1 00:00:06,320 --> 00:00:11,499 [Music] 2 00:00:16,320 --> 00:00:19,760 good morning everyone and welcome back 3 00:00:18,800 --> 00:00:23,920 to 4 00:00:19,760 --> 00:00:27,840 the talks for linux conference 2022 5 00:00:23,920 --> 00:00:30,080 um it is first up this morning we have 6 00:00:27,840 --> 00:00:32,000 casey schofler 7 00:00:30,080 --> 00:00:34,399 who will be speaking about security 8 00:00:32,000 --> 00:00:36,000 community expressed as too many venn 9 00:00:34,399 --> 00:00:36,880 diagrams 10 00:00:36,000 --> 00:00:39,600 and 11 00:00:36,880 --> 00:00:41,920 i do enjoy a good venn diagram so i'm 12 00:00:39,600 --> 00:00:44,320 pretty excited for this one 13 00:00:41,920 --> 00:00:47,360 so casey chauffeur founded the smack 14 00:00:44,320 --> 00:00:48,960 project in 2006 after an especially 15 00:00:47,360 --> 00:00:51,760 heated debate with the se linux 16 00:00:48,960 --> 00:00:53,600 developers on a topic now long forgotten 17 00:00:51,760 --> 00:00:56,079 he has been developing secure operating 18 00:00:53,600 --> 00:00:58,239 systems since the late 1980s starting 19 00:00:56,079 --> 00:01:00,800 the system that became trusted solaris 20 00:00:58,239 --> 00:01:02,719 and architecting trusted iris he was the 21 00:01:00,800 --> 00:01:04,479 technical editor for the influential 22 00:01:02,719 --> 00:01:07,119 posix p 23 00:01:04,479 --> 00:01:09,040 103.1e 24 00:01:07,119 --> 00:01:12,640 tc why did i leave that in for the 25 00:01:09,040 --> 00:01:14,799 spoken one uh security draw standard he 26 00:01:12,640 --> 00:01:17,600 is currently working on the linux 27 00:01:14,799 --> 00:01:19,600 security module infrastructure so um 28 00:01:17,600 --> 00:01:23,360 casey will be taking questions after the 29 00:01:19,600 --> 00:01:25,520 talk if there is time left so um please 30 00:01:23,360 --> 00:01:27,680 everybody if you've got questions for 31 00:01:25,520 --> 00:01:30,159 casey during the talk 32 00:01:27,680 --> 00:01:32,640 post them in the questions tab at the 33 00:01:30,159 --> 00:01:34,240 top of the chat in venulis 34 00:01:32,640 --> 00:01:36,320 note that your questions may not appear 35 00:01:34,240 --> 00:01:38,079 right away because it is moderated i or 36 00:01:36,320 --> 00:01:39,119 one of the other volunteers will approve 37 00:01:38,079 --> 00:01:41,360 them 38 00:01:39,119 --> 00:01:44,079 and then at the end of casey's talk at 39 00:01:41,360 --> 00:01:46,000 this time i'll pass them on to casey so 40 00:01:44,079 --> 00:01:49,280 thank you very much for speaking for us 41 00:01:46,000 --> 00:01:50,720 today casey all over to you 42 00:01:49,280 --> 00:01:51,920 thank you 43 00:01:50,720 --> 00:01:54,159 um 44 00:01:51,920 --> 00:01:56,000 my name is casey shelfler i've been 45 00:01:54,159 --> 00:01:58,320 working in the 46 00:01:56,000 --> 00:02:01,759 security community for some time i've 47 00:01:58,320 --> 00:02:03,840 been developing kernels since the 1970s 48 00:02:01,759 --> 00:02:06,960 i've been working in security as as we 49 00:02:03,840 --> 00:02:09,440 mentioned since the the mid 80s and i'm 50 00:02:06,960 --> 00:02:11,360 the author and maintainer for the smac 51 00:02:09,440 --> 00:02:13,920 linux security module 52 00:02:11,360 --> 00:02:17,520 so i want to put a little bit of context 53 00:02:13,920 --> 00:02:18,800 in place for the talk today and 54 00:02:17,520 --> 00:02:20,640 the first thing i want to talk about is 55 00:02:18,800 --> 00:02:23,360 community now 56 00:02:20,640 --> 00:02:26,080 you've heard a lot of talks so far 57 00:02:23,360 --> 00:02:28,080 in the the conference about communities 58 00:02:26,080 --> 00:02:29,760 uh and the technical definition of a 59 00:02:28,080 --> 00:02:30,879 community is people with something in 60 00:02:29,760 --> 00:02:32,959 common 61 00:02:30,879 --> 00:02:34,080 but we really want to talk about 62 00:02:32,959 --> 00:02:36,720 community 63 00:02:34,080 --> 00:02:38,720 in terms of not only do the people have 64 00:02:36,720 --> 00:02:40,560 something in common but they communicate 65 00:02:38,720 --> 00:02:42,400 with each other about it 66 00:02:40,560 --> 00:02:44,879 if you don't 67 00:02:42,400 --> 00:02:46,480 communicate you don't really have 68 00:02:44,879 --> 00:02:47,280 community 69 00:02:46,480 --> 00:02:48,840 uh 70 00:02:47,280 --> 00:02:51,280 next 71 00:02:48,840 --> 00:02:53,760 thing tricky finger 72 00:02:51,280 --> 00:02:56,720 computer security 73 00:02:53,760 --> 00:02:59,360 a feeling of safety around and about 74 00:02:56,720 --> 00:03:01,760 computers 75 00:02:59,360 --> 00:03:04,800 there are lots of technologies involved 76 00:03:01,760 --> 00:03:07,120 in computer security but it really is 77 00:03:04,800 --> 00:03:08,640 about how you know security is how you 78 00:03:07,120 --> 00:03:10,080 feel about it 79 00:03:08,640 --> 00:03:12,720 and 80 00:03:10,080 --> 00:03:16,480 the feeling of safety is 81 00:03:12,720 --> 00:03:18,159 very important in a lot of aspects 82 00:03:16,480 --> 00:03:19,440 and then the third thing is a venn 83 00:03:18,159 --> 00:03:23,280 diagram 84 00:03:19,440 --> 00:03:26,080 venn diagrams were invented in 1880 85 00:03:23,280 --> 00:03:27,920 by john van and one wonders how people 86 00:03:26,080 --> 00:03:30,480 described 87 00:03:27,920 --> 00:03:32,799 relationships between sets of things 88 00:03:30,480 --> 00:03:35,840 before they had venn diagrams now the 89 00:03:32,799 --> 00:03:36,879 other thing the venn diagrams have 90 00:03:35,840 --> 00:03:40,000 actually 91 00:03:36,879 --> 00:03:43,200 been very useful for is that 92 00:03:40,000 --> 00:03:44,840 it introduced the concept of 93 00:03:43,200 --> 00:03:48,159 visualizing 94 00:03:44,840 --> 00:03:49,440 data and 95 00:03:48,159 --> 00:03:51,280 it's been 96 00:03:49,440 --> 00:03:53,120 we look at it now it's like well of 97 00:03:51,280 --> 00:03:55,360 course it's simple it's obvious but this 98 00:03:53,120 --> 00:04:00,480 is a very new thing not that long ago 99 00:03:55,360 --> 00:04:02,879 1880 was not yet not prehistoric times 100 00:04:00,480 --> 00:04:05,680 so we're going to start off with a story 101 00:04:02,879 --> 00:04:07,840 i like stories so this story is about 102 00:04:05,680 --> 00:04:10,640 the birth of a community 103 00:04:07,840 --> 00:04:12,239 and it takes place or at least it starts 104 00:04:10,640 --> 00:04:14,720 in europe in the middle of the 20th 105 00:04:12,239 --> 00:04:14,720 century 106 00:04:14,879 --> 00:04:19,320 at that time right around 1944 107 00:04:19,519 --> 00:04:23,440 the most prominent people 108 00:04:22,160 --> 00:04:27,199 given that the 109 00:04:23,440 --> 00:04:30,080 the world was essentially at war 110 00:04:27,199 --> 00:04:32,639 there were soldiers politicians spies 111 00:04:30,080 --> 00:04:35,680 and and there were mathematicians who 112 00:04:32,639 --> 00:04:36,720 you might not normally think in in terms 113 00:04:35,680 --> 00:04:39,360 of 114 00:04:36,720 --> 00:04:40,240 being the same august uh entities as 115 00:04:39,360 --> 00:04:43,199 these 116 00:04:40,240 --> 00:04:44,800 other groups but we'll just describe 117 00:04:43,199 --> 00:04:48,800 that a little bit now 118 00:04:44,800 --> 00:04:50,160 among the politicians there were also um 119 00:04:48,800 --> 00:04:51,199 some 120 00:04:50,160 --> 00:04:53,120 some of the 121 00:04:51,199 --> 00:04:56,400 members of politicians but there were 122 00:04:53,120 --> 00:04:58,800 also spies who were politicians and 123 00:04:56,400 --> 00:04:59,759 there were soldiers who were politicians 124 00:04:58,800 --> 00:05:02,560 uh 125 00:04:59,759 --> 00:05:05,120 some and there were some politicians who 126 00:05:02,560 --> 00:05:07,199 were acting as soldiers as well so 127 00:05:05,120 --> 00:05:08,960 there was some overlap 128 00:05:07,199 --> 00:05:12,479 the set of people who were politicians 129 00:05:08,960 --> 00:05:14,000 include some soldiers and some spies 130 00:05:12,479 --> 00:05:15,520 well 131 00:05:14,000 --> 00:05:17,680 on the other side of the diagram here we 132 00:05:15,520 --> 00:05:20,639 have the mathematicians and 133 00:05:17,680 --> 00:05:22,639 in the mathematicians there's a subset 134 00:05:20,639 --> 00:05:24,320 who are the cryptographers 135 00:05:22,639 --> 00:05:26,320 now the cryptographers are very 136 00:05:24,320 --> 00:05:27,680 specialized mathematicians and they 137 00:05:26,320 --> 00:05:30,000 specialize 138 00:05:27,680 --> 00:05:30,000 in 139 00:05:30,080 --> 00:05:34,800 numerical 140 00:05:31,919 --> 00:05:36,400 methods to obscure data and make it 141 00:05:34,800 --> 00:05:38,800 difficult for somebody who you don't 142 00:05:36,400 --> 00:05:41,199 want to read it to look at it 143 00:05:38,800 --> 00:05:43,600 uh cryptographers are very very 144 00:05:41,199 --> 00:05:44,800 important in in this in this time 145 00:05:43,600 --> 00:05:47,039 because 146 00:05:44,800 --> 00:05:47,039 um 147 00:05:47,360 --> 00:05:53,280 cryptography is a munition or used as he 148 00:05:55,120 --> 00:05:59,919 used as a component of warfare 149 00:05:57,919 --> 00:06:01,919 and there's a lot of warfare