CS591 ST 008

Lab 0 (due 2/25/09)

Puzzle for January 4, 2006
A student discovers a flaw in the department's computer system. To ensure that the flaw really exists, she exploits it to gain extra privileges on the system. These privileges allow her to read any file on the system, whereas without the privileges, there are files that the student cannot read.
1)Given that there were files she was not supposed to be able to read, did the student act ethically in exploiting the flaw?
2)The computer system did not provide sufficient mechanisms to prevent the student from obtaining the additional privileges. Did she "break in" (that is, breach security) or was her action not a violation of security?
3)The student reports the problem to the department chairperson, who promptly files charges against the student for breaking in. Assuming that what the student did was a violation of security, did the chairperson act ethically?

Answer(s):
1) When this student exploited the system it made her indistinguishablefrom any other hacker/threat. Her actions are considered unethical.
2) This is the common explanation for many unethical action that are computer and non computer related. The idea that "not enough" protection gives one the right to break the weak protection and possibly steal, alter, etc procted data is wrong. There may never be 100% full proof protection for computers (or other entities for that matter). When the flaw was discovered, she should have reported immediately to the system administrator. It is not her responsibility to "check" the security up to the point of criminal actions.
3) This answer to this question was a bit more difficult for me to answer. I had to look up the formal definition of "ethical". It seems to be more about what is considered right and what is considered wrong in a professional. Although this could apply to our goverened laws, it deals more with social acceptable behaviour in a particular society. I would have to say that the chairperson responded rashly and unethical. When the student approached the chairperson, he/she must have thought that this was in good faith, and probably didn't require legal action.


Puzzle for March 10, 2006
A large software company has decided to develop a secure computer system. They have requested their top designers and programmers to create a viable design, and implement it. However, sensing a large market, the president of the company has asked that the product be completed as soon as possible without sacrificing quality. The marketing folks have been presenting the design of the system under development to major corporations and government agencies, all of whom have reacted enthusiastically. All have been promised a firm ship date.
To meet this date, the programmers must complete the product quickly so it can be tested. The programming is taking more time than was initially thought, and the testing time is being reduced to enable the product to be completed and shipped on time.
The president is beginning to get nervous about the quality of code and the design of the product. You are brought in as an independent consultant, and asked to check the work done so far, and if there are problems recommend changes. You check the design, which is clearly aimed at securing network communications, and then you check the code. There are no comments, and the code is not well modularized at all. When you speak with the programmers, they complain about pressure to write code quickly and the lack of time they feel they need.
1) Given what you know from the above, what questions would you raise about the design of the secure system?
2) What would you report as being the most serious impediment to getting this product out the door? In other words, what would your report identify as being the main security concerns here?

Answer(s):
1) If the design is well formed then the code should follow to also be well formed and modularized. This means the reduction of coupling and increase of cohesion. When designing. Saltzer/Schroeder's Design Principles should be used. This can include but not limited to, Economy of Mechanism, Complete Mediation and Fail Safe. I believe that the majority of time should be spent up front on the design. This time can be from the actual implementation, but also in the reviews and verification/validation of the design. Some design tools can also take a detail design and produce a good portion of the code needed. This can help to reduce time needed in the coding phase.
2) There is always concern when only one person has a particular knowledge. It is the case that employees move on to other programs or companies. It would be benefical, to help reduce future work from different developers, to write code with well documented comments and to use a well modularized code design. Also, if possible to use an Extreme Programming style to which 2 programmers are working together. While one codes the other "shoulder browses" to ensure errors are not made. This seems to work very well, but requires that both persons be on-board at the same time.

Puzzle for February 15, 2006
Saul Alinsky illustrated one of his rules of tactics for an organizer with the following example:
“The third rule is: Whenever possible go outside of the experience of the enemy. Here you want to cause confusion, fear, and retreat.
General William T. Sherman, whose name still causes a frenzied reaction throughout the South, provided a classic example of going outside the enemy's experience. Until Sherman, military tactics and strategies were based on standard patterns. All armies had fronts, rears, flanks, lines of communication, and lines of supply. Military campaigns were aimed at such standard objectives as rolling up the flanks of the enemy army or cutting the lines of supply or lines of communication, or moving around to attack from the rear. When Sherman cut loose on his famous March to the Sea, he had no front or rear lines of supplies or any other lines. He was on the loose and living on the land. The South, confronted with this new form of military invasion, reacted with confusion, panic, terror, and collapse. Sherman swept on to inevitable victory. It was the same tactic that, years later in the early days of World War II, the Nazi Panzer tank divisions emulated in their far-flung sweeps into enemy territory, as did our own General Patton with the American Third Armored Division.”
What does this have to do with computer security?
The passage is from pages 127–128 of Saul Alinsky’s book Rules for Radicals, published by Randmm House, Inc., New York, NY, copyright 1972.

Answer(s):
This has everything to do with computer security. Attacks are made almost solely on this idea. When security is enforced, it is based on what one would expect to be performed by their attackers. In order for most attacks to be successful, it helps to perform a task, or tasks, that was completely unexpected by the security enforcers. When an attack is not anticipated, then it is hard, nearly impossible, to protect your system against it.