CS 155 April 15 2004 What s happening in this course Projects Web Browser Security First handed out last Thursday due next Thursday This is a lot of work but rewarding Lectures Cover topics in computer security Applications OS Network John Mitchell Reading Additional information about lecture topics Homework Pick up on topics not covered by projects Browser and Network Tuesday February 12 2002 request Browser Web site reply OS Hardware Network Browser sends requests May reveal private information in forms cookies Browser receives information code May corrupt state by running unsafe code Interaction susceptible to network attacks Consider network security later in the course Feb 2002 patch addresses A buffer overrun associated with an HTML directive Hackers could use this breach to run malicious code on a user s system A scripting vulnerability that would let an attacker read files on a user s systems A vulnerability related to the display of file names Hackers could misrepresent the name of a file and trick a user into downloading an unsafe file A vulnerability that would allow a Web page to improperly invoke an application installed on a user s system to open a file on a Web site more Microsoft Issues New IE Browser Security Patch By Richard Karpinski Microsoft has released a security patch that closes some major holes in its Internet Explorer browser The so called cumulative patch fixes six different IE problems Affected browsers include Internet Explorer 5 01 5 5 and 6 0 Microsoft rated the potential security breaches as critical MS announced 20 vulnerabilities on April 13 2004 Browser Security Check http www verisign com advisor check html What kind of security are they checking 1 Very Important Point More informative test site Security Cryptography Cookie Disclosure Clipboard Reading Program Execution File Execution Web Page Spoofing Security Zone Spoofing Hard Drive Access http browsercheck qualys com Browser security topics Basic Browser Session Cookies Cookie mechanism JunkBuster P3P www e buy com shopping cfm pID 269 item1 102030405 www e buy com Privacy Anonymizer Mobile code View Catalog JavaScript ActiveX Plug ins Java Select Item www e buy com shopping cfm pID 269 Check out www e buy com checkout cfm pID 269 item1 102030405 Store session information in URL Easily read on network Store info across sessions Cookie Ownership Cookies A cookie is a file created by an Internet site to store information on your computer Browser Browser Cookie Management Variations Enters form data Stores cookie Once a cookie is saved on your computer only the Web site that created the cookie can read it Server Temporary cookies Stored until you quit your browser Persistent cookies Remain until deleted or expire Browser Requests cookie Returns data Third party cookies Server Originates on or sent to another Web site Http is stateless protocol cookies add state 2 Third Party Cookies Example Mortgage Center Yahoo Privacy Center Yahoo sends most of the advertisements you see However we also allow third party ad servers to serve advertisements Because your web browser must request these from the ad network web site these companies can send their own cookies to your cookie file Opting Out of Third Party Ad Servers If you want to prevent a third party ad server from sending and reading cookies on your computer currently you must visit each ad network s web site individually and opt out if they offer this capability Cookie issues html title Mortgage Center title body http www loanweb com ad asp RLID 0b70at1ep0k9 Managing cookie policy via proxy Cookies maintain record of your browsing habits Cookie stores information as set of name value pairs May include any information a web site knows about you Sites track your activity from multiple visits to site Sites can share this information e g doubleclick Sites using DoubleClick place small graphic that causes user to request page from DoubleClick DoubleClick uses cookies to identify you on various sites Browser Proxy Network Cookie Jar Browser attacks could invade your privacy 08 Nov 2001 Users of Microsoft s browser and e mail programs could be vulnerable to having their browser cookies stolen or modified due to a new security bug in Internet Explorer IE the company warned today Sample Proxy Cookie management by policy in cookiefile Default all cookies are silently crunched Options Allow cookies only to from certain sites Block cookies to browser but allow to server Send vanilla wafers instead Block URLs matching any pattern in blockfile Example pattern ad matches http nomatterwhere com images advert g3487 gif Proxy intercepts request and response May modify cookies before sending to Browser Can do other checks filter ads block sites etc Preserving web privacy Your IP address may be visible to web sites This may reveal your employer ISP etc Can link activities on different sites different times Can you prevent sites from learning about you Anonymizer Single site that hides origin of web request Crowds Distributed solution Easy to write your own http proxy you can try this at home 3 Browsing Anonymizers Related approach to anonymity Web Anonymizer hides your IP address www anonymizer com cgi bin redirect cgi url Browser Anonymizer Server What does anonymizer com know about you Hide source of messages by routing them randomly Routers don t know for sure if the apparent source of the message is the actual sender or simply another router Only secure against local attackers Existing systems Freenet Crowds etc Crowds Reiter Rubin 98 C C C C C1 C0 sender C C3 C2 pf C4 Beyond suspicion C C C 1 pf What Does Anonymity Mean The observed source of the message is no more likely to be the actual sender than anybody else Probable innocence Probability 50 that the observed source of the message is the actual sender recipient Guaranteed by Crowds if there are sufficiently few corrupt routers Possible innocence Sender randomly chooses a path through the crowd Some routers are honest some corrupt After receiving a message honest router flips a coin Non trivial probability that the observed source of the message is not the actual sender With probability Pf routes to the next member on the path With probability 1 Pf sends directly to the recipient Something you can try at home Find out what sites know about you Anonymizer com other sites will tell you want they can find about your IP address Many other sites offer this too Controlling information from web Data is
View Full Document
Unlocking...