve früh erkennen |
| Technische Probleme bei der Einführung der elektronischen Patientenakte |
| Konzepte und Spezifikationen |
| CCC Analyse Gesundheitskarte |
| Requirements for tracking apps (CCC) |
The intranet is dead. You can't defend it. Look at Emotet. What are our options here? Take a look at google and others and how they deal with it. Try to come up with a concept for a small start-up.
| Firewalls, Segmentierung und Verinselung |
| Übersicht über das Sicherheitsdesign der Infrastruktur von Google |
| Zero-trust-security in Kubernetes with service meshes |
| Emotet ... |
| Forging swift messages/fsecure |
| Mitigating cloud vulnerabilities, NSA |
| Azure security compass 1.1 |
| Security Keys for 2FA |
| zero trust networks/ |
| Secure Edge Systems |
The brain and safety/security questions - not really a love affair. How do we deal with risk? Is there a logic against fake news? A topic fundamental to many others in this list.
| The Logic of Risk Taking, Nassim Nicholas Taleb |
| Ergodicity Versus History: A Critical Commentary on the Work of Ole Peters |
| Die Corona-Pandemie ist kein schwarzer Schwan: Warum 2020 nach Nassim Taleb nicht mit 2008 zu vergleichen ist |
| Going Critical - on topology, diffusion and culture |
| Gesellschaft und Risiko |
| wodarg fake news? |
| The Wall is the Wall: Why Fortresses Fail |
| Quantifiying Risk (Qcon 19) |
| Zensur oder Kampf gegen Fake News? |
Blackouts, pandemias, financial system breakdown, social unrest etc. The list of potential catastrophies is long. Are they "black swans" or could we prepare for/against them? Will they create permanent changes? Offer new opportunities? Are there cascading effects which could lead to total destruction? How do they relate to fundamental system vulnerabilities? Could we habe known? Lots of connections between this topic and others in this list.
| Post Corona, 03. April 2020 Hannes Hofbauer und Andrea Komlosy |
| Apps Gone Rogue:Maintaining Personal Privacy in an Epidemic |
| Slow the spread without giving up privacy |
| It wasn't just Trump who got it all wrong. |
| Kapitalismus kaputt? |
| Pandemie Studie Bundestag 2013 |
| Nathan Wolfe, waiting for the final plague |
| The next outbreak - we're not ready |
| negative interest |
| The climate action (ERCIM) |
| Pan-European Hackathon |
| Probleme-des-Geldsystems-und-die-Notwendigkeit-von-Vollgeld |
| Sheep looking up |
| Einkommen in den USA |
| US Fed dubious activities |
Is there a way to make software more secure? Patterns and anti-patterns. Organizational approaches vs. technology. What can static analysis tools really achieve? How can AI help?
| Secure by Design |
| 18 Lessons From 13 Years of Tricky Bugs |
| OSS-Fuzz |
| Out of the tar pit - essential vs. accidental state. Functional relational programming. |
| The Next Decade in AI: Four Steps Towards Robust Artificial Intelligence Gary Marcus |
| Make your programs more reliable with fuzzing |
| Binary hardening of IoT software |
| Security architecture anti-patterns, NCSC |
| Multiverse Databases for better privacy |
| clusterfuzz |
| Autonomous Testing and the Future of Software Development, Will Wilson (AI-based testing) |
| Ghidra: NSA stellt quelloffenes Software-Analyse-Tool vor |
| Vulnerabilities in Web Frameworks |
| Safe and Secure, an Invitation to Ada |
| Rust and WebAssembly |
| AI helping programmers |
Attacks are efficient, costly and - for the security researcher - mostly boring. "Same, same" as the say in Thailand. Well, what do you expect when softare companies are allowe to use unsafe languages and the transfer of risks and costs to the customer? Here we will ask what we have to do for a change by looking at some special attacks. Do the proposed fixes really solve the vulnerabilities or are they just one off fixes? What are the fundamental problems and how are they addressed? Do we really need class action suites to get rid of insecure IoT devices? Another very interesting area (because games often are leading edge products both technically as well as socially) is in game cheating and the defensive measures against it.
