UW Computer Security Research and Course Blog

Although thanks to Sarah Connor from The Terminator, 1997 wasn’t quite the day machines went out of control, autonomous systems become more and more integrated into our lives. Although AI might take many years to get developed to the level of human intelligence, it is also possible that breakthrough is just around the corner. Therefore, in order to not be taken by surprise it is important to start addressing security of the autonomous systems on the broad level.
In this article I will address several concerns and possible ways to deal with them, as there are multiple assets at stake – human lives, material things, in fact, almost everything of reach and a little beyond.
I would categorize aspects of AI into two major categories – AI on mobile devices and AI on stationary devices, of which I will focus more on mobile, as, from the first glance, they seem to be the most dangerous, as can cause direct physical harm.
Who might be potential adversaries in the context of AI systems? Here are some of them: Creator of the devil machinery, outside person willing to exploit and manipulate the system, by giving it incentives. And apparently, AI system itself – even without the intention of the creator, some unknown processes might happen in neurons of the system.
There can be numerous judicial and technological means that can be implemented to reduce possible negative outcomes. I am not a big fan of restrictions, as it will drag development of the technology. Nevertheless, here are they:
Obvously, protection from unauthorized access and intrusion detection, using one of the common methods to prevent from accessing and manipulating hardware directly.
Here are more related specifically to AI:
Restriction on the AI algorithm  – do not allow algorithm which seemed to work, but could not be fully understood take care of the children, for example.
Restrictions on incentives for mobile robots – it is important to carefully think about what stimulus can be left and what should be eliminated, so that system doesn’t create a danger striving to reach for that incentive. Note, it is possibly, will not  be possible to make it always happy, as it might restrict its willingness to learn.
Allow only pre-learned machines to go wander on their own, thus, disabling learning capabilities.
Requirement of restricted weight/power – humans should be able to deal with them.

Although the cars that drive themselves will likely be safer, it is not so clear with fully developed learning AI system implanted in flexible mobile machinery, unless necessary precautions are implemented.
Additionally, there are numerous other questions, including ethical coming with further development of AI, such as whether it can be considered a slavery, for example. Regulations on Artificial intelligence systems are inevitable, and users and developers should be thinking of them and be prepared for them.

As part of an “expose’” on cyber crime, BBC’s “Click” team took it upon themselves to hire a botnet. With the stated goal of demonstrating the power of “cyber criminals” in today’s world, the journalists purchased the use of ~22,000 compromised machines. As part of their demonstration, they directed massive amounts of spam to two specific test addresses, and finally, used their botnet to bring down a security firm’s backup website via DDoS. The DDoS attack was done with permission from the “victim” company (Prevx).

Now the BBC group is in a spot of legal trouble as their use of a botnet could potentially implicate them in the violation of the UK’s Computer Misuse Act. While BBC claimed that their use of the botnet was purely academic, and therefore not criminal, they did take control of non-consenting citizens’ home PCs. More importantly, in purchasing the use of a botnet, reportedly at somewhere between $300-$400 per machine, the news network essentially funneled a few million dollars into the hands of cybercriminals. And all so that they could demonstrate what many papers and news articles before them already had.

The journalists, at surface level, did a good job of keeping things academic and avoiding any sort of cybercrime. They spammed their own test e-mail accounts. They DDoS’d a prepared and willing target. They also put warning documentation on the infected machines, at experiment’s conclusion, explaining to their users that they had been infected, and how to best avoid future infections. Ultimately, however, by mere involvement with and commandeering of hijacked personal machines – and especially thanks to funding the true criminal party – they did indeed commit some level of criminal act. To what degree they are held responsible is now a matter for the British courts to decide.

This is just one more occurrence in a string of botnet-related legal issues. A similar issue plagued German malware researchers with the means to potentially dissolve the Storm worm’s botnet(s) (see http://cubist.cs.washington.edu/Security/2009/01/11/storm-worm-cracked-but-defenses-may-not-fly/). It seems that academicians of all types are running into a fundamental problem with this particular security threat: there is no way to legally study it “in the wild.” The moment a researcher connects to a botnet, takes control of it, or otherwise interacts with it, he or she risks legal consequences. Whether or not any charges stick is a different matter, and quite frankly, it will take some time before reasonable precedents clarify the legal “consensus,” but regardless these issues represent a significant impediment to progress in anti-botnet research.

