1 00-Inspiration

1.1 Screencasts

1.2 Why is security important?

The contents of a man’s letters are more valuable than the contents of his purse.
- Lord Varys
Not only that, now the contents of one’s bit-streams are also the contents of one’s purse…
In 2023, the latter (money) is perhaps the most common goal of attack,
though it was not always.

1.3 Information is power.

* Conversely, the lack of information (anonymity or privacy) is also power.
* Ask the class:
* What power does attaining information provide?
* What power does concealing information (anonymity) provide?
* What is the concrete nature of this power?
* Mention: distributed, concrete, insurance, control, lack of consequence, etc.
* Data transmissions are not just used for messages, but physical control of systems, power grids, water, manufacturing, etc.
* Mention:
* numerous recent historical attacks on power-grid infrastructure
* International (power-plants: https://en.wikipedia.org/wiki/2015_Ukraine_power_grid_hack )
* Within the US (corporate lack of participation, backup power-supplies)
* The engineer’s forgotten “convenience backdoor”
* Ask:
* Should any manufacturing plant be connected to the internet?

1.4 Security/Privacy trade-off is an unnecessary illusion (usually).

They’re usually not at odds.
Just do both instead!
The assertion that they are at odds is usually a concrete power-grab.

1.5 Privacy is security, but of different information.

e.g., meta-data instead of message content
This is a common mistake: “privacy is not security”
Privacy and security are not different concepts, just different data.
Privacy is indeed security, it just refers to the protection a broader set of data.
Mention: Apple’s recent example of “pseudo-security theater”

1.6 All security is ultimately either physical or cryptographic.

Data stored or transmitted on a physical medium can be protected behind a physical barrier.
Data stored or transmitted on a physical medium can be protected by encryption.
Data stored or transmitted on a physical medium can be accessed, or denied access, through an access control interface, present at a computer terminal endpoint.
What stops someone attempting to bypass the access control interface?
* Examples:
* your home computer?
* a library computer on a public desk?
* a remote web-server?
* How is data on the hard drive secured?
* when un-encrypted?
* when encrypted?
* when logged in?
* when not logged in?
* when off?
* when on?
* What about data in RAM?
* when off?
* when on?
* when logged in?
* when not logged in?
* does encryption apply here?
* How is a traveling message secured from being read on the way to it’s destination?
* How are network connections secured?
* How does software integrity factor in?
* Any exceptions?

1.7 Much of cryptography is actually strong, though the whole system needs to be secure.

* Interestingly, for the first time in human history, the thing being locked away (information) is actually secure enough to withstand more-or-less limitless resources of nation states (unlike for example a physical vault).
* Novel legal and social concept:
* Security without obscurity (open-source cryptography)
* Mention: A common mis-understanding, particularly of older individuals
* What does this resemble, historically?
* Secure software can be trust-less, and it should be!
* If software is not open-source, it is not trustworthy.
* That is, it can not be veritably trust-less.
* Don’t settle for trust, when you can have trust-less software!

What can a algorithm designer, programmer, or IT professional do to help?

1.9 Security is easy.

1.10 Security while still allowing the key people access is hard.


The most clever tricks in modern security make access (especially remote access) possible, in unexpectedly secure ways.

1.11 Most thefts are employees.

1.12 Most “hacks” are actually internal compromises.

For example, the DNC “hacks” were likely just leaks
(at least as far as a public executive letter written by the technical director of the NSA,
and other high-ranking security officials said…).

1.13 Security is often driven by cyclical arms-race phenomena.

Much in security is arbitrary,
especially offensive security,
but there are general principles to emerge.
I hope to provide you that context,
which may not be obvious.
Often, students think they will be excited about offensive security,
only to realize that defensive security is more theoretically rich.

1.14 Security has progressed from tinkerers’ exploits to an affair of nation states and organized crime

Security is now the domain of elite professionals,
who are required in virtually every industry,
including government.

1.15 Full stack understanding required

* When I ask professionals at national labs and in industry security what they want out of students, what do they say?
* Security is an extremely heterogeneous topic, where exploits can be largely arbitrary, and technical details change rapidly due to an arms race, with fundamental principles far and few between. We will try to emphasize those principles which last the test of time.
* Security is simultaneously one of the most and least formal disciplines in computation.
* e.g., human factors versus cryptography
* Security is best learned by learning the entire stack.
* For example knowing operating systems and networking deeply makes much of security obvious.
* Disclaimer the term “full stack” is often applied to the web stack alone, but I use it more broadly here to refer to the entire computing stack.

The student experience:
* Often, computer science students think they are going to be interested in security, only to realize 1/4 of it is computer engineering, 1/4 of it is math, 1/4 of it is IT, and only about 1/4 of it is computer science.
* Often computer engineering students come into this class, not expecting much, and realizing they like security, and the skill-sets match well.

1.16 The most domain-general principles within security are compartmentalization and layering

These principles of compartmentalization and layering for the purpose of security exist in:
* physical security,
* biology,
* immunology,
* psychology (as a syndrome and coping mechanism for a “spy”),
* and throughout all components of security/anonymity/privacy/deception generally.
Modern systems are often too complex to evaluate fully.
Further, modern systems often lack explicit trust (closed design).
Assuming that excess complexity and deficit of trust,
security by isolation or compartmentalization,
rather than security by correctness,
is likely a good strategy,
a crutch to minimize damages and losses.

1.17 This semester:

Though humans are the largest problem in security,
we will cover the technical components in this class
(this is CS; IST/BIT often covers the human component more).

By analogy, consider the difference between:
the medical professional who makes a business out of how to patch the unhealthy habits of a self-destructive patient who vapes, eats junk food, and sits around playing video games,
or a trainer/dietitian who optimizes the health and performance of an elite athlete who already eats well, sleeps well, and exercises.
Both have a place in medicine and industry,
and the helping former may actually be more impactful in the short-term.
However, we will generally avoid the former
(making your MS-Windows machine less insecure),
in favor of the latter,
(how to actually do security correctly).

We will also favor defensive over offensive security,
though will attempt to do justice to both.
Defensive security comes first.
i.e., learning defensive tactics to survive the nasty, arbitrary,
short-sighted attacks that arise in this computing environment,
that resembles Lord of the Flies / Prison Yard / Public School…

We will have several major sections of the course: ../Content.html

Next: 01-InfoSecOverview.html