| A very deep dive into iOS Exploit chains found in the wild |
| Attacks on Trusted Platform Modules from Intel and others |
| lessons learned one year after nPetya |
| Critical Watch Report |
| Implant Teardown |
| Post-mortem and remediations for Apr 11 security incident | Matrix.org blog |
| Stealthy Dopant-Level Hardware Trojans: Extended Version Georg T. Becker |
| New vectors due to home office work? |
| Emotet causing physical damage |
| Kubernetes attack matrix |
| Deserialization Attacks in .Net Games |
| Anti-cheat measures and China |
| Trick against cheat selling websites? |
| CERT Top 10 Vulnerabilities with sources |
| Rethinking Our Assumptions During the COVID-19 Crisis with David Krakauer (Transmission Series Ep. |
| ILOVEYOU virus and still little progress in security |
Few people use formal methods in everyday work. But the complexity of our systems requires different approaches. We need to proof the liveness and correctness. We need to detect anomalies automatically and reduce the blast radius of problems with static and dynamic methods.
| Reducing Crash Recoverability to Reachability, Eric Koskinen Junfeng Yang, Yale University Columbia University |
| Why you should use modeling [with TLA+/PlusCal], Murat Demirbat of Buffalo University |
| Exploit Programming, From Buffer Overflows to “Weird Machines” and Theory of Computation, Sergey Bratus et.al. |
| The Importance of Features for Statistical Anomaly Detection |
| Fencing off Go: Liveness and Safety for Channel-Based Programming Nicholas Ng et.al. |
| Machine Learning Framework to Analyze IoT Malware Using ELF and Opcode Features, CHIN-WEI TIEN and SHANG-WEN CHEN |
| When correlation (or lack of it) can be causation (reducing the blast radius when making changes) |
You're only aware of CI when it fails. When universities and local governments shut down due to malware attacks. When the lights go out or the phones stop working. How vulnerable are we really? Is there a chance of cascading failures of CI? How stable is the Internet and what would bring it down? This is both a highly technical and highly political topic.
| Teslas Virtual Powerplant |
| This Is Not a Test: APT41 Initiates Global Intrusion Campaign Using Multiple Exploits |
| Emotet causing physical damage |
| US wants to isolate power grids with 'retro' technology to limit cyber-attacks |
| Full Committee Hearing to Examine Cybersecurity in our Nation's Critical Energy Infrastructure |
| Cyberattacks: China and Russia can disrupt US power networks warns intelligence report |
| Dragonfly: Western energy sector targeted by sophisticated attack group |
| There is a blind spot in AI research |
| Touching the Untouchables: Dynamic Security Analysis of the LTE Control Plane |
| The Ballot is Busted Before the Blockchain: A Security Analysis of Voatz, the First Internet Voting Application Used in U.S. Federal Elections, Michael A. Specter, MIT |
| PG&E insolvent: Waldbrände führen zu Klagen gegen US-Stromfirma |
| The internet in Covid-times: Traffic analysis |
| measurements |
| technical scaling info (podcast) |
| stats from OECD: internet in crisis-times |
| Lesson Learned Loss of Automatic Generation Control During RoutineUpdate |
It seems like a no-brainer for companies to ensure the safety of their procucts and services. This is not the case actually, as the legal system in the USA e.g. is a living proof of. Governments have enforced safety rules in many areas (e.g. cars, planes) but cases like the Boing 737 Max show some worrying developments here. Can we still rely on governments to enforce safety? What is required in todays organisations to ensure safe operation? And finally: aren't many so called security problems in reality safety problems? Using an unsafe language is a SAFETY problem in the first place. Mixing the concepts of safety and security up is very convenient for software companies because it allows them to hide the safety deficits of their products behind the black hats. Finally: what is the impact of new technologies like AI on safety? Would you be comfortable with AI in airplanes?
