Swipe to navigate through the chapters of this book
Cybersecurity is a highly technical subject that uses many tools. It starts with the protection rings built into the chips that power the computer. The basic hardware rules enforce more complex security policies. Security also depends on the way the software is deployed and used. Hackers attempt to exploit flaws in the security system to circumvent or penetrate barriers to their access to valuable resources. This chapter explains some of the basic tools and principles that are used in secure computing.
Please log in to get access to this content
To get access to this content you need the following product:
There are exceptions. The earliest PC x86 processors did not have protection rings. Any MS-DOS program could execute any instruction, which gave DOS programs wonderfully destructive power. When protection rings were added to the x86 architecture, Windows still allowed every program to execute every instruction because some old programs required privileged instructions to work. Since some of these old programs were important to customers, ring protection was not added to Windows when rings appeared. Microsoft engineers added partially effective code to protect the system, but many “blue screen” crashes could not be prevented. These issues were resolved over time. Now Windows uses ring protection and the system is more reliable. Linux never had the backwards compatibility issue because it is based on UNIX, which used ring protection early.
See “NIST Cybersecurity Portal,” www.nist.gov/cybersecurity-portal.cfm . Accessed February 2016.
Supplicant is security jargon for a person or agent attempting to authenticate.
The cybersecurity team usually offer the keys to the clown car to enterprise users with blank passwords.
I have to add that side channel assaults are a possibility. They are a sophisticated form of snooping that use external factors like the size and response times of messages to siphon off information about a system. The derived information may be approximate and incomplete, but perhaps enough to stage a breach. See Shou Chen, Rui Wang, XiaoFeng Wang, Kehuan Zhang. "Side-Channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow," May 2012.
http://research.microsoft.com/pubs/119060/WebAppSideChannel-final.pdf . Accessed February 2016.
See www.passwordrandom.com/most-popular-passwords . Accessed February 2016. If you think you have a crack-proof password, check here. You may be surprised.
Dan Goodin, "25-GPU cluster cracks every standard Windows password in <6 hours," Ars Technica, December 2012. http://arstechnica.com/security/2012/12/25-gpu-cluster-cracks-every-standard-windows-password-in-6-hours/ . Accessed February 2016. Note that this reference was three years old when it was accessed. Hardware has advanced in the mean time.
I've skipped over another factor for simplicity. Even though there are trillions of possibilities, there is always a chance that the hacker will win the lottery and get a hit early in its process. The probability of a hit within an interval can be calculated, but I don't want to discuss it here. Longer is still better.
A word of caution: you must be cautious when changing authorizations. If you end up with no way to log in with administrator privileges, you are in a horrible pickle. Check the documentation, understand it, and proceed carefully.
Flash drives are sometimes used to spread malware. In circumstances like this, the flash drive should be reformatted to guarantee that malware is removed before it is used. There have been cases in which air gaps have been breached by this method.
For an example, see Kif Leswing, " Another Huge Security Hole Has Been Discovered on Lenovo Computers" http://fortune.com/2015/12/08/lenovo-solution-center-hack/ . Accessed February 2016.
See Niels Ferguson, "AES-CBC + Elephant diffuser: A Disk Encryption Algorithm for Windows Vista," http://css.csail.mit.edu/6.858/2012/readings/bitlocker.pdf . Accessed February 2016. This is a paper by the developer of BitLocker from Microsoft, providing a rather technical discussion of the encryption algorithm and hardware used in BitLocker.
- How Does Computer Security Work?
- Sequence number
- Chapter number
- Chapter 3