Page 298 - DCAP103_Principle of operating system
P. 298

Unit 9: System Security



            The cyberthief can then ask the local name server for the IP address for XYZ Bank’s home page   Notes
            and learn when it will expire. At the moment of expiration, he again asks for the bank’s address
            and immediately sends out the 65,536 answers that list his own computer’s IP address as that
            of the bank. Under the DNS protocol, the local name server simply accepts the first answer that
            matches its codes; it does not check from where the answer came, and it ignores any additional
            replies. Even though XYZ Bank’s IP address has not really changed, the local name server still
            replaces the correct address with the hacker’s address and communicates the false information
            to customers.

            So, if our hacker gets his answers in first, the local name server will direct customers seeking
            XYZ Bank to his computer. Assuming that the hacker runs a convincing imitation of the bank’s
            sign-in page, customers will not realize that they are handing their confidential information
            over to a fake.
            Similar  flaws  plague  other  Internet  protocols,  such  as  the  Border  Gateway  Protocol  (BGP),
            which governs the pathways followed by data packets on the Internet. They also affect the
            Dynamic Host Configuration Protocol (DHCP), which roaming computers utilize to find network
            resources when they are connected in new locations. For example, suppose you are sitting in
            your favorite coffee shop and want to open a connection to the shop’s wireless router. Your
            laptop broadcasts a query for the server to identify itself, and DHCP directs that your laptop
            will accept the first response it gets as legitimate. If a hacker sitting across the room can fire off
            a reply before the coffee shop’s router does, your laptop will be connected to his. Everything
            will seem normal to you, but his computer can record all your communications and covertly
            direct you to malicious sites at will.
            Such vulnerabilities imperil more than individuals and commercial institutions. Secure
            installations in the government offices and the military can be compromised this way, too. And
            indeed there have been cases in which these loopholes did allow data to be stolen and records
            to be altered.
            How do we come to be in such a mess? The reasons are partly historical. Today’s protocols
            descend from ones developed 35 years ago when the Internet was still a research network. There
            was no need to safeguard the network against malicious entities. Now the Internet has opened up
            and grown explosively, but we have not developed inherently stronger security—the protocols
            still take  for granted  that  the  billions of people and devices online are both  competent and
            honest. Nobody ever went back to do the difficult job of developing inherently stronger security.

            Fixing the Internet protocols will be a formidable challenge. Some improvements are relatively
            simple to imagine—for example, switching to identification codes that use more than 16 bits—
            but would involve considerable work to adopt on a global basis. Techniques for authenticating
            that messages coming from the proper parties are well-developed, but those technologies are
            not necessarily fast enough to be embedded in all the routers on the Internet without bringing
            traffic to a crawl (or forcing prohibitive investments in new equipment). Some other important
            kinds of protocol improvements still need to be conceived. Of course, an essential feature of
            any new protocol is that it can be implemented without seriously disrupting Internet operations
            in the process.
            For these reasons and more, in its February 2005 report, the President’s Information Technology
            Advisory  Committee  (PITAC),  of  which  I  was  a  member,  strongly  recommended  increased
            federal funding for basic research into cybersecurity. The Department of Homeland Security
            currently devotes only one-tenth of 1 percent of its research budget to this concern. DARPA (the
            Defense Advanced Research Projects Agency) used to fund this kind of work more generously
            but its current focus is more narrowly military and its research on cybersecurity is classified,
            limiting the amount of research that can be conducted at universities, and inhibiting the transfer
            of technology to industry. The National Science Foundation studies the problem but can only
            do so much. And, although industry takes the problem seriously, inadequate profit incentives
            discourage companies from aggressively developing broad-based solutions.



                                             LOVELY PROFESSIONAL UNIVERSITY                                   291
   293   294   295   296   297   298   299   300   301   302   303