| Nancy G. Leveson, Engineering a Safer World, Systems Thinking Applied to Safety |
| safety culture movement (see blog.mi... Alexander Wallrabenstein) |
| Normalization of Deviance | Art is Art and Water is Water |
| Semiconductor Engineering:. ISO 26262-Functional safety |
| Highly Automated Vehicle Safety Validation |
| Why Silicon Valley’s “growth at any cost” is the new “unsafe at any speed” | Ars Technica |
| Designing for Failure: How to Manage Thousands of Hosts Through Automation Bercovich, Uber |
| Maureen Tkacic, Crash Course. How Boing's managerial revolution created the 737 Max disaster |
Concepts of privacy seem to change fast under the impact of catastrophies. But the concept has eroded already much earlier. Good examples are the adtech industry and the social credit system that China has created. But is it all bad? How could social credit be used in decisions a society has to make? And how "natural" is our western, modern concept of privacy?
| News about all privacy related developments (apps, laws etc.) |
| Research on adtech industry |
| Corona App |
| The Messy Truth About Social Credit |
| Greg Ferenstein, The Birth And Death Of Privacy: 3,000 Years of History Told Through 46 Images |
| Protecting civil liberties in a crisis |
| As Coronavirus Surveillance Escalates, Personal Privacy Plummets |
If you are still looking for interesting topics and papers: this is the topic list from the course in 2019:
| How Complex Systems Fail |
| Building A "Simple" Distributed System - Formal Verification — Jack Vanlightly |
Books: Nassim Taleb: Black Swans, Antifragile, Skin in the Game. On bad statistics and bad predictions.
| Design Patterns for Distributed Control Applications |
| Designing Distributed Control Systems: A Pattern Language Approach Veli-Pekka Eloranta, Johannes Koskinen, Marko Leppänen, Ville Reijonen |
| Feedback Control for Computer Systems Introducing Control Theory to Enterprise Programmers By Philipp Janert |
| LA+/pluscal modelling, invariants based design |
T
| Designing Distributed Systems with TLA+, Hillel Wayne |
| Applied Performance Theory, Kavya Joshi |
| The Systems Thinker – A Lifetime of Systems Thinking |
| Samuel Arbesman: Complexity Science + Venture Capital |
| Exploit Programming, From Buffer Overflows to “Weird Machines” and Theory of Computation, Sergey Bratus et.al. |
| The Good, the Bad, and the Weird, Let’s automatically identify weird machines in software. |
| MAMADROID : Detecting Android Malware by Building Markov Chains of Behavioral Models Enrico Mariconti † , |
| Shuffle Sharding: Massive and Magical Fault Isolation by Colm MacCarthaigh |
| GitHub - awslabs_route53-infima: Library for managing service-level fault isolation using Amazon Route 53 |
| Open-sourcing homomorphic hashing to secure update propagation, Kevin Lewi, Wonho Kim |
| Using Machine Learning to Ensure the Capacity Safety of Individual Microservices | Uber Engineering Blog |
| Safe Client Behavior, Ariel Goh (SRECon Australia, video) |
| How to Serve and Protect (with Client Isolation), Frances Johnson, This is another excellent talk from SRECon Asia |
Australia about protecting a service like Google Maps (with a plethora of internal and external clients)
| Isolation Without Containers, Tyler McMullen on WebAssembly |
| DSHR's Blog: Economic Models Of Long-Term Storage |
| Serverless Security And The Weakest Link (Or How Not to Get Nuked by App-DoS).html |
| How should I organize my AWS accounts? | #NoDrama DevOps |
| How many AWS accounts do I need? | #NoDrama DevOps |
| Home | Least Authority simple secure storage |
| When AWS Autoscale Doesn’t · Segment Blog also: hacker news |
| Errata Security: Notes on Build Hardening |
| build_safety_of_software_in_28_popular_home_routers |
| fast18_slides_gunawi_0 : fail slow at scale.. |
| Building Reliability in an Unreliable World |
, Greg Murphy describes how GameSparks have designed their platform to be tolerant of many things: unreliable and slow internet connectivity, cloud resources that can fail without warning or suffer performance degradation, poorly-performing or resource-heavy customer code in a multi-tenant environment.
