1 / 15

Plug-in and Automatic update security

Plug-in and Automatic update security. Presented by Maxamed Hilowle. The topic Presentation. Insecurities within automatic update systems Can patching let a cracker in?. Abstract Model. Confidentiality Secure Compound Integrity A cyclic redundancy check (CRC) / Hash Certificates Development

helmut
Download Presentation

Plug-in and Automatic update security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Plug-in and Automatic update security Presented by Maxamed Hilowle

  2. The topic Presentation • Insecurities within automatic update systems • Can patching let a cracker in?.

  3. Abstract Model ConfidentialitySecure Compound IntegrityA cyclic redundancy check (CRC) / HashCertificatesDevelopment AvailabilitySeveral update sources

  4. Process Model • In order to translate a CIA model to the Security update mechanism, the following process was established;

  5. Confidentiality • Confidentiality is an import criteria for security. • And the users would consider to be a threat when confidentiality is compromised.

  6. Attacks • In order to capture all data from all systems on a network, the attacker can use a technique called Address Resolution Protocol (ARP) spoofing.

  7. Attacks • In that case an attacker might derive how update systems work. • Confidentiality is compromised when data is intercepted to obtain sensitive information

  8. Integrity • Integrity refers to the validity of data. Validity might be impaired by transmission faults and alteration of the contents by attackers. • Reassurance to the receiver that the message has not been altered since it was transmitted by the sender.

  9. The attacker stands between the system and update server.

  10. This attacks know as Domain Name System DNS spoofing , and it can be a powerful attack method for hacking update mechanisms. • The attacker can redirect the update program to our own server and maybe even update the application with his own malicious code (Man-in-the-middle).

  11. Availability • Updates frequently fix security issues in programs. • If a vulnerability is known, and the available patch not applied, the system is vulnerable • for attackers. Therefore, updates should be easy to acquire.

  12. Automatic update Sun provides an automatic update system to keep the virtual machine updated with the latest patches, This system called jusched.exe is automatically installed under Windows operating systems. If the update system finds a new update, it notifies the user and automatically install updates.

  13. Windows users they ignore these warnings, and most users run as administrator under Windows, it might silently install a virus while installing a modified version of JRE.

  14. Conclusion • The developers can make the update mechanism itself more secure. • The users can be more cautious when using such a system.

  15. You can find more details and how DNS, ARP spoofing and other well known attacks work • http://technorati.com/videos/youtube.com%2Fwatch%3Fv%3D9z8i9SQr_s8 • http://technorati.com/videos/tag/arp+spoofing • http://technorati.com/videos/youtube.com%2Fwatch%3Fv%3DHppWr3mKwW4 • http://technorati.com/videos/tag/dns+spoofing • http://www.parosproxy.org • http://www.slavasoft.com/hashcalc/index.htm • http://ettercap.sourceforge.net/ • http://www.wireshark.org/

More Related