going on so 150 00:05:59,919 --> 00:06:03,759 you need so you have have a good amount 151 00:06:01,919 --> 00:06:06,080 of cryptography and some of the 152 00:06:03,759 --> 00:06:08,400 cryptographers were actually soldiers 153 00:06:06,080 --> 00:06:08,400 and 154 00:06:08,720 --> 00:06:11,919 some soldiers were drafted into 155 00:06:10,400 --> 00:06:13,520 cryptography if they showed a 156 00:06:11,919 --> 00:06:17,039 mathematical bent 157 00:06:13,520 --> 00:06:19,280 and all part of this whole global 158 00:06:17,039 --> 00:06:21,680 brouhaha that's going on 159 00:06:19,280 --> 00:06:23,680 and of course you always have spies and 160 00:06:21,680 --> 00:06:26,639 spies are you know some of your soldiers 161 00:06:23,680 --> 00:06:29,199 are spy some your spies are soldiers 162 00:06:26,639 --> 00:06:31,039 even have spies where politicians 163 00:06:29,199 --> 00:06:32,880 uh 164 00:06:31,039 --> 00:06:34,560 politicians don't like to think about 165 00:06:32,880 --> 00:06:37,199 that very much but it 166 00:06:34,560 --> 00:06:39,280 it does occur so 167 00:06:37,199 --> 00:06:42,000 we have this this special group of 168 00:06:39,280 --> 00:06:44,000 cryptographers working um in the 169 00:06:42,000 --> 00:06:46,080 military 170 00:06:44,000 --> 00:06:48,720 for military purposes uh 171 00:06:46,080 --> 00:06:51,199 lots of information that goes on 172 00:06:48,720 --> 00:06:53,360 among in between soldiers you don't want 173 00:06:51,199 --> 00:06:56,319 your opponents to see or even your 174 00:06:53,360 --> 00:06:59,840 politicians sometimes 175 00:06:56,319 --> 00:07:01,680 so we have this this group here 176 00:06:59,840 --> 00:07:05,199 which are 177 00:07:01,680 --> 00:07:06,560 the military intelligence community or 178 00:07:05,199 --> 00:07:08,479 at the time they would call that the 179 00:07:06,560 --> 00:07:12,240 security community 180 00:07:08,479 --> 00:07:14,160 now about this time 181 00:07:12,240 --> 00:07:16,639 there's a major development 182 00:07:14,160 --> 00:07:17,680 that actually has 183 00:07:16,639 --> 00:07:21,039 has a 184 00:07:17,680 --> 00:07:22,560 very important impact on 185 00:07:21,039 --> 00:07:25,039 the development of 186 00:07:22,560 --> 00:07:27,680 of the world that we live in right now 187 00:07:25,039 --> 00:07:30,479 and that is that the cryptographers 188 00:07:27,680 --> 00:07:31,360 started making machines to help them 189 00:07:30,479 --> 00:07:34,479 with their 190 00:07:31,360 --> 00:07:35,680 cryptography uh the famous enigma device 191 00:07:34,479 --> 00:07:37,440 that the uh 192 00:07:35,680 --> 00:07:40,160 the german 193 00:07:37,440 --> 00:07:42,160 army used to transmit information was an 194 00:07:40,160 --> 00:07:45,280 example of a mechanical one 195 00:07:42,160 --> 00:07:48,080 but code breakers started to create 196 00:07:45,280 --> 00:07:49,680 machines that would actually help them 197 00:07:48,080 --> 00:07:51,599 break codes 198 00:07:49,680 --> 00:07:53,759 that were being used to protect 199 00:07:51,599 --> 00:07:57,039 information 200 00:07:53,759 --> 00:07:59,360 and these are the first actual 201 00:07:57,039 --> 00:08:01,440 serious users of what we would call 202 00:07:59,360 --> 00:08:02,240 today a computer 203 00:08:01,440 --> 00:08:06,080 so 204 00:08:02,240 --> 00:08:08,479 what that's saying is that the computer 205 00:08:06,080 --> 00:08:11,960 the computer community began in the 206 00:08:08,479 --> 00:08:11,960 security community 207 00:08:14,479 --> 00:08:17,199 maybe not what a lot of people want to 208 00:08:16,000 --> 00:08:19,520 hear but 209 00:08:17,199 --> 00:08:22,000 very very important 210 00:08:19,520 --> 00:08:24,479 to the the advance of the security 211 00:08:22,000 --> 00:08:26,800 community and the computer community 212 00:08:24,479 --> 00:08:28,800 so just a little bit later getting to 213 00:08:26,800 --> 00:08:31,120 about 1950. 214 00:08:28,800 --> 00:08:33,360 um 215 00:08:31,120 --> 00:08:36,399 we have our cryptographers they're using 216 00:08:33,360 --> 00:08:38,399 their their computers uh to do their 217 00:08:36,399 --> 00:08:40,880 their cryptographic uh 218 00:08:38,399 --> 00:08:42,479 encoding decoding 219 00:08:40,880 --> 00:08:43,959 but we also have a bunch of people who 220 00:08:42,479 --> 00:08:48,399 are 221 00:08:43,959 --> 00:08:50,000 experimenting with digital electronics 222 00:08:48,399 --> 00:08:54,880 analog electronics have been a lot been 223 00:08:50,000 --> 00:08:57,839 around for quite some time radio signals 224 00:08:54,880 --> 00:09:00,480 morse code voice signals even primitive 225 00:08:57,839 --> 00:09:00,480 television 226 00:09:01,519 --> 00:09:06,080 not say that it ever got over being 227 00:09:03,040 --> 00:09:06,080 primitive but um 228 00:09:06,399 --> 00:09:10,320 are these are people who are doing 229 00:09:08,080 --> 00:09:12,000 research into what you can use digital 230 00:09:10,320 --> 00:09:14,320 electronics for 231 00:09:12,000 --> 00:09:14,320 and 232 00:09:15,120 --> 00:09:19,360 they discovered that one of the things 233 00:09:17,279 --> 00:09:21,279 you can use digital electronics for is 234 00:09:19,360 --> 00:09:22,800 calculations 235 00:09:21,279 --> 00:09:24,959 and they're getting all excited about 236 00:09:22,800 --> 00:09:26,720 this because now they can do 237 00:09:24,959 --> 00:09:29,040 calculations 238 00:09:26,720 --> 00:09:31,360 much faster than they've ever been able 239 00:09:29,040 --> 00:09:33,440 to do them before if you've ever seen a 240 00:09:31,360 --> 00:09:36,320 picture of a babbage engine 241 00:09:33,440 --> 00:09:37,920 which was a calculating machine the 242 00:09:36,320 --> 00:09:40,720 intricacy of 243 00:09:37,920 --> 00:09:42,320 the mechanics of that are prohibitive in 244 00:09:40,720 --> 00:09:44,240 in a mass kind of production but with 245 00:09:42,320 --> 00:09:47,279 the electronic one they could do their 246 00:09:44,240 --> 00:09:49,279 digital uh computations and everything 247 00:09:47,279 --> 00:09:51,519 this was really great 248 00:09:49,279 --> 00:09:53,360 well of course you can't do this under 249 00:09:51,519 --> 00:09:54,720 under government funded grants at a 250 00:09:53,360 --> 00:09:58,399 university 251 00:09:54,720 --> 00:10:00,800 uh without the cryptographers 252 00:09:58,399 --> 00:10:01,680 noticing it and saying hey you know we 253 00:10:00,800 --> 00:10:05,680 can 254 00:10:01,680 --> 00:10:08,800 replace some of our analog 255 00:10:05,680 --> 00:10:10,079 mechanical devices with electronics and 256 00:10:08,800 --> 00:10:11,279 we'll bring these people into our 257 00:10:10,079 --> 00:10:13,360 community 258 00:10:11,279 --> 00:10:15,200 so now we have a an expanding 259 00:10:13,360 --> 00:10:18,320 cryptographic community 260 00:10:15,200 --> 00:10:21,600 that includes 261 00:10:18,320 --> 00:10:24,000 includes digital electronic as well as 262 00:10:21,600 --> 00:10:28,720 their mechanical things and 263 00:10:24,000 --> 00:10:28,720 the community is all all very happy um 264 00:10:28,959 --> 00:10:35,279 and this is about the state of this of 265 00:10:31,279 --> 00:10:35,279 the the computer community 266 00:10:35,680 --> 00:10:42,640 until about 1955 267 00:10:38,240 --> 00:10:45,200 in 1955 ibm introduced the series 700 268 00:10:42,640 --> 00:10:47,040 which was the first 269 00:10:45,200 --> 00:10:48,399 commercially viable and commercially 270 00:10:47,040 --> 00:10:50,320 accepted 271 00:10:48,399 --> 00:10:52,079 electronic computer 272 00:10:50,320 --> 00:10:54,079 and 273 00:10:52,079 --> 00:10:56,720 all of a sudden we had this enormous 274 00:10:54,079 --> 00:10:58,959 community computer community and only a 275 00:10:56,720 --> 00:11:01,600 so a small subset of it was the 276 00:10:58,959 --> 00:11:03,920 cryptographers 277 00:11:01,600 --> 00:11:06,079 and at this point in time 278 00:11:03,920 --> 00:11:07,360 what one of the most important things 279 00:11:06,079 --> 00:11:09,680 about 280 00:11:07,360 --> 00:11:10,880 security and about computers 281 00:11:09,680 --> 00:11:12,720 is that 282 00:11:10,880 --> 00:11:15,360 security means cryptography in the 283 00:11:12,720 --> 00:11:17,680 computer world 284 00:11:15,360 --> 00:11:19,440 because that 285 00:11:17,680 --> 00:11:22,800 is the 286 00:11:19,440 --> 00:11:24,800 derivation so where it all came from 287 00:11:22,800 --> 00:11:26,839 anytime you're talking about security in 288 00:11:24,800 --> 00:11:30,160 the computer world you're talking about 289 00:11:26,839 --> 00:11:33,440 cryptography it's not like you've got a 290 00:11:30,160 --> 00:11:36,399 bunch of people sh well what you've got 291 00:11:33,440 --> 00:11:37,920 yeah and up until about 16 1969 what 292 00:11:36,399 --> 00:11:39,839 you've got is a bunch of isolated 293 00:11:37,920 --> 00:11:44,000 computers 294 00:11:39,839 --> 00:11:45,040 com the community involved is 295 00:11:44,000 --> 00:11:47,600 sharing 296 00:11:45,040 --> 00:11:50,079 stories about how their computer 297 00:11:47,600 --> 00:11:51,200 failed or how they come up with a new 298 00:11:50,079 --> 00:11:53,200 program 299 00:11:51,200 --> 00:11:55,760 uh but there's a little bit of 300 00:11:53,200 --> 00:11:57,360 communication some articles and some in 301 00:11:55,760 --> 00:12:00,320 in journals 302 00:11:57,360 --> 00:12:01,279 but really it's pretty well isolated 303 00:12:00,320 --> 00:12:02,800 uh 304 00:12:01,279 --> 00:12:04,880 there's not a lot of communication 305 00:12:02,800 --> 00:12:06,560 between computer users um these are 306 00:12:04,880 --> 00:12:08,720 expensive device again they're expensive 307 00:12:06,560 --> 00:12:11,440 advice devices 308 00:12:08,720 --> 00:12:13,600 and they're not being and it 309 00:12:11,440 --> 00:12:16,480 is a privilege to be able to you 310 00:12:13,600 --> 00:12:16,480 actually use one 311 00:12:16,959 --> 00:12:22,560 and then in 1969 312 00:12:19,839 --> 00:12:25,200 they introduced arpanet 313 00:12:22,560 --> 00:12:26,320 arpanet was the first major computer 314 00:12:25,200 --> 00:12:27,360 network 315 00:12:26,320 --> 00:12:29,680 uh 316 00:12:27,360 --> 00:12:31,040 it allowed 317 00:12:29,680 --> 00:12:33,680 department of def 318 00:12:31,040 --> 00:12:36,160 amer u.s department of defense 319 00:12:33,680 --> 00:12:39,200 contractors and 320 00:12:36,160 --> 00:12:41,760 grant especially grant holders 321 00:12:39,200 --> 00:12:44,000 to exchange information 322 00:12:41,760 --> 00:12:46,720 and to provide that information make 323 00:12:44,000 --> 00:12:49,200 that information readily available to 324 00:12:46,720 --> 00:12:50,320 the funding government agencies 325 00:12:49,200 --> 00:12:53,279 and this was 326 00:12:50,320 --> 00:12:56,560 a major advance because instead of 327 00:12:53,279 --> 00:12:58,480 computing in isolation you collaboration 328 00:12:56,560 --> 00:13:01,279 was now actually something you could do 329 00:12:58,480 --> 00:13:01,279 electronically 330 00:13:04,000 --> 00:13:07,440 now what what was important to the 331 00:13:05,839 --> 00:13:10,880 arpanet though it's like you know 332 00:13:07,440 --> 00:13:13,279 arpanet's is kind of a new thing well 333 00:13:10,880 --> 00:13:14,480 consider that the backbone of the 334 00:13:13,279 --> 00:13:17,040 arpanet 335 00:13:14,480 --> 00:13:18,000 was 56 kilobits 336 00:13:17,040 --> 00:13:18,839 uh 337 00:13:18,000 --> 00:13:20,560 and 338 00:13:18,839 --> 00:13:24,079 that 339 00:13:20,560 --> 00:13:26,720 if you're trying okay 60 50 kilobits 340 00:13:24,079 --> 00:13:28,800 that's about the same speed as the dsl 341 00:13:26,720 --> 00:13:29,760 line that i'm giving this presentation 342 00:13:28,800 --> 00:13:31,360 over 343 00:13:29,760 --> 00:13:32,560 uh 344 00:13:31,360 --> 00:13:35,440 and 345 00:13:32,560 --> 00:13:37,440 to connect to the arpanet you would call 346 00:13:35,440 --> 00:13:40,320 it on the phone 347 00:13:37,440 --> 00:13:43,760 and that might mean a rotary dial 348 00:13:40,320 --> 00:13:47,680 and you could get anywhere from 349 00:13:43,760 --> 00:13:48,959 in 300 to 9600 bits per second on the 350 00:13:47,680 --> 00:13:52,720 phone line 351 00:13:48,959 --> 00:13:54,959 between your computer and the backbone 352 00:13:52,720 --> 00:13:56,480 and you are paying polls for the 353 00:13:54,959 --> 00:13:57,839 telephone calls 354 00:13:56,480 --> 00:13:59,839 now 355 00:13:57,839 --> 00:14:02,959 in 1969 356 00:13:59,839 --> 00:14:04,800 phone calls were not cheap 357 00:14:02,959 --> 00:14:06,880 you know we think of phone calls now as 358 00:14:04,800 --> 00:14:08,959 being essentially free 359 00:14:06,880 --> 00:14:11,040 there weren't they actually cost real 360 00:14:08,959 --> 00:14:12,639 money and you had to do real accounting 361 00:14:11,040 --> 00:14:14,079 on on that 362 00:14:12,639 --> 00:14:15,279 so 363 00:14:14,079 --> 00:14:17,519 what 364 00:14:15,279 --> 00:14:19,279 what really was important to the arpanet 365 00:14:17,519 --> 00:14:20,560 and to making the arpa network 366 00:14:19,279 --> 00:14:22,240 successfully 367 00:14:20,560 --> 00:14:24,240 was speed 368 00:14:22,240 --> 00:14:27,440 you had to have 369 00:14:24,240 --> 00:14:29,279 fast data communications you had to do 370 00:14:27,440 --> 00:14:32,880 everything you possibly could to get the 371 00:14:29,279 --> 00:14:34,959 bits from your machine to the arpanet as 372 00:14:32,880 --> 00:14:37,199 quickly as possible so you could hang up 373 00:14:34,959 --> 00:14:39,440 and save some money 374 00:14:37,199 --> 00:14:42,880 and 375 00:14:39,440 --> 00:14:45,920 so in support of this they the internet 376 00:14:42,880 --> 00:14:46,880 protocol was was developed a five-layer 377 00:14:45,920 --> 00:14:49,440 stack 378 00:14:46,880 --> 00:14:50,959 uh with application applications at the 379 00:14:49,440 --> 00:14:52,320 top and hardware at the bottom and 380 00:14:50,959 --> 00:14:53,440 several 381 00:14:52,320 --> 00:14:56,320 interesting 382 00:14:53,440 --> 00:14:57,279 divisions in the middle 383 00:14:56,320 --> 00:15:01,120 it was 384 00:14:57,279 --> 00:15:02,800 optimized to make this trend make this 385 00:15:01,120 --> 00:15:04,959 um the process of getting the 386 00:15:02,800 --> 00:15:07,519 information from here to there as fast 387 00:15:04,959 --> 00:15:10,000 as it as the hardware 388 00:15:07,519 --> 00:15:12,079 would allow it to do 389 00:15:10,000 --> 00:15:14,880 now 390 00:15:12,079 --> 00:15:16,480 security as again security talk right 391 00:15:14,880 --> 00:15:19,360 well 392 00:15:16,480 --> 00:15:21,920 you had a private government network 393 00:15:19,360 --> 00:15:23,920 you weren't allowed to use the arpanet 394 00:15:21,920 --> 00:15:24,839 unless you had a dod department of 395 00:15:23,920 --> 00:15:27,519 defense 396 00:15:24,839 --> 00:15:29,680 contract that you were 397 00:15:27,519 --> 00:15:32,240 that you were 398 00:15:29,680 --> 00:15:32,240 supporting 399 00:15:32,560 --> 00:15:36,240 you had unique identifiers you were 400 00:15:34,320 --> 00:15:38,399 calling it on the telephone your 401 00:15:36,240 --> 00:15:40,160 telephone number was available if 402 00:15:38,399 --> 00:15:42,800 if 403 00:15:40,160 --> 00:15:45,279 your telephone number was available 404 00:15:42,800 --> 00:15:48,079 um and the internet protocol is re as 405 00:15:45,279 --> 00:15:50,800 originally conceived you bought 406 00:15:48,079 --> 00:15:52,560 your internet your ip address 407 00:15:50,800 --> 00:15:55,199 you paid money for it 408 00:15:52,560 --> 00:15:56,399 and it could be tracked back to you 409 00:15:55,199 --> 00:15:59,040 all right 410 00:15:56,399 --> 00:16:01,440 and because we're security and security 411 00:15:59,040 --> 00:16:04,560 means encryption we're going to bolt 412 00:16:01,440 --> 00:16:06,399 we have mechanisms to bolt encryption 413 00:16:04,560 --> 00:16:09,440 on the bottom so 414 00:16:06,399 --> 00:16:10,959 if you want to hook up your device to 415 00:16:09,440 --> 00:16:13,600 another device you can put a 416 00:16:10,959 --> 00:16:15,680 cryptographic 417 00:16:13,600 --> 00:16:18,160 encoder between them 418 00:16:15,680 --> 00:16:19,920 if you want your your application to 419 00:16:18,160 --> 00:16:21,839 talk to the other application on the end 420 00:16:19,920 --> 00:16:23,519 or if you want to do authentication you 421 00:16:21,839 --> 00:16:25,839 do that up at the top of the application 422 00:16:23,519 --> 00:16:28,880 layer and 423 00:16:25,839 --> 00:16:32,880 the stack isn't impacted by it it's you 424 00:16:28,880 --> 00:16:32,880 know perfect completely your choice 425 00:16:34,240 --> 00:16:39,680 and that works just great 426 00:16:36,480 --> 00:16:42,079 yeah every yeah 427 00:16:39,680 --> 00:16:43,839 it's policed it's maintained and 428 00:16:42,079 --> 00:16:47,040 everybody's happy right and the people 429 00:16:43,839 --> 00:16:48,560 who again the people who are not 430 00:16:47,040 --> 00:16:50,240 supposed to be on the airplane people 431 00:16:48,560 --> 00:16:51,279 who don't have any have business being 432 00:16:50,240 --> 00:16:53,519 there 433 00:16:51,279 --> 00:16:56,880 aren't allowed on 434 00:16:53,519 --> 00:16:59,279 well sometime around 1982 and 435 00:16:56,880 --> 00:17:01,360 exactly when will 436 00:16:59,279 --> 00:17:04,079 when that occurred will vary depending 437 00:17:01,360 --> 00:17:08,319 on exactly who you talk to 438 00:17:04,079 --> 00:17:10,210 the arpanet morphed into the internet 439 00:17:08,319 --> 00:17:11,919 now the internet 440 00:17:10,210 --> 00:17:14,720 [Music] 441 00:17:11,919 --> 00:17:16,240 has a higher speed backplane 442 00:17:14,720 --> 00:17:19,280 backbone 443 00:17:16,240 --> 00:17:20,319 very different mechanisms to communicate 444 00:17:19,280 --> 00:17:22,079 to it 445 00:17:20,319 --> 00:17:25,439 um 446 00:17:22,079 --> 00:17:29,280 but it's available to everybody 447 00:17:25,439 --> 00:17:32,080 so the security aspects of the internet 448 00:17:29,280 --> 00:17:33,919 a little bit different from our banette 449 00:17:32,080 --> 00:17:35,840 first off it's not a private government 450 00:17:33,919 --> 00:17:38,240 network everybody's allowed on there's 451 00:17:35,840 --> 00:17:41,919 nobody policing it 452 00:17:38,240 --> 00:17:43,280 