| Mid-Air Plane Repair: Debugging in Production Maxim Fedorov Performance and Scalability Engineer @ WhatsApp |
https://www.heise.de/newsticker/meldung/Boeing-737-Max-Druck-auf-Hersteller-und-Aufsichtsbehoerde-steigt-4337163.html
. A good starting point to the Boing disaster...| Anatomy of a Crime: Secure DevOps or Darknet Early Breach Detection, Dr. Sarah Lewis Cortes, Salesforce |
| Securing a Security Company, Patrick Cable, Threat Stack, Inc. |
| Laura Nolan: Black Swans - what breaks our systems |
| Keynote: High Reliability Infrastructure Migrations - Julia Evans, Software Engineer, Stripe - YouTube |
| Close Loops & Opening Minds: How to Take Control of Systems, Big & Small, Colm MacCarthaigh (slides and video) |
| Is it Possible to Test Programmable Infrastructure? Matt Long at QCon London Made the Case for "Yes" |
| Canary Analysis Service, Automated canarying quickens development, improves production safety, and helps prevent outages. Štěpán Davidovič with Betsy Beyer |
| clusterfuzz, testing, |
| Autonomous Testing and the Future of Software Development, Will Wilson (AI-based testing) |
| The Hurricane’s Butterfly: Debugging pathologically performing systems, Bryan Cantrill |
| Ghidra: NSA stellt quelloffenes Software-Analyse-Tool vor | heise online |
| Google Researchers Say Spectre Will Haunt Us for Years |
. In this context see the paper on
| time as a missing abstraction in OS design |
| Kalaschnikow: Preisgünstige Kamikaze-Drohne für kleine Armeen |
| Spectre is here to stay, An analysis of side-channels and speculative execution, Ross Mcilroy, et.al. google |
| Semiconductor Engineering .:. Chasing Reliability In Automotive Electronics |
| electromechanical switching in the Bell System,..Hacker News |
| Ginseng: keeping secrets in registers when you distrust the operating system April 5, 2019 |
| Nancy G. Leveson, Engineering a Safer World, Systems Thinking Applied to Safety |
| safety culture movement (see blog.mi... Alexander Wallrabenstein) |
| Normalization of Deviance | Art is Art and Water is Water |
| Semiconductor Engineering .:. ISO 26262-Functional safety |
| Highly Automated Vehicle Safety Validation |
| Why Silicon Valley’s “growth at any cost” is the new “unsafe at any speed” | Ars Technica |
| Designing for Failure: How to Manage Thousands of Hosts Through Automation Monday, October 29, 2018 - 2:00 pm–2:30 pm, Brandon Bercovich, Uber |
| No! February 2019, Geoff Huston, What part of “No!” doesn’t the DNS understand? |
| Microsoft: 70 percent of all security bugs are memory safety issues | ZDNet |
| Simon Sapin on Twitter: "“[…] still had a buffer overrun discovered in 2016 (in code added in the 2001 and 2002) |
| Diane Hosfelt, The Most Secure Program Is One That Doesn’t Exist (Rust) |
| Fresh Async With Kotlin, Roman Elizarov |
| Kotlin Native Concurrency Model, Nikolay Igotti |
| What do you mean “thread-safe”?, Geoffrey Romer |
| The Dos and Donts of Error Handling, Joe Armstrong |
| Using Rust for Game Development, Catherine West |
| Understanding Real-World Concurrency Bugs in Go, Tengfei Tu |
| NETSCOUT Threat Intelligence Report, DAWN OF THE TERRORBIT ERA, Findings from Second Half 2018 |
| If you want, I can store the encrypted password." A Password-Storage Field Study with Freelance Developers, Naikashina et.al. |
"
| Triton is the world’s most murderous malware, and it’s spreading - MIT Technology Review.html |
| Alphabet’s Security Start-Up Wants to Offer History Lessons - The New York Times |
| state-of-the-internet-security-retail-attacks-and-api-traffic-report-2019 |
| Keep Calm and Authenticate: Why Adaptive is the Next Best Thing |
| IAM and Account Modelling in AWS |
| A First Look at the Crypto-Mining Malware Ecosystem: A Decade of Unrestricted Wealth, Sergio Pastrana |
| Small World with High Risks: A Study of Security Threats in the npm Ecosystem, Markus Zimmermann |
| Here's How the 2.09 Million EOS "Hack" Really Happened |
| Once hailed as unhackable, blockchains are now getting hacked - MIT Technology Review |
| Winning Systems & Security Practitioners 7. Attack Surface Reduction · Privacy, Power, & Protection In The Cyber Century |
| Remotely compromise devices by using bugs in Marvell Avastar Wi-Fi: from zero knowledge to zero-click RCE – Embedi |
| 3 ways state actors target businesses in cyber warfare, and how to protect yourself - TechRepublic |
| SD-WAN_-_35C3_-_publish |
How to hack software defined network and keep your sanity?
