Outline for November 15, 2005

Reading: K. Thompson, "Reflections on Trusting Trust," Communications of the ACM 27 (8) pp. 761-763 (Aug. 1984).

1. Recording property electronically
   1. Goals of recording property
   2. Overview of process
   3. Architecture of a solution
   4. Tests and problems
   5. Current state of e-recordation in California
2. Malicious logic
   1. Trojan horses, including replicatiing Trojan horses
   2. Computer viruses
      1. Boot sector infectors
      2. Executable infectors
      3. Multipartite viruses
      4. TSR viruses
      5. Stealth viruses
      6. Encrypted viruses
      7. Polymorphic viruses
      8. Macro viruses
   3. Computer worms
   4. Rabbits, bacteria
   5. Logic bombs
3. Defenses
   1. Cannot write a program to detect computer viruses without error
   2. Can detect all such programs if willing to accept false positives
   3. Can constrain case enough to locate specific malicious logic, using:
      1. Type checking (data vs. instructions)
      2. Limiting rights (sandboxing)
      3. Limiting sharing
      4. Preventing or detecting changes to files
      5. Prevent code from acting beyond specification (proof carrying code)
      6. Check statistical characteristics of programs (more authors than known, constructs in object files not corresponding to anything in the source)

Puzzle of the Day

When you play certain Sony music CDs on your Windows system, the CD installs special software to play Sony's CDs. This software enforce Sony's Digital Rights Management (DRM) policies. This software cloaks itself so the user cannot see many associated files, by hiding files whose name begins with "$sys$". It also installs a new version of the CD device driver that restricts the number of times you can copy the Sony CD. The software mimiced a type of program that compromises a system once the attacker has gained administrator privileges; this program is called rootkit.

The software was discovered by a Windows expert who noticed a problem with his system. After considerable work, and publicity, he posted that:

• Sony denied that the rootkit poses a security or reliability threat despite the obvious risks of both.
• Sony claims that users don't care about rootkits because they don't know what a rootkit is.
• The installation provides no way to safely uninstall the software.
• Without obtaining consent from the user, Sony's player informs Sony every time it plays a "protected" CD.

Do you believe Sony's actions are an effective way to enforce its rights to protect its music? What are its drawbacks