your unique identifiers well in order to 453 00:17:41,919 --> 00:17:44,840 provide 454 00:17:43,280 --> 00:17:48,080 access to 455 00:17:44,840 --> 00:17:49,679 to the general public and 456 00:17:48,080 --> 00:17:51,600 lower cost 457 00:17:49,679 --> 00:17:53,520 institutions 458 00:17:51,600 --> 00:17:55,360 you're not calling 459 00:17:53,520 --> 00:17:57,440 into the backbone you're calling into an 460 00:17:55,360 --> 00:17:59,280 internet service provider who's actually 461 00:17:57,440 --> 00:18:01,280 connected up to the backbone 462 00:17:59,280 --> 00:18:02,720 and they don't want to to 463 00:18:01,280 --> 00:18:04,320 pay for all these 464 00:18:02,720 --> 00:18:06,080 internet addresses that they're that 465 00:18:04,320 --> 00:18:09,120 they would have to so they've 466 00:18:06,080 --> 00:18:11,039 implemented protocols that cheat 467 00:18:09,120 --> 00:18:12,960 so that they can actually 468 00:18:11,039 --> 00:18:16,320 use one internet address 469 00:18:12,960 --> 00:18:16,320 to get to the isp and then 470 00:18:16,400 --> 00:18:20,480 lie about things going out to the the 471 00:18:18,400 --> 00:18:23,919 individual users 472 00:18:20,480 --> 00:18:26,960 so you've lost also that but 473 00:18:23,919 --> 00:18:30,480 the bolt-on encryption is still there 474 00:18:26,960 --> 00:18:32,400 so if you want to have encrypted 475 00:18:30,480 --> 00:18:35,120 communications between your machine and 476 00:18:32,400 --> 00:18:37,200 the and your internet service provider 477 00:18:35,120 --> 00:18:39,440 you can still do that 478 00:18:37,200 --> 00:18:40,400 uh nobody's doing it though 479 00:18:39,440 --> 00:18:42,799 um 480 00:18:40,400 --> 00:18:44,880 and you're you can do encryption in your 481 00:18:42,799 --> 00:18:46,240 applications although that does make it 482 00:18:44,880 --> 00:18:49,120 difficult to be 483 00:18:46,240 --> 00:18:50,799 make them generally available 484 00:18:49,120 --> 00:18:53,520 so 485 00:18:50,799 --> 00:18:57,679 okay the security story is 486 00:18:53,520 --> 00:18:59,280 not really very very clean here 487 00:18:57,679 --> 00:19:00,960 and what did this lead to 488 00:18:59,280 --> 00:19:03,039 well 489 00:19:00,960 --> 00:19:04,799 um first first thing it led to was the 490 00:19:03,039 --> 00:19:07,440 cuckoo's egg 491 00:19:04,799 --> 00:19:07,440 cliff stole 492 00:19:07,679 --> 00:19:11,280 an astronomer 493 00:19:09,600 --> 00:19:13,520 who had 494 00:19:11,280 --> 00:19:16,320 was working as a system administrator 495 00:19:13,520 --> 00:19:18,799 was assigned the task of finding the bug 496 00:19:16,320 --> 00:19:22,160 in the accounting software because they 497 00:19:18,799 --> 00:19:25,120 were always like three or four cents off 498 00:19:22,160 --> 00:19:26,799 and after about a year's work it turned 499 00:19:25,120 --> 00:19:28,320 out that what was really going on is 500 00:19:26,799 --> 00:19:29,440 this the accounting software was just 501 00:19:28,320 --> 00:19:31,200 fine 502 00:19:29,440 --> 00:19:32,480 it's just that there was somebody out on 503 00:19:31,200 --> 00:19:35,360 the internet 504 00:19:32,480 --> 00:19:35,360 who was 505 00:19:35,840 --> 00:19:41,919 contacting their mach their machines 506 00:19:38,960 --> 00:19:45,200 and using them for other purposes to 507 00:19:41,919 --> 00:19:45,200 which they weren't authorized 508 00:19:47,520 --> 00:19:50,160 and it was difficult to track them now 509 00:19:49,200 --> 00:19:52,160 because 510 00:19:50,160 --> 00:19:54,000 again there's nobody policing it and 511 00:19:52,160 --> 00:19:56,720 there really 512 00:19:54,000 --> 00:19:58,240 isn't any way to just easily tell where 513 00:19:56,720 --> 00:19:59,120 things are coming from 514 00:19:58,240 --> 00:20:01,120 so 515 00:19:59,120 --> 00:20:03,679 that was that was the first thing here 516 00:20:01,120 --> 00:20:07,280 then the next thing that came along 517 00:20:03,679 --> 00:20:09,280 um was the morris worm 518 00:20:07,280 --> 00:20:12,080 more mr morris 519 00:20:09,280 --> 00:20:14,960 happened to have a little program it was 520 00:20:12,080 --> 00:20:16,799 supposed to self-replicate slowly and 521 00:20:14,960 --> 00:20:17,600 see if it could find other places to go 522 00:20:16,799 --> 00:20:20,159 and 523 00:20:17,600 --> 00:20:21,120 um 524 00:20:20,159 --> 00:20:22,960 you know 525 00:20:21,120 --> 00:20:24,960 replicate itself on other computers and 526 00:20:22,960 --> 00:20:26,880 then find it information about where i 527 00:20:24,960 --> 00:20:28,559 might go from there and do the same and 528 00:20:26,880 --> 00:20:31,039 just kind of slowly 529 00:20:28,559 --> 00:20:33,200 um take over the entire world well there 530 00:20:31,039 --> 00:20:34,720 was a bug in the program 531 00:20:33,200 --> 00:20:36,720 there was a bug in the in the rate 532 00:20:34,720 --> 00:20:39,039 limiting that it that it was supposed to 533 00:20:36,720 --> 00:20:42,240 be doing and as a result pulling it 534 00:20:39,039 --> 00:20:42,240 ended up just about everywhere 535 00:20:47,520 --> 00:20:50,880 now 536 00:20:48,480 --> 00:20:51,679 how did this come about 537 00:20:50,880 --> 00:20:54,960 well 538 00:20:51,679 --> 00:20:56,240 uh probably the big reason is that 539 00:20:54,960 --> 00:20:58,480 um 540 00:20:56,240 --> 00:21:01,919 without any kind of 541 00:20:58,480 --> 00:21:03,760 identification of who's using the using 542 00:21:01,919 --> 00:21:07,039 the network where things are coming or 543 00:21:03,760 --> 00:21:07,039 who who it's coming from 544 00:21:07,679 --> 00:21:11,440 you first off you well you have an 545 00:21:09,679 --> 00:21:13,760 activity which is 546 00:21:11,440 --> 00:21:15,440 touted as a very good thing 547 00:21:13,760 --> 00:21:18,000 but at the same time you don't have 548 00:21:15,440 --> 00:21:20,640 responsibility which is not such a good 549 00:21:18,000 --> 00:21:22,559 thing and that led to our people 550 00:21:20,640 --> 00:21:24,559 initially we called them crackers and 551 00:21:22,559 --> 00:21:27,039 then they got called hackers because 552 00:21:24,559 --> 00:21:29,280 people who could who it was assumed the 553 00:21:27,039 --> 00:21:31,600 people who were clever using computers 554 00:21:29,280 --> 00:21:34,080 we're going to be doing bad things 555 00:21:31,600 --> 00:21:37,039 uh this rolled into the term black hat 556 00:21:34,080 --> 00:21:37,039 as opposed to the 557 00:21:37,679 --> 00:21:41,440 from the western movies the 558 00:21:39,520 --> 00:21:45,280 the bad guys always were the black hats 559 00:21:41,440 --> 00:21:47,200 the good guys were the white hats uh 560 00:21:45,280 --> 00:21:48,720 currently i think we're 561 00:21:47,200 --> 00:21:51,280 pretty well uh 562 00:21:48,720 --> 00:21:55,360 using the term bad actor to 563 00:21:51,280 --> 00:21:57,280 identify this this individual 564 00:21:55,360 --> 00:21:59,760 but the reality is we 565 00:21:57,280 --> 00:22:01,440 because you can't track them down 566 00:21:59,760 --> 00:22:02,880 and you don't know where they are 567 00:22:01,440 --> 00:22:05,919 they're everywhere 568 00:22:02,880 --> 00:22:05,919 all right so 569 00:22:06,799 --> 00:22:12,960 we have this horrible state of of things 570 00:22:09,280 --> 00:22:16,799 on on the internet here where um 571 00:22:12,960 --> 00:22:20,640 security is just kind of out of control 572 00:22:16,799 --> 00:22:20,640 but fortunately um 573 00:22:22,480 --> 00:22:27,120 there are still people who are who are 574 00:22:24,720 --> 00:22:28,320 looking at security from a slightly 575 00:22:27,120 --> 00:22:32,000 different angle 576 00:22:28,320 --> 00:22:34,000 and that's the angle of access control 577 00:22:32,000 --> 00:22:36,080 access control um 578 00:22:34,000 --> 00:22:37,600 is starting to become more at this time 579 00:22:36,080 --> 00:22:38,840 starting to become more and more of an 580 00:22:37,600 --> 00:22:41,840 issue 581 00:22:38,840 --> 00:22:43,679 because you've got people sharing big 582 00:22:41,840 --> 00:22:46,000 expensive machines 583 00:22:43,679 --> 00:22:46,000 and 584 00:22:46,320 --> 00:22:49,120 more and more people are getting access 585 00:22:48,000 --> 00:22:50,480 because more and more people are 586 00:22:49,120 --> 00:22:51,679 figuring out fun things to do with 587 00:22:50,480 --> 00:22:54,559 computers 588 00:22:51,679 --> 00:22:57,039 uh and in some cases people are using 589 00:22:54,559 --> 00:23:01,039 sensitive information uh 590 00:22:57,039 --> 00:23:01,039 best example of this i know of is 591 00:23:01,200 --> 00:23:05,679 a site where they're do using super 592 00:23:02,960 --> 00:23:07,520 computer to do weather forecasting 593 00:23:05,679 --> 00:23:10,000 and 594 00:23:07,520 --> 00:23:12,159 weather forecasting is 595 00:23:10,000 --> 00:23:14,080 generally safe information for people to 596 00:23:12,159 --> 00:23:17,360 have 597 00:23:14,080 --> 00:23:19,600 but it can be very sensitive if 598 00:23:17,360 --> 00:23:21,360 if your navy for example 599 00:23:19,600 --> 00:23:23,760 is doing weather forecasts on a 600 00:23:21,360 --> 00:23:24,880 particular location because that might 