A politician in California, Assemblyman Joel Anderson, has just proposed legislation to be drafted that would require Google’s map application to blur satellite imagery of all schools, churches, and government buildings. The Assemblyman’s proposal would require not just Google, but all satellite-based imaging software to blur these locations under the law.

(Read on …)

In 2003, Leonardo Notarbartolo and a team of Italian thieves broke into the Antwerp Diamond Center and made off with $100 million worth of  diamonds, jewelry and other valuables.  The vault was protected by 10 layers of security including a combination lock, Doppler radar,  infrared heat detectors, and more.  For six years, he has refused to speak with any journalists regarding the crime until now.

Wired magazine has published an article detailing Notarbartolo’s story and how him and his team were able to circumvent all the various  security measures.  It was interesting to see that despite having 10 different high-tech security measures, when each problem was  considered individually, the exploit seemed simple yet ingenious.

For example, the infrared heat detector could be momentarily insulated using a thin layer of hairspray, buying enough time to physically  deactivate the detector.  Polyester shields could also insulate heat signatures, giving balcony access to the team.  Even though a forged  key was made, it turned out to be unnecessary because the guards simply kept it in a nearby supply room.

The question is, how could something like this have been prevented?  As I mentioned, when each individual security measure was considered,  each work-around seemed possible.  Considering all 10 security measures would be a daunting task.  What was interesting to note was that  each security layer protects the vault from becoming compromised, but there didn’t seem to be any specific countermeasures for preventing  someone from tampering with the security devices.  Considering how each security measure could be defeated and how security measures might  complement each other (i.e. protect each layer from tampering) would be a good way to prevent future break-ins.

Also, the thieves were able to break in because they were able to defeat predictable electronic devices.  Prior to the heist, they  gathered detailed information about the vault’s technologies, and they duplicated the vault and all its devices in order to simulate the  heist.  Once working details were confirmed, the same technology could be cracked consistently over and over.  At night, the security was  entrusted entirely to technology — no guard stood by at night to protect the vault.  Posting a guard would add a layer of uncertainty  that increases the risk of attempting a heist.

So that seems to beg the question, how much should we entrust technology to handle our problems?  From a security stand-point, probably  all technologies are fallible and are likely to fail in some way or another eventually.  At the same, the article brought up the issue of  possible insurance fraud.  There was the possibility that some of the diamond dealers were in on the heist and pulled out their inventory  secretly prior to the heist, collecting on the insurance money while keeping their diamonds.  That suggests that there wasn’t much of a  system for keeping track of where the diamonds were and whether they were really lost in the heist or not.  There needs to be a reliable  system for tracking safety deposit transactions while maintaining privacy.

This also brings up the eternal security question — how much security is sufficient?  You would suppose 10 layers of high-tech devices  would be enough to deter thieves from an attempt.  Does there need to be more security?  Or perhaps the security could be used in a more  efficient and effective way.  Who are the stakeholders?  It seems like the bank, the customers with the safety deposit boxes, and the  insurance companies should have an interest in answering these questions.

Overall, the article told an interesting story, almost as if it were out of a movie.  I highly suggest reading it just for entertainment  at the least.

Many operating systems include some sort of remote access solution by default. Windows XP, for example, ship with Microsoft’s Remote Desktop as a simple remote administration interface. Even OpenBSD, the Unix variant which is usually regarded as the most secure operating system available, includes SSH, which, again, is a simple and secure application that allows command-line access over a network connection to the remote computer.

Without the built-in applications, there are other solutions to control clients remotely with web-browsers, such as RemotelyAnywhere and LogMeIn. People can access their computer in which software that provided by these companies is installed on any platform.

These tools provide users convenience, but they bring security concerns as well. To control clients, first users login their account in which the list of all clients is stored. If this system were compromised, it would be easy for attackers to control clients.