| Why Software Remains Insecure |
The benefits of quickly building bad software have so far outweighed the downsides, By Daniel Miessler in Information Security
| Modern Web Security, Lazy But Mindful Like a Fox, by Albert Yu |
| Managing Secrets at Scale, by Mark Paluch |
| The Untold Story of NotPetya, the Most Devastating Cyberattack in History | WIRED |
| Crpytography that can't be hacked |
.
| On Infrastructure at Scale: A Cascading Failure of Distributed Systems |
| What Bugs Live in the Cloud? |
A Study of 3000+ Issues in Cloud Systems, Gunawi et.al.
| Metadata: Paper review. An Empirical Study on Crash Recovery Bugs in Large-Scale Distributed Systems |
| Alpha Dominche Shuts Down: Is Commercial Coffee Tech Dead? | The Spoon |
| hillelwayne.com, STAMPing on event-stream • Hillel Wayne |
Horrible story on javascript, npm and third party libraries.
| The Biggest IT Failures of 2018 - IEEE Spectrum |
| Reviewing-Oppenheimer_-_Why-do-internet-services-fail |
| Gray Failure: The Achilles’ Heel of Cloud-Scale Systems Peng Huang et.al. Microsoft Researc |
| Software won't fix Boing's faulty airframe |
| What We Learned from the Recent Mandrill Outage |
| Alle Jahre wieder: Frankreich am großen Blackout vorbeigeschrammt | Telepolis |
| Die technisch hochgerüstete Gesellschaft ist verletzlicher denn je | NZZ |
| PG&E insolvent: Waldbrände führen zu Klagen gegen US-Stromfirma |
| Cyberattack on Venezuela? |
| Gartner: A Look at Emerging Types of Machine Learning for Fraud Detection |
| It’s time for Practical AI, "We put brains in your hardware" |
SAFETY SECURITY MEDICAL
| Künstliche Intelligenz: Überall in Europa entscheiden schon Algorithmen | heise online |
A
| adversarial WiFi Sensing using a Single Smartphone, Yanzi Zhu |
| The crux of voice (in)security: a brain study of speaker legitimacy detection April 1, 2019 |
| The Future of War, and How It Affects YOU (Multi-Domain Operations) - Smarter Every Day 211 - YouTube |
| Missing Link: Überwacht die Überwacher, oder: Klagen gegen den Präventionsstaat | heise online |
| Europäische Standards-Organisation warnt USA vor TLS 1.3 | heise online_files |
| Geopolitics For Fun & Profit |
| Money Machines: behind the financial industry |
An Interview with an Anonymous Algorithmic Trader
| Missing Link: Predictive Policing - Verbrechensvorhersage zwischen Hype und Realität | heise online |
| Die Geräte der Hacker im Überblick, WLANs stören, Tastatureingaben auslesen, heimlich Screenshots anfertigen – mit speziellen Hacker-Geräten kein Problem. Wer die Tools kennt, kann sich schützen. |
| https://www.heise.de/newsticker/meldung/10-Millionen-Vertrag-DARPA-will-sicheres-Online-Wahlsystem-voranbringen-4338218.html |
| heise online, DARPA Secure Hardware Software Architecture
| https://medium.com/@jpaulreed/the-737max-and-why-software-engineers-should-pay-attention-a041290994bd |
Boing 737 Max,
| New approaches to secure embedded systems? |
Microsoft solution with cloud and Linux OS and special hardware? How does it look?