601 00:23:23,760 --> 00:23:27,039 give 602 00:23:24,880 --> 00:23:27,919 some of your adversaries information 603 00:23:27,039 --> 00:23:30,240 about 604 00:23:27,919 --> 00:23:31,840 where that navy might be performing you 605 00:23:30,240 --> 00:23:35,440 know might be having 606 00:23:31,840 --> 00:23:37,280 maneuvers or might be planning to 607 00:23:35,440 --> 00:23:39,600 to do an invasion 608 00:23:37,280 --> 00:23:41,919 any of a number of things so 609 00:23:39,600 --> 00:23:43,919 there's sensitivity there 610 00:23:41,919 --> 00:23:45,520 and again computers are still expensive 611 00:23:43,919 --> 00:23:47,520 at that point 612 00:23:45,520 --> 00:23:49,440 and so you've got 613 00:23:47,520 --> 00:23:51,360 people sharing them so you want to have 614 00:23:49,440 --> 00:23:53,679 some access control 615 00:23:51,360 --> 00:23:54,799 involved 616 00:23:53,679 --> 00:23:56,320 now of course 617 00:23:54,799 --> 00:23:57,200 the people are looking at access control 618 00:23:56,320 --> 00:23:59,120 are going to look at the state of the 619 00:23:57,200 --> 00:24:00,960 art of security at that point 620 00:23:59,120 --> 00:24:03,360 and state of the art is what's in 621 00:24:00,960 --> 00:24:05,200 arpanet which is to both secure both 622 00:24:03,360 --> 00:24:06,720 cryptography on the side 623 00:24:05,200 --> 00:24:08,180 because i remember at this point we're 624 00:24:06,720 --> 00:24:09,360 still thinking that um 625 00:24:08,180 --> 00:24:12,400 [Music] 626 00:24:09,360 --> 00:24:14,000 security means cryptography 627 00:24:12,400 --> 00:24:16,880 now you want to make it optional because 628 00:24:14,000 --> 00:24:19,120 in a lot a lot of cases 629 00:24:16,880 --> 00:24:20,880 you don't really need this if we've got 630 00:24:19,120 --> 00:24:22,640 one person using the computer you don't 631 00:24:20,880 --> 00:24:24,400 need the access control if you've got 10 632 00:24:22,640 --> 00:24:25,919 people you probably do 633 00:24:24,400 --> 00:24:26,960 and you want to hope nobody notices 634 00:24:25,919 --> 00:24:28,720 which is 635 00:24:26,960 --> 00:24:30,080 just kind of another way of saying you 636 00:24:28,720 --> 00:24:32,880 don't want it to have a lot of 637 00:24:30,080 --> 00:24:35,279 significant impact on the performance of 638 00:24:32,880 --> 00:24:37,679 of the system 639 00:24:35,279 --> 00:24:40,240 or the usability of the system so the 640 00:24:37,679 --> 00:24:42,080 obvious um if you want to do a security 641 00:24:40,240 --> 00:24:43,840 feature the obvious thing to do is 642 00:24:42,080 --> 00:24:46,000 you're going to bolt access control on 643 00:24:43,840 --> 00:24:47,039 the side rather than cryptography and 644 00:24:46,000 --> 00:24:49,919 then 645 00:24:47,039 --> 00:24:50,799 do the other other things right so 646 00:24:49,919 --> 00:24:52,080 uh 647 00:24:50,799 --> 00:24:53,679 does this work 648 00:24:52,080 --> 00:24:55,120 well 649 00:24:53,679 --> 00:24:56,240 of course we're going to bring our 650 00:24:55,120 --> 00:24:58,559 security people there's our 651 00:24:56,240 --> 00:25:01,520 cryptographers in and ask them how we're 652 00:24:58,559 --> 00:25:02,960 going to do this oh 653 00:25:01,520 --> 00:25:05,840 sorry sorry 654 00:25:02,960 --> 00:25:06,960 so and there are a variety of things 655 00:25:05,840 --> 00:25:08,400 oh boy 656 00:25:06,960 --> 00:25:11,840 oh yeah i got a hit you know what i got 657 00:25:08,400 --> 00:25:14,080 ahead of myself here i'm sorry okay so 658 00:25:11,840 --> 00:25:15,919 and we're gonna 659 00:25:14,080 --> 00:25:16,960 because there are different ways people 660 00:25:15,919 --> 00:25:18,320 are going to want to use computers we're 661 00:25:16,960 --> 00:25:20,240 going to use different kinds of access 662 00:25:18,320 --> 00:25:21,919 control policies we're going to make 663 00:25:20,240 --> 00:25:24,080 them discretionary where you can decide 664 00:25:21,919 --> 00:25:25,840 who gets to look at your data you can 665 00:25:24,080 --> 00:25:28,640 make a mandatory where you don't get to 666 00:25:25,840 --> 00:25:31,440 decide it's based on what clearances you 667 00:25:28,640 --> 00:25:33,120 might have uh we're going to define that 668 00:25:31,440 --> 00:25:35,200 you need privileges to override the 669 00:25:33,120 --> 00:25:36,720 policy and we're going to do do 670 00:25:35,200 --> 00:25:38,400 something a little bit different this is 671 00:25:36,720 --> 00:25:39,840 something that hasn't been done before 672 00:25:38,400 --> 00:25:42,000 and that is we're going to ask for 673 00:25:39,840 --> 00:25:43,760 assurance 674 00:25:42,000 --> 00:25:45,679 that your system actually works the way 675 00:25:43,760 --> 00:25:47,039 you say it does now why are we going to 676 00:25:45,679 --> 00:25:48,960 going to start doing this we're going to 677 00:25:47,039 --> 00:25:50,799 start doing this 678 00:25:48,960 --> 00:25:53,039 because computer companies are notorious 679 00:25:50,799 --> 00:25:55,600 for saying for saying oh yes our 680 00:25:53,039 --> 00:25:57,840 computer does that 681 00:25:55,600 --> 00:25:59,279 even when it doesn't so 682 00:25:57,840 --> 00:26:01,600 the people in the government are 683 00:25:59,279 --> 00:26:03,279 starting to say fine 684 00:26:01,600 --> 00:26:04,960 these are the kinds of things we want 685 00:26:03,279 --> 00:26:06,640 you to do in order to prove to 686 00:26:04,960 --> 00:26:08,720 demonstrate to us 687 00:26:06,640 --> 00:26:11,279 that your secure system actually will 688 00:26:08,720 --> 00:26:13,039 will 689 00:26:11,279 --> 00:26:14,240 protect 690 00:26:13,039 --> 00:26:15,760 the 691 00:26:14,240 --> 00:26:18,559 the data that we've 692 00:26:15,760 --> 00:26:20,880 that we consider to be sensitive 693 00:26:18,559 --> 00:26:22,880 and so assurance let us 694 00:26:20,880 --> 00:26:25,120 let immediately to the the notion of 695 00:26:22,880 --> 00:26:27,600 process-based assurance 696 00:26:25,120 --> 00:26:29,440 process-based assurance which was 697 00:26:27,600 --> 00:26:30,640 manifest in the capability maturity 698 00:26:29,440 --> 00:26:32,240 model just 699 00:26:30,640 --> 00:26:33,440 simply says that 700 00:26:32,240 --> 00:26:35,840 because 701 00:26:33,440 --> 00:26:38,880 you can tell us good things about how it 702 00:26:35,840 --> 00:26:41,060 is you go about developing your code and 703 00:26:38,880 --> 00:26:42,480 verifying your code 704 00:26:41,060 --> 00:26:45,360 [Music] 705 00:26:42,480 --> 00:26:45,360 we're going to trust you 706 00:26:45,919 --> 00:26:50,799 relatively straightforward but um but a 707 00:26:48,720 --> 00:26:52,799 lot of people really grabbed onto this 708 00:26:50,799 --> 00:26:53,919 and ran with it so we had this community 709 00:26:52,799 --> 00:26:57,600 of 710 00:26:53,919 --> 00:26:58,880 assurance and process management 711 00:26:57,600 --> 00:27:02,240 people 712 00:26:58,880 --> 00:27:02,240 which led to another community 713 00:27:02,320 --> 00:27:08,400 which is the agile programming community 714 00:27:05,039 --> 00:27:10,000 where after several years of dealing 715 00:27:08,400 --> 00:27:11,679 with 716 00:27:10,000 --> 00:27:14,159 the government 717 00:27:11,679 --> 00:27:15,520 inspired notions of 718 00:27:14,159 --> 00:27:16,640 how you should be doing software 719 00:27:15,520 --> 00:27:18,399 development 720 00:27:16,640 --> 00:27:20,960 there's a rebellion 721 00:27:18,399 --> 00:27:23,679 kind of an anti-community a 722 00:27:20,960 --> 00:27:24,640 we don't want to be part of the 723 00:27:23,679 --> 00:27:26,880 uh 724 00:27:24,640 --> 00:27:28,399 classical assurance community we want to 725 00:27:26,880 --> 00:27:31,520 do things differently we want to do 726 00:27:28,399 --> 00:27:33,200 things our way we want to 727 00:27:31,520 --> 00:27:35,440 you know we want to interact with each 728 00:27:33,200 --> 00:27:37,520 other we don't want to write big big 729 00:27:35,440 --> 00:27:39,679 hairy documentation we just want to make 730 00:27:37,520 --> 00:27:41,919 sure that the code works 731 00:27:39,679 --> 00:27:41,919 so 732 00:27:42,960 --> 00:27:47,440 as a result of 733 00:27:45,760 --> 00:27:49,440 the the 734 00:27:47,440 --> 00:27:51,360 the security community coming up with 735 00:27:49,440 --> 00:27:52,880 process 736 00:27:51,360 --> 00:27:54,720 in excess 737 00:27:52,880 --> 00:27:55,679 the 738 00:27:54,720 --> 00:27:56,799 develop 739 00:27:55,679 --> 00:27:58,159 another part of the development 740 00:27:56,799 --> 00:27:59,520 community rebelled and created this 741 00:27:58,159 --> 00:28:02,640 other community which is the agile 742 00:27:59,520 --> 00:28:04,960 programming community and 743 00:28:02,640 --> 00:28:06,559 that's why it's like 744 00:28:04,960 --> 00:28:07,679 we're talking about community here after 745 00:28:06,559 --> 00:28:08,960 all 746 00:28:07,679 --> 00:28:10,960 um 747 00:28:08,960 --> 00:28:12,559 so back to access control you called in 748 00:28:10,960 --> 00:28:14,399 the cryptographers and said all right 749 00:28:12,559 --> 00:28:17,520 how are we going to do this you know we 750 00:28:14,399 --> 00:28:20,799 want to