(Read on …)

Computer scientists at the Harvard School of Engineering and Applied Sciences recently deployed the first “practical, Web-based, secure, verifiable voting system.” After testing through 2008 and early 2009, the system, dubbed “Helios,” was used for the university presidential elections at the Belgian Université Catholique de Louvain (UCL) in the first week of March 2009. The system uses asymmetric cryptography and mixnets to provide anonymity, ballot integrity, and open, public verifiability. The system is designed to be used to what they call “low-coercion” elections, because they have not provided any way for users to change their vote at another time if the user has been coerced into voting a certain way. But, the system does provide cryptographic auditing that allows any voter to verify that their vote has been correctly recorded, and allows anyone to verify that all recorded votes have been correctly tallied, something standard elections in the USA don’t even guarantee.

(Read on …)

PayPal, along with other services like Ebay, is an online tool used to transfer money that most are familiar with.  Web payment services are a major conveinence, but come with a number of significant risks.  Services like PayPal can allow merchants to support payment over the internet without the necessity of having their own payment infrastructure, at a relatively small fee.  Online shopping and payment for products and services of all kinds is very conveinent for users as well.

(Read on …)

Over the past five years or so, voice over IP has rapidly gained in popularity and use.  It touts cheaper calls for residential users and corporations can save big because additional extensions on a VoIP infrastructure are less costlythan their traditional phone system counterparts.  VoIP uses the same data lines as IP traffic to transmit voice.  As such, it faces many of the same security issues as digital data.

Assets:

• Reliable, time-sensitive communication: No matter how much of our global communication is moving to text-based solutions, telephone calls are still the best way to communicate quickly
• Privacy: Users disussing sensitive information want the content of their conversation to be accessible only to the intended parties.

Adversaries:

• Digital phreakers:  Phreakers in the days of analog phones exploited phones to be able to make free calls.  Similar feats have been accomplished with VoIP systems.
• Company rivals: They might seek to bring down a company’s communications to  reduce their ability to handle business.
• Profiteers: Can hold a company’s communications ransom

(Read on …)

This June, all U.S. television stations must shut off their analog broadcasts, and replace them with digital ones. In order to make the transition less painful, the DTV Coupon Program offers up to two coupons to every U.S. household, good for up to $40 each off the price of a DTV converter box. I recently received mine, and a glance at the magnetic stripe on the back of the card made me wonder what security issues the program might have.

ASSETS

• Consumer privacy / anonymity. If a consumer so chooses, they should be able to purchase a converter box with a coupon anonymously, revealing no personal information to the retailer, as if it were a cash transaction.
• DTV subsidy funds. No one should be able to spend more than their allotted portion of the subsidy funds.

ADVERSARIES / THREATS

• Retailers, who have financial incentive to uniquely identify and track consumers.
• Malicious consumers, who wish to use more than their fair share of the subsidy funds.

POTENTIAL WEAKNESSES / DEFENSES

• It turns out that the magstripe of the cards contains the consumer’s full name, allowing retailers to personally identify them. This is not ever disclosed to the consumer. This could have been avoided by instead encoding a unique, but non-personally-identifiable token instead. A consumer may still be able to use their card anonymously after blanking out or replacing their name on the magstripe, or by using an online retailer like Amazon.com, who doesn’t ask for the name the card was issued under.
• It might be possible for a single card to be used more than once, if two purchases are made using the same card simultaneously. If this is indeed the case, this attack could be prevented by using a two-phase commit to prevent a card from being pre-authorized for use more than once.

CONCLUSION

While there are still serious privacy concerns with the current system, it is not very costly to opt out of the system by paying an extra $40 for a converter box. On the other hand, the system appears to be relatively secure against malicious consumers, with no known attacks against it in the wild.

Google Latitude is yet another product available by the well established makers of the Gmail internet based mail system. Latitude is a web based service, running in sync with a client side application Google Gears, which allows Google to pinpoint your exact coordinates in the world and then in turn display them to their Google Maps for you to see. As is the case with many of Google’s applications, this application functions on many different platforms including Windows, Windows Mobile, Android, iPhone, etc.
Latitude is able to detect your location via any means possible. This includes GPS, Wi-Fi access points and even cell towers. It does this by simply triangulating your position with any of these three resources it can. Once your position has been located this information is uploaded on your latitude account by Google and available to all whom you’ve opted to share your location with. This can pose potential security threats.

(Read on …)