Here is the list from summer 2018. You can find the results on https://blog.mi.hdm-stuttgart.de
Will we soon use fingerprints etc. in browsers to authenticate against services? A new standard evolves:
| WebAuthN |
Hardware Security: covert channels, race conditions, boot and system management and other weak points. Methods to find problems e.g. in hardware transactional memory. Retpoline from Google. Silent Corruptions, KELEMEN Péter, CERN IT. Hardware Architectures for Software Security, Joshua N. Edmison, Diss. Virginia Polytec. Institute.
Trusted root of systems. Taking Teslas solution for cars we could look at the general principles of building a trusted root and try to come up with something for IoT. There is a larger report on the Tesla solution available.
Adversarial Neuronal Networks. I would like to continue this topic from last term as it has the potential to affect NN use almost everywhere. How can we test NNs? How do we calculate reliability? Also:
| The Malicious Use of Artificial Intelligence, Forecasting, Prevention, and Mitigation |
, a very interesting study by lots of researchers.
| AAAI trip report, lots of adversarial stuff |
. Take a look at Jonas Miederers presentation in blog.mi.
Resilience, system stability and change, robustness: what does the theory on cybernetics, complex adaptive systems and system theory say about damage resistence? A look at Nassim Taleb's Antifragility book might help too. How complex systems fail.
Cloud security and the BeyondCorp approach of Google:
| Intranet is dead! |
Secure Architectures for Critical Infrastructures. How can we secure CI given all the security problems of hardware and software? Renn, Ortwin (Hrsg.): Das Energiesystem resilient gestalten: Szenarien – Handlungsspielräume – Zielkonflikte (Schriftenreihe Energiesysteme der Zukunft), München 2017.
Formal Methods for large scale architectecures: TLA+ by Leslie Lamport. How to Build Static Checking Systems Using Orders of Magnitude Less Code, Fraser Brown, Andres Noetzli, Dawson Engler, Stanford Univ.. also
| Snarky, a high level language for verifiable computation |
Continuous Deployment and its security problems.DevOOPs: Attacks And Defenses For DevOps Toolchains Insomni'hack 24 March 2017
Crash consistend applications (not all file-systems are created equal). Self-controlling software? Self-healing software? This topic will become more important with autonomous devices. Reducing Crash Recoverability to Reachability, Eric Koskinen Junfeng Yang Yale University Columbia University, Redundancy Does Not Imply Fault Tolerance: Analysis of Distributed Storage Reactions to Single Errors and Corruptions Aishwarya Ganesan, Ramnatthan Alagappan, Andrea C. Arpaci-Dusseau, https://www.usenix.org/conference/fast17/technical-sessions/presentation/ganesan and
| FAST 18 papers on fault-tolerant storage |
and what happens
| When during filesystem restore operation the power fails again? |
RustBelt: Securing the foundations of the Rust programming language Jung et al., POPL, 2018. Language security and formal verification. We should take a look at the ownership concept and compare it to an object capability. I have a tummy feeling that we are talking about the same thing here. And creating an object capability with exclusive but transferable ownership is just a capability desing pattern. And not to forget: how will Java fix the "unsafe" feature? (Rust has it also). Another thing: Checked C is an extension for the C language that is supposed to avoid buffer overruns etc. Worth looking at it as most system software is still written in C/C++.
Serverless computing (FAAS): what are the implications for security?
| Serverless Security |
web assembly based on object capability principles? for caps:
| What are Capabilities? |
High-Assurance Cyber Military Systems (HACMS): Baking Hack Resistance Directly into Hardware. how does it work?