separate this information uh 751 00:28:17,520 --> 00:28:23,279 we want to make it easy for people to 752 00:28:20,799 --> 00:28:25,360 use the computers and have 753 00:28:23,279 --> 00:28:26,320 have their information safe from each 754 00:28:25,360 --> 00:28:28,960 other 755 00:28:26,320 --> 00:28:31,200 and the cryptographer said well we've 756 00:28:28,960 --> 00:28:32,880 got a few issues here the first one is 757 00:28:31,200 --> 00:28:35,440 that a lot of information is born 758 00:28:32,880 --> 00:28:35,440 sensitive 759 00:28:35,840 --> 00:28:39,200 if somebody comes up with a new idea on 760 00:28:38,159 --> 00:28:41,840 how to make 761 00:28:39,200 --> 00:28:42,840 nuclear weapons explode faster and 762 00:28:41,840 --> 00:28:45,600 brighter 763 00:28:42,840 --> 00:28:49,440 uh governments generally want that 764 00:28:45,600 --> 00:28:49,440 information to be held very secretive 765 00:28:49,520 --> 00:28:53,919 but you don't think and you can't write 766 00:28:54,000 --> 00:28:57,039 in 767 00:28:55,039 --> 00:28:59,120 in encrypted form you have to have the 768 00:28:57,039 --> 00:29:01,120 data before you can encrypt it and if 769 00:28:59,120 --> 00:29:03,120 you have the data and it's not encrypted 770 00:29:01,120 --> 00:29:05,279 so that it can be encrypted then it's 771 00:29:03,120 --> 00:29:06,480 accessible and you've failed your access 772 00:29:05,279 --> 00:29:08,080 control 773 00:29:06,480 --> 00:29:09,679 um and then once 774 00:29:08,080 --> 00:29:12,000 once you've encrypted it you can't use 775 00:29:09,679 --> 00:29:12,880 it until you decrypt it and there are of 776 00:29:12,000 --> 00:29:14,480 course 777 00:29:12,880 --> 00:29:17,279 exceptions to this 778 00:29:14,480 --> 00:29:18,799 and cryptography is expensive 779 00:29:17,279 --> 00:29:20,640 it 780 00:29:18,799 --> 00:29:22,799 um 781 00:29:20,640 --> 00:29:24,960 you want to use the most expensive 782 00:29:22,799 --> 00:29:27,840 cryptography you can afford to 783 00:29:24,960 --> 00:29:31,120 because your adversary is going to apply 784 00:29:27,840 --> 00:29:32,720 as much resources they can to break it 785 00:29:31,120 --> 00:29:34,720 so if you don't spend more money 786 00:29:32,720 --> 00:29:35,600 encrypting 787 00:29:34,720 --> 00:29:37,279 your 788 00:29:35,600 --> 00:29:39,760 your data 789 00:29:37,279 --> 00:29:43,120 then your adversary is willing to spend 790 00:29:39,760 --> 00:29:44,960 to decrypt it you lose 791 00:29:43,120 --> 00:29:47,200 so that wasn't going to work 792 00:29:44,960 --> 00:29:48,960 so what was going to work well 793 00:29:47,200 --> 00:29:51,120 we're going to have to have put access 794 00:29:48,960 --> 00:29:54,960 control in in the scope and in the 795 00:29:51,120 --> 00:29:57,840 context of an operating system 796 00:29:54,960 --> 00:29:59,279 or a computer system in the in whole and 797 00:29:57,840 --> 00:30:01,279 you've got file systems and memory 798 00:29:59,279 --> 00:30:04,080 management enterprise communication and 799 00:30:01,279 --> 00:30:06,840 you've got device drivers and you've got 800 00:30:04,080 --> 00:30:08,799 all kinds of other interesting 801 00:30:06,840 --> 00:30:11,679 networking all kinds of other 802 00:30:08,799 --> 00:30:12,799 interesting aspects of the system that 803 00:30:11,679 --> 00:30:14,640 you're going to have to do something 804 00:30:12,799 --> 00:30:16,640 with 805 00:30:14,640 --> 00:30:18,320 no simple solution 806 00:30:16,640 --> 00:30:20,399 okay well how are we going to go about 807 00:30:18,320 --> 00:30:22,240 doing this because when you actually 808 00:30:20,399 --> 00:30:23,760 look at how much it's going to be you're 809 00:30:22,240 --> 00:30:27,840 going to have to be be touching 810 00:30:23,760 --> 00:30:27,840 virtually every aspect of your system 811 00:30:28,320 --> 00:30:30,159 so first thing you're going to do of 812 00:30:29,360 --> 00:30:31,760 course you're going to call in your 813 00:30:30,159 --> 00:30:35,279 cryptographers because they're your 814 00:30:31,760 --> 00:30:36,799 security people and 815 00:30:35,279 --> 00:30:39,919 although they can't actually help 816 00:30:36,799 --> 00:30:41,919 directly very very much oh 817 00:30:39,919 --> 00:30:43,760 yeah some in some 818 00:30:41,919 --> 00:30:44,960 minor minor areas 819 00:30:43,760 --> 00:30:46,320 um 820 00:30:44,960 --> 00:30:48,000 but they're not going to be able to make 821 00:30:46,320 --> 00:30:49,440 the whole thing oracle the next thing 822 00:30:48,000 --> 00:30:51,360 you need somebody to come and make it 823 00:30:49,440 --> 00:30:52,720 give you a security model so you can 824 00:30:51,360 --> 00:30:54,399 tell whether you've actually implemented 825 00:30:52,720 --> 00:30:55,440 something or not 826 00:30:54,399 --> 00:30:58,320 you're going to get some system 827 00:30:55,440 --> 00:30:59,360 developers and what actually happened in 828 00:30:58,320 --> 00:31:00,720 in the 829 00:30:59,360 --> 00:31:03,760 1980s 830 00:31:00,720 --> 00:31:05,440 a lot of the computer vendors went to 831 00:31:03,760 --> 00:31:07,519 their development groups and said hey 832 00:31:05,440 --> 00:31:10,799 who wants to work on this 833 00:31:07,519 --> 00:31:12,720 and the senior people said uh i don't 834 00:31:10,799 --> 00:31:14,960 want to work on that 835 00:31:12,720 --> 00:31:18,159 that's scary um 836 00:31:14,960 --> 00:31:20,240 and so an awful lot of 837 00:31:18,159 --> 00:31:22,159 younger less experienced developers 838 00:31:20,240 --> 00:31:24,159 stood up and said this is an opportunity 839 00:31:22,159 --> 00:31:25,039 for me to actually make an impact i'm 840 00:31:24,159 --> 00:31:26,799 going to 841 00:31:25,039 --> 00:31:29,519 going to go for this this sounds like a 842 00:31:26,799 --> 00:31:29,519 really good idea 843 00:31:30,720 --> 00:31:34,320 the government wanted to see a lot see a 844 00:31:32,559 --> 00:31:36,240 lot of validation done 845 00:31:34,320 --> 00:31:37,919 uh so if you're going to add a whole lot 846 00:31:36,240 --> 00:31:41,519 of new new security features you're 847 00:31:37,919 --> 00:31:43,440 going to need some validators to do it 848 00:31:41,519 --> 00:31:45,760 and then the question went out well 849 00:31:43,440 --> 00:31:47,679 who knows about yeah who's been working 850 00:31:45,760 --> 00:31:49,200 with this who's been working with 851 00:31:47,679 --> 00:31:51,600 with 852 00:31:49,200 --> 00:31:54,399 these kind of secure security things 853 00:31:51,600 --> 00:31:56,640 who's got experience with 854 00:31:54,399 --> 00:31:57,840 um 855 00:31:56,640 --> 00:31:59,840 looking at 856 00:31:57,840 --> 00:32:01,840 the systems from the viewpoint of the 857 00:31:59,840 --> 00:32:03,519 people who are going to be breaking into 858 00:32:01,840 --> 00:32:05,760 it well 859 00:32:03,519 --> 00:32:07,039 are bad actors we're going to pull them 860 00:32:05,760 --> 00:32:07,919 in too 861 00:32:07,039 --> 00:32:09,600 um 862 00:32:07,919 --> 00:32:10,640 because they know a lot of stuff about 863 00:32:09,600 --> 00:32:12,559 this 864 00:32:10,640 --> 00:32:14,720 that the rest of us don't and especially 865 00:32:12,559 --> 00:32:17,120 we're junior a lot of junior people here 866 00:32:14,720 --> 00:32:18,159 we need need some guidance 867 00:32:17,120 --> 00:32:19,440 um 868 00:32:18,159 --> 00:32:21,519 they also brought in the system 869 00:32:19,440 --> 00:32:23,120 administrators because everybody 870 00:32:21,519 --> 00:32:24,640 realized that these are these were the 871 00:32:23,120 --> 00:32:26,720 poor assads who were going to actually 872 00:32:24,640 --> 00:32:29,760 have to make these things work 873 00:32:26,720 --> 00:32:31,919 in the real world and they're gonna have 874 00:32:29,760 --> 00:32:33,519 yeah they've been 875 00:32:31,919 --> 00:32:35,120 they've been uh fighting with the bad 876 00:32:33,519 --> 00:32:37,200 actors for a long time so let's bring 877 00:32:35,120 --> 00:32:38,720 some of them in too 878 00:32:37,200 --> 00:32:41,840 and we've got these weird people called 879 00:32:38,720 --> 00:32:43,200 the virus i'm calling the virus hunters 880 00:32:41,840 --> 00:32:45,440 because throughout this whole thing 881 00:32:43,200 --> 00:32:47,279 you've got 882 00:32:45,440 --> 00:32:49,600 people inspired by the morris worm who 883 00:32:47,279 --> 00:32:52,159 are putting bits of code out onto onto 884 00:32:49,600 --> 00:32:53,679 the internet 885 00:32:52,159 --> 00:32:55,840 that are gathering information and 886 00:32:53,679 --> 00:32:57,840 sending it back to 887 00:32:55,840 --> 00:32:59,679 back to a common place and gathering 888 00:32:57,840 --> 00:33:01,200 information like credit card numbers and 889 00:32:59,679 --> 00:33:03,919 the like and so you've got this whole 890 00:33:01,200 --> 00:33:06,480 industry this that's popped up 891 00:33:03,919 --> 00:33:07,600 that's doing nothing but tracking down 892 00:33:06,480 --> 00:33:10,320 bad 893 00:33:07,600 --> 00:33:11,760 bad stuff out on the internet now it 894 00:33:10,320 --> 00:33:12,720 turns out 895 00:33:11,760 --> 00:33:14,640 that 896 00:33:12,720 --> 00:33:16,000 um 897 