1
00:00:02,540 --> 00:00:06,010
Module we're about to begin is entitled general security principals

2
00:00:12,770 --> 00:00:13,830
in this part of the seminar.

3
00:00:13,830 --> 00:00:20,570
We will discuss the so-called 10 immutable laws of security created in 2000 by Scott Kulp from the Microsoft

4
00:00:20,570 --> 00:00:24,490
Security Response Center.

5
00:00:24,550 --> 00:00:28,570
We will look into the principles or laws which you see in the slide above.

6
00:00:28,570 --> 00:00:35,290
One by one we'll also try to determine whether principles created 12 years ago are still valid.

7
00:00:37,490 --> 00:00:41,860
When they were published they sparked a heated discussion in the I.T. security circles.

8
00:00:45,390 --> 00:00:50,080
The principals were praised by some for their universal message.

9
00:00:50,240 --> 00:00:54,800
However many thought that these rules were an attempt to shift responsibility for bugs in the Microsoft

10
00:00:54,800 --> 00:01:03,830
Windows software from the company to the users and administrators.

11
00:01:03,880 --> 00:01:09,880
The first law states if a bad guy can persuade you to run his program on your computer it's not solely

12
00:01:09,880 --> 00:01:11,330
your computer anymore.

13
00:01:13,870 --> 00:01:19,570
Please remember that these laws were created in 2000 when Windows 98 was the most widely used system

14
00:01:19,870 --> 00:01:25,030
and millenium and enty versions were rarely chosen.

15
00:01:25,090 --> 00:01:32,250
The bugs of previous versions of the system were fixed in Windows 2000 with Windows 95 and 98 were simply

16
00:01:32,250 --> 00:01:39,870
unsecure nable nor were they stable any program you ran on these systems took control over.

17
00:01:42,000 --> 00:01:44,640
If the program is faulty unhappen the crash.

18
00:01:44,880 --> 00:01:51,590
The whole system crashed with it neither the system gave you the possibility to preempt the strike.

19
00:01:51,670 --> 00:01:56,870
There were no access control lists no user privileges.

20
00:01:56,910 --> 00:02:01,290
That's why the first law is particularly important for Microsoft.

21
00:02:01,320 --> 00:02:03,700
It turns out that this principle is still valid.

22
00:02:05,740 --> 00:02:11,470
In modern operating systems there are few security boundaries that is mechanisms which limit and restrict

23
00:02:11,590 --> 00:02:12,900
programs operations

24
00:02:15,590 --> 00:02:16,190
to this day.

25
00:02:16,190 --> 00:02:24,510
No program or process has such a boundary one process can modify the data used by another process and

26
00:02:24,510 --> 00:02:30,690
a process started by the administrator can even modify the system data.

27
00:02:30,740 --> 00:02:36,010
Even today users don't exercise much control over running programs.

28
00:02:36,040 --> 00:02:40,490
We trust that a program does what we want it to.

29
00:02:40,490 --> 00:02:45,190
This is the main reason why we have to be very cautious when starting programs from unreliable sources

30
00:02:46,200 --> 00:02:51,240
such as the Internet or peer to peer networks surfing the Internet.

31
00:02:51,240 --> 00:02:57,180
You have to be cautious with even well-known and potentially safe Web sites.

32
00:02:57,180 --> 00:03:02,640
Please note that we usually download programs for the HTP protocol.

33
00:03:02,650 --> 00:03:09,450
This means that it's possible to modify the data during the transmission for instance the way the program

34
00:03:09,450 --> 00:03:12,700
works can be changed.

35
00:03:12,760 --> 00:03:18,040
The program can work appropriately in the web browser but the copy you download may be infected with

36
00:03:18,040 --> 00:03:20,970
a trojan which will start when you launch the program.

37
00:03:22,900 --> 00:03:27,760
Such types of attacks are well known and well documented.

38
00:03:27,810 --> 00:03:30,310
It's very hard to protect your computer against them.

39
00:03:35,330 --> 00:03:39,890
Administrators may introduce measures that would allow users to start only trusted programs

40
00:03:42,960 --> 00:03:48,880
in the right hand side of the slide you can see the Internet Explorer running in the safe mode.

41
00:03:48,890 --> 00:03:54,950
This means it's running in it's own virtual environment this protects the operating system from possible

42
00:03:54,950 --> 00:04:01,880
modifications that could be introduced without the user's knowledge the solution will only protect you

43
00:04:01,880 --> 00:04:06,910
against Internet threats such as I-frame cookies.

44
00:04:06,960 --> 00:04:10,770
It won't stop you however from opening a file that you downloaded from the Internet.

45
00:04:12,640 --> 00:04:16,630
The first law is still valid.

46
00:04:16,650 --> 00:04:21,300
The consequences of an attack can be limited if you run the programs on an account with administrator

47
00:04:21,300 --> 00:04:24,440
privileges.

48
00:04:24,500 --> 00:04:29,610
In particular you shouldn't do that when it comes to programs that communicate with untrusted computers.