A list of post mortems and what we can learn from them. Danluu, github
The Importance of Features for Statistical Anomaly Detection David Goldberg, Yinan Shan, EBAY
The fight for better software and systems, history: A design methodology for reliable software systems, by B. H. LISKOV, The MITRE Corporation, Bedford, Massachusetts (1972). Bernard Meyer's Design by Contract?
Security Industrial Complex: EUs framework program on security. Military companies, boarder security etc. A view on global developments in military and surveillance industry.
Investigate some attacks and vulnerabilities: beA (mail to lawywers),
| meltdown, ... |
| Traffic hacks |
| Javascript side channel attacks |
and
| Server side javascript injection |
Grey failures are failures which are very hard to find as they get frequently masked by fault-tolerant features of systems. They reduce theoretical availability and can lead to an unexpected system crash. A paper from azure engineers explains some of the problems found.
| Gray Failure: The Achilles’ Heel of Cloud-Scale Systems |
Smart Meter: how do we secure devices for IoT and Smart Home use? 9 vendors want certification from the BSI. Technological, economical and ecological considerations.
How can Byzantine Protocols prevent attacks from participating nodes? What are the costs? What are the failure assumptions (DOS, wrong protocol etc.). Are those protocols alternatives for critical infrastructures. An example given by
| Liskov and Castro |
which was discussed on morningpaper. A comparison of blockchain consensus and byzantine consensus in
| Murat's paper summary of Bitcoin-NG |
The financial subsystem has shown a tendency for disaster several times in the past. Can we measure the risk inside this subsystem? There is an interesting EU project (part of FP7) that tries to identify and measure the risk.
| Systemic Risk Tomography Signals, Measurements, Transmission Channels and Policy Interventions |
. And while we are at it: let's take a look at current EU programs in security. Dan Geer just wrote a very interesting paper on global risks and interdependencies dubbed
| A Rubicon |
Bruce Schneier says that
| AI mightt tip the balance more towards defense against attacks |
because it does not suffer from the human weaknesses (speed, errors, scale). How will the black hats counter this development? And how can
| black hats use AI? |
General
| ML Security |
The train system of a country is certainly a critical infrastructure. We might be able to take a closer look at the german bundesbahn thanks to a contact I got recently.
Evoting has been a topic for security a while ago. Modern societies will have to use the internet to increase participation.
| Hack-profing elections |
will be key to this.
Is Quantum Computing a
| threat to security |
and which algorithms are affected?
Smart Contracts are still a hot topic. Can we
| verify those automatically? |
Another look at smart contracts in
| Ethereum S.C. |
. What kind of improvements for security are possible with a not-turing-complete language?
The autonomous war: robots, drones and other technology against human beings. How far are we?
| Killer Robots stoppen |
. And not to forget: there is a tight connection to the
| Financial Industry |
Hard words: Linus Torvalds, Public Mar 13, 2018, It looks like the IT security world has hit a new low. If you work in security, and think you have some morals, I think you might want to add the tag-line "No, really, I'm not a whore. Pinky promise" to your business card. Because I thought the whole industry was corrupt before, but it's getting ridiculous. At what point will security people admit they have an attention-whoring problem?
| AMDFLAWS.com |
. We can take a look at the current state of the security-industrial complex.
Human Performance and Software Errors. Its time to study software problems in detail because they are very much linked to human behavior and cause major loss of money or lives nowadays.
| Software Troubles |
Security is never far from legal problems. John Kingston wrote a paper on
| AI and Legal Liability |
which covers current opinions on this difficult subject.
The world economic forum on:
| Environment and Natural Resource Security |
Two nice publications for secure system research. First, Future Now Institute published its
| report on 225 trends |
and a
| list of post mortems and lessons learned |
appeared on Github.
Preparedness is a big part of a resilient system. Netflix uses its
| Simian Army/Chaos Monkeys |
to cause serious errors in production, just to test their resilience.
If you want to see what we did in past terms, take a look at
| my blog entry on 2016 |
.