00:33:14,640 --> 00:33:17,840 well 898 00:33:16,000 --> 00:33:19,679 okay so 899 00:33:17,840 --> 00:33:22,840 that was about so we've got all these 900 00:33:19,679 --> 00:33:25,840 people well it turns out 901 00:33:22,840 --> 00:33:27,760 um that uh there's a considerable amount 902 00:33:25,840 --> 00:33:29,440 of overlap between the people who are 903 00:33:27,760 --> 00:33:30,960 bad actors and the people who are system 904 00:33:29,440 --> 00:33:33,200 administrators 905 00:33:30,960 --> 00:33:34,720 uh at the very least from the community 906 00:33:33,200 --> 00:33:36,880 standpoint 907 00:33:34,720 --> 00:33:40,320 they they share a common interest which 908 00:33:36,880 --> 00:33:42,880 is using systems to which you do not you 909 00:33:40,320 --> 00:33:46,559 do not have necessarily have legitimate 910 00:33:42,880 --> 00:33:48,399 access or defining how to keep how to 911 00:33:46,559 --> 00:33:50,559 identify people who have legitimate 912 00:33:48,399 --> 00:33:53,279 access so there's there's a significant 913 00:33:50,559 --> 00:33:55,519 overlap there now the virus hunters 914 00:33:53,279 --> 00:33:55,519 there 915 00:33:55,679 --> 00:33:59,760 there was at least one company who i i 916 00:33:57,760 --> 00:34:01,919 won't mention by name 917 00:33:59,760 --> 00:34:04,080 that was notorious for 918 00:34:01,919 --> 00:34:06,799 finding viruses 919 00:34:04,080 --> 00:34:08,399 30 days after um 920 00:34:06,799 --> 00:34:10,560 after 921 00:34:08,399 --> 00:34:13,440 well 922 00:34:10,560 --> 00:34:15,679 their antivirus found viruses almost 923 00:34:13,440 --> 00:34:17,919 exactly 30 days after they they were 924 00:34:15,679 --> 00:34:20,320 introduced into 925 00:34:17,919 --> 00:34:21,760 into the marketplace or into add onto 926 00:34:20,320 --> 00:34:23,200 the internet so there's a lot of 927 00:34:21,760 --> 00:34:25,200 speculation they were writing the 928 00:34:23,200 --> 00:34:27,280 viruses putting them out 929 00:34:25,200 --> 00:34:29,359 um and then discovering them and 930 00:34:27,280 --> 00:34:30,879 charging people for the for the 931 00:34:29,359 --> 00:34:32,399 privilege so 932 00:34:30,879 --> 00:34:35,839 yeah there was a little bit of bad 933 00:34:32,399 --> 00:34:35,839 acting going on there 934 00:34:36,159 --> 00:34:39,359 and then of course our system developers 935 00:34:37,760 --> 00:34:42,000 and our validators 936 00:34:39,359 --> 00:34:44,000 started working with the bad actors 937 00:34:42,000 --> 00:34:46,879 because they 938 00:34:44,000 --> 00:34:46,879 they're able to see 939 00:34:47,119 --> 00:34:50,639 how much 940 00:34:48,399 --> 00:34:51,919 knowledge there was how much innovation 941 00:34:50,639 --> 00:34:53,839 there was 942 00:34:51,919 --> 00:34:57,200 and 943 00:34:53,839 --> 00:34:58,000 to be honest if you want to actually 944 00:34:57,200 --> 00:34:58,960 you know 945 00:34:58,000 --> 00:35:00,880 yes 946 00:34:58,960 --> 00:35:03,040 understand and make sure that what 947 00:35:00,880 --> 00:35:04,560 you're doing is actually going to work 948 00:35:03,040 --> 00:35:05,599 you want to make sure that the people 949 00:35:04,560 --> 00:35:08,320 who 950 00:35:05,599 --> 00:35:10,400 are good at breaking it 951 00:35:08,320 --> 00:35:13,760 are involved and so that you can 952 00:35:10,400 --> 00:35:13,760 actually get them stumped 953 00:35:14,640 --> 00:35:17,839 one of the the bright spots on this 954 00:35:16,960 --> 00:35:20,079 though 955 00:35:17,839 --> 00:35:22,079 is one of the techniques that that the 956 00:35:20,079 --> 00:35:24,400 bad actors have been using 957 00:35:22,079 --> 00:35:26,320 for a long time to to break into to 958 00:35:24,400 --> 00:35:28,160 figure out how to break into something 959 00:35:26,320 --> 00:35:30,160 called fuzz testing 960 00:35:28,160 --> 00:35:31,839 all validators 961 00:35:30,160 --> 00:35:34,240 are starting to are looking at this and 962 00:35:31,839 --> 00:35:36,160 going wait a second we can use that to 963 00:35:34,240 --> 00:35:37,839 test all kinds of things not just 964 00:35:36,160 --> 00:35:40,800 whether you can you know whether there's 965 00:35:37,839 --> 00:35:43,520 a stack overflow in here i can use that 966 00:35:40,800 --> 00:35:45,440 just kind of to to wang it you know to 967 00:35:43,520 --> 00:35:48,079 to bang at the system 968 00:35:45,440 --> 00:35:50,160 and see what else breaks well now we're 969 00:35:48,079 --> 00:35:52,640 using fuzz testing to define just about 970 00:35:50,160 --> 00:35:52,640 everything 971 00:35:54,560 --> 00:35:59,200 but as it turns out from the again from 972 00:35:56,880 --> 00:36:02,560 the standpoint of the community 973 00:35:59,200 --> 00:36:04,560 what we find in here is yeah who really 974 00:36:02,560 --> 00:36:06,800 is the linchpin you know who really is 975 00:36:04,560 --> 00:36:09,119 the the 976 00:36:06,800 --> 00:36:11,599 the binding force between 977 00:36:09,119 --> 00:36:14,720 within the security community 978 00:36:11,599 --> 00:36:16,960 well it turns out it's the bad actor 979 00:36:14,720 --> 00:36:19,359 the bad the bad actor is the heart of 980 00:36:16,960 --> 00:36:22,400 the community in that that is the it's 981 00:36:19,359 --> 00:36:25,760 the commonalities it's that which 982 00:36:22,400 --> 00:36:27,599 which brings it together 983 00:36:25,760 --> 00:36:29,359 we would like that not to be the case we 984 00:36:27,599 --> 00:36:30,640 would like 985 00:36:29,359 --> 00:36:32,880 there to be 986 00:36:30,640 --> 00:36:35,920 a more positive message there but the 987 00:36:32,880 --> 00:36:37,200 reality is this is where 988 00:36:35,920 --> 00:36:38,160 the community 989 00:36:37,200 --> 00:36:41,560 actually 990 00:36:38,160 --> 00:36:41,560 comes together 991 00:36:41,760 --> 00:36:46,079 now i'm going to going to uh 992 00:36:43,920 --> 00:36:48,480 to pop off onto another another little 993 00:36:46,079 --> 00:36:49,520 added note here this is one of my 994 00:36:48,480 --> 00:36:51,680 favorite 995 00:36:49,520 --> 00:36:54,400 government intervention things 996 00:36:51,680 --> 00:36:57,839 community issues why is it that the 997 00:36:54,400 --> 00:37:00,079 linux community in particular is so so 998 00:36:57,839 --> 00:37:02,400 aggressively global 999 00:37:00,079 --> 00:37:05,680 well one of the reasons why 1000 00:37:02,400 --> 00:37:07,440 was that early on in the 1001 00:37:05,680 --> 00:37:08,720 the linux world 1002 00:37:07,440 --> 00:37:11,760 the us 1003 00:37:08,720 --> 00:37:13,599 had very strict laws about cryptography 1004 00:37:11,760 --> 00:37:15,760 and the exportation of cryptographic 1005 00:37:13,599 --> 00:37:17,839 algorithms 1006 00:37:15,760 --> 00:37:20,839 and 1007 00:37:17,839 --> 00:37:23,920 it's applied even to open source so 1008 00:37:20,839 --> 00:37:26,560 um technically if you 1009 00:37:23,920 --> 00:37:27,839 had some cryptographic uh 1010 00:37:26,560 --> 00:37:29,520 algorithms 1011 00:37:27,839 --> 00:37:30,720 and you shared them with somebody who 1012 00:37:29,520 --> 00:37:33,520 was 1013 00:37:30,720 --> 00:37:36,720 uh not a u.s citizen not authorized to 1014 00:37:33,520 --> 00:37:38,160 see them you could go to jail now this 1015 00:37:36,720 --> 00:37:39,760 is true whether you were an american 1016 00:37:38,160 --> 00:37:41,839 citizen or not 1017 00:37:39,760 --> 00:37:43,520 so 1018 00:37:41,839 --> 00:37:45,839 there was a lot of concern among 1019 00:37:43,520 --> 00:37:48,640 european developers especially crypto 1020 00:37:45,839 --> 00:37:50,240 developers of crypt cryptography 1021 00:37:48,640 --> 00:37:51,920 who were starting to make them available 1022 00:37:50,240 --> 00:37:54,079 open source 1023 00:37:51,920 --> 00:37:56,240 i make it open source 1024 00:37:54,079 --> 00:37:59,440 i go to america 1025 00:37:56,240 --> 00:38:02,000 and i read my paper and they arrest me 1026 00:37:59,440 --> 00:38:03,040 hmm not a good idea 1027 00:38:02,000 --> 00:38:04,400 so 1028 00:38:03,040 --> 00:38:06,560 that led to 1029 00:38:04,400 --> 00:38:07,680 one of the earliest uh 1030 00:38:06,560 --> 00:38:09,760 major 1031 00:38:07,680 --> 00:38:11,920 events in 1032 00:38:09,760 --> 00:38:14,640 the lynx world was the autolytics 1033 00:38:11,920 --> 00:38:14,640 symposium 1034 00:38:15,280 --> 00:38:19,760 it was very accessible to people in the 1035 00:38:17,200 --> 00:38:21,839 u.s but it was also accessible to people 1036 00:38:19,760 --> 00:38:23,920 outside the world and this was a very 1037 00:38:21,839 --> 00:38:25,280 this was a globalization 1038 00:38:23,920 --> 00:38:27,520 it 1039 00:38:25,280 --> 00:38:27,520 took 1040 00:38:28,480 --> 00:38:33,680 american leadership 1041 00:38:31,119 --> 00:38:35,520 out of the equation made 1042 00:38:33,680 --> 00:38:37,920 it had to be global 1043 00:38:35,520 --> 00:38:40,320 because in order to actually 1044 00:38:37,920 --> 00:38:42,240 get the people who were involved to 1045 00:38:40,320 --> 00:38:45,240 participate you couldn't do it in the 1046 00:38:42,240 --> 00:38:45,240 u.s 1047 00:38:48,240 --> 00:38:51,440 now 1048 00:38:49,119 --> 00:38:53,040 i promise some predictions in my my 1049 00:38:51,440 --> 00:38:55,760 abstract and so i should probably 1050 00:38:53,040 --> 00:38:57,440 actually uh make a few okay my first 1051 00:38:55,760 --> 00:38:59,359 predict prediction is that the security 1052 00:38:57,440 --> 00:39:01,280 community will make will remain 1053 00:38:59,359 --> 00:39:03,200 fractious and diverse 1054 00:39:01,280 --> 00:39:04,880 there are a lot of things that people 1055 00:39:03,200 --> 00:39:07,280 consider security it's a lot of things 1056 00:39:04,880 --> 00:39:08,240 people consider important 1057 00:39:07,280 --> 00:39:10,880 and 1058 00:39:08,240 --> 00:39:12,720 we still have the bad actors out there 1059 00:39:10,880 --> 00:39:14,560 we have corporate bad act we have 1060 00:39:12,720 --> 00:39:17,359 companies that do nothing but try to 1061 00:39:14,560 --> 00:39:20,640 break other people's systems 1062 00:39:17,359 --> 00:39:21,520 both officially and and not officially 1063 00:39:20,640 --> 00:39:24,320 and 1064 00:39:21,520 --> 00:39:26,000 all kinds of ideas as to how security 1065 00:39:24,320 --> 00:39:27,920 should be done 1066 00:39:26,000 --> 00:39:29,680 because the computer i'm presenting on 1067 00:39:27,920 --> 00:39:32,880 now is 1068 00:39:29,680 --> 00:39:33,920 20 20 000 times faster 1069 00:39:32,880 --> 00:39:37,680 than 1070 00:39:33,920 --> 00:39:40,000 the vax 1178 than than the machines that 1071 00:39:37,680 --> 00:39:42,720 were being used at the time of the 1072 00:39:40,000 --> 00:39:42,720 morris worm 1073 00:39:43,760 --> 00:39:48,800 the security community's issues will 1074 00:39:45,440 --> 00:39:51,200 continue to be user experience 1075 00:39:48,800 --> 00:39:53,599 making a delightful user experience for 1076 00:39:51,200 --> 00:39:56,320 computer security 1077 00:39:53,599 --> 00:39:58,640 hasn't been achieved yet 1078 00:39:56,320 --> 00:40:01,119 it's one of my my goals somehow my 1079 00:39:58,640 --> 00:40:02,800 dreams but we'll see 1080 00:40:01,119 --> 00:40:04,319 performance is always going to be a 1081 00:40:02,800 --> 00:40:06,400 problem because 1082 00:40:04,319 --> 00:40:08,000 everybody knows that security makes 1083 00:40:06,400 --> 00:40:10,240 things slower 1084 00:40:08,000 --> 00:40:12,240 whether that's true or not and new 1085 00:40:10,240 --> 00:40:14,240 technologies 1086 00:40:12,240 --> 00:40:17,119 when we go to yeah 1087 00:40:14,240 --> 00:40:18,960 when somebody introduces tri-state 1088 00:40:17,119 --> 00:40:21,119 memory um 1089 00:40:18,960 --> 00:40:24,079 how are we going to have row 1090 00:40:21,119 --> 00:40:25,839 sledgehammer are we going to have row 1091 00:40:24,079 --> 00:40:27,119 steam hammer what kind are we going to 1092 00:40:25,839 --> 00:40:28,800 have what kind of problems are we going 1093 00:40:27,119 --> 00:40:30,480 to have with that 1094 00:40:28,800 --> 00:40:32,160 people introduce new technologies all 1095 00:40:30,480 --> 00:40:33,839 the time without 1096 00:40:32,160 --> 00:40:37,319 doing serious consideration of the 1097 00:40:33,839 --> 00:40:37,319 security implications 1098 00:40:38,400 --> 00:40:41,599 okay and finally there's a whole lot of 1099 00:40:40,400 --> 00:40:43,599 things i 1100 00:40:41,599 --> 00:40:45,440 couldn't get to today 1101 00:40:43,599 --> 00:40:46,800 containers virtualization static 1102 00:40:45,440 --> 00:40:49,119 analysis 1103 00:40:46,800 --> 00:40:51,040 back porting supply chain artificial 1104 00:40:49,119 --> 00:40:52,960 intelligence and privacy 1105 00:40:51,040 --> 00:40:55,359 artificial intelligence and privacy are 1106 00:40:52,960 --> 00:40:57,280 a wonderful combination 1107 00:40:55,359 --> 00:40:58,800 we could talk talk for days about that 1108 00:40:57,280 --> 00:41:02,880 and a whole bunch of other things that 1109 00:40:58,800 --> 00:41:06,960 i'm just sorry i couldn't get to today 1110 00:41:02,880 --> 00:41:08,640 but anyway thank you very much um i 1111 00:41:06,960 --> 00:41:11,760 think i might have actually have a time 1112 00:41:08,640 --> 00:41:11,760 for a question or two 1113 00:41:16,319 --> 00:41:22,160 betsy just don't mute you mike right 1114 00:41:20,160 --> 00:41:25,440 it's gonna happen i did it once 1115 00:41:22,160 --> 00:41:27,839 yesterday i did it again today okay so 1116 00:41:25,440 --> 00:41:31,359 we do have a few questions we probably 1117 00:41:27,839 --> 00:41:33,760 only have time for one maybe two um 1118 00:41:31,359 --> 00:41:35,839 so the current top voted question is 1119 00:41:33,760 --> 00:41:38,319 what's the suggestion to the software 1120 00:41:35,839 --> 00:41:40,000 testers how should we validate security 1121 00:41:38,319 --> 00:41:42,079 software 1122 00:41:40,000 --> 00:41:44,560 how to revalidate 1123 00:41:42,079 --> 00:41:46,880 how should we validate security software 1124 00:41:44,560 --> 00:41:49,839 how should we validate security software 1125 00:41:46,880 --> 00:41:51,440 we should read the documentation 1126 00:41:49,839 --> 00:41:52,400 and 1127 00:41:51,440 --> 00:41:55,440 read the 1128 00:41:52,400 --> 00:41:58,720 first off get the documentation if it 1129 00:41:55,440 --> 00:42:03,079 hasn't been written hit people very 1130 00:41:58,720 --> 00:42:03,079 hit people very um 1131 00:42:03,680 --> 00:42:09,200 lovingly but not but firmly 1132 00:42:07,280 --> 00:42:11,280 to get the documentation 1133 00:42:09,200 --> 00:42:13,440 and then 1134 00:42:11,280 --> 00:42:14,960 when you have that documentation as to 1135 00:42:13,440 --> 00:42:18,560 how it's supposed to work then you can 1136 00:42:14,960 --> 00:42:19,599 decide whether or not it does work 1137 00:42:18,560 --> 00:42:21,359 fair 1138 00:42:19,599 --> 00:42:22,800 uh docs are critical 1139 00:42:21,359 --> 00:42:24,880 all right so 1140 00:42:22,800 --> 00:42:27,680 we've got a question that received an 1141 00:42:24,880 --> 00:42:29,760 awful lot of votes very quickly 1142 00:42:27,680 --> 00:42:31,680 what do you feel is the biggest draw for 1143 00:42:29,760 --> 00:42:33,680 bad actors these days and it's my 1144 00:42:31,680 --> 00:42:35,280 current approach 1145 00:42:33,680 --> 00:42:38,160 money is 1146 00:42:35,280 --> 00:42:39,760 yeah okay makes the world go around hey 1147 00:42:38,160 --> 00:42:41,680 um and 1148 00:42:39,760 --> 00:42:43,599 the second part of the question is is 1149 00:42:41,680 --> 00:42:46,079 the current approach of bug bounties 1150 00:42:43,599 --> 00:42:50,240 enough to combat those attractions bug 1151 00:42:46,079 --> 00:42:53,599 bat bounties are a really bad idea 1152 00:42:50,240 --> 00:42:54,720 bug batty bug bounties um encourage 1153 00:42:53,599 --> 00:42:56,960 people 1154 00:42:54,720 --> 00:42:56,960 to 1155 00:42:57,200 --> 00:43:01,280 do two things first off they encourage 1156 00:42:59,119 --> 00:43:04,000 people to go looking for things 1157 00:43:01,280 --> 00:43:05,680 and if they can't make enough money have 1158 00:43:04,000 --> 00:43:07,520 if they find something and they can't 1159 00:43:05,680 --> 00:43:09,440 make enough make a significant amount of 1160 00:43:07,520 --> 00:43:11,599 money exploiting it 1161 00:43:09,440 --> 00:43:14,560 uh then they can make some money 1162 00:43:11,599 --> 00:43:17,680 on a bug bounty the problem with bug 1163 00:43:14,560 --> 00:43:17,680 bounties is that 1164 00:43:18,000 --> 00:43:21,680 they encourage people 1165 00:43:19,920 --> 00:43:23,760 to 1166 00:43:21,680 --> 00:43:25,119 be sneaky 1167 00:43:23,760 --> 00:43:27,599 rather than 1168 00:43:25,119 --> 00:43:28,800 i would much rather have people say 1169 00:43:27,599 --> 00:43:30,800 i don't wanna 1170 00:43:28,800 --> 00:43:32,800 i don't want you to i'm not gonna pay 1171 00:43:30,800 --> 00:43:35,200 you for a bug i'm gonna pay you for a 1172 00:43:32,800 --> 00:43:37,040 patch to fix the bug 1173 00:43:35,200 --> 00:43:38,800 that makes sense 1174 00:43:37,040 --> 00:43:41,200 that that makes sense 1175 00:43:38,800 --> 00:43:42,560 reward the actual improvement that's 1176 00:43:41,200 --> 00:43:43,520 correct 1177 00:43:42,560 --> 00:43:46,560 okay 1178 00:43:43,520 --> 00:43:49,440 so we are out of time casey um thanks so 1179 00:43:46,560 --> 00:43:52,400 much i know the audience appreciated 1180 00:43:49,440 --> 00:43:54,079 your talk uh and your beautiful diagrams 1181 00:43:52,400 --> 00:43:55,599 and illustrations 1182 00:43:54,079 --> 00:43:58,079 um so 1183 00:43:55,599 --> 00:44:01,520 there were still a few questions left um 1184 00:43:58,079 --> 00:44:04,079 in there are you happy to head over um 1185 00:44:01,520 --> 00:44:06,319 to the post talk text chat i will do 1186 00:44:04,079 --> 00:44:08,319 that right now excellent so the 1187 00:44:06,319 --> 00:44:11,359 volunteer team will copy the questions 1188 00:44:08,319 --> 00:44:14,400 over to the post talk chat kaya theatre 1189 00:44:11,359 --> 00:44:17,760 channel in venulis uh thank you very 1190 00:44:14,400 --> 00:44:19,839 much casey um we now have a very short 1191 00:44:17,760 --> 00:44:21,119 break everyone and we'll be back in 10 1192 00:44:19,839 --> 00:44:23,839 minutes 1193 00:44:21,119 --> 00:44:23,839 bye