API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 20th, 2017
486
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 41.59 KB | None | 0 0
raw download clone embed print report
  1. \documentclass[10pt,xcolor=dvipsnames]{beamer}
  2.  
  3. \usetheme[progressbar=frametitle]{metropolis}
  4.  
  5. \usepackage{booktabs}
  6. \usepackage{tkz-graph}
  7.  
  8. \usepackage[default]{comicneue}
  9. \usepackage[T1]{fontenc}
  10.  
  11. %\usepackage[scale=2]{ccicons}
  12.  
  13. \usepackage{pgfplots}
  14. \usepgfplotslibrary{dateplot}
  15.  
  16. \usepackage{xspace}
  17. \newcommand{\themename}{\textbf{\textsc{metropolis}}\xspace}
  18.  
  19. % =================== Commands to allow hand-drawn style in tikz ==================
  20. \usepackage{tikz}
  21. \usetikzlibrary{decorations,positioning}
  22. \usetikzlibrary{calc, decorations.pathmorphing, patterns, arrows.meta}
  23.  
  24. \makeatletter
  25. \pgfdeclaredecoration{penciline}{initial}{
  26. \state{initial}[width=+\pgfdecoratedinputsegmentremainingdistance,auto corner on length=1mm,]{
  27. \pgfpathcurveto%
  28. {% From
  29. \pgfqpoint{\pgfdecoratedinputsegmentremainingdistance}
  30. {\pgfdecorationsegmentamplitude}
  31. }
  32. {% Control 1
  33. \pgfmathrand
  34. \pgfpointadd{\pgfqpoint{\pgfdecoratedinputsegmentremainingdistance}{0pt}}
  35. {\pgfqpoint{-\pgfdecorationsegmentaspect\pgfdecoratedinputsegmentremainingdistance}%
  36. {\pgfmathresult\pgfdecorationsegmentamplitude}
  37. }
  38. }
  39. {%TO
  40. \pgfpointadd{\pgfpointdecoratedinputsegmentlast}{\pgfpoint{1pt}{1pt}}
  41. }
  42. }
  43. \state{final}{}
  44. }
  45. \makeatother
  46. % End of ============= Commands to allow hand-drawn style in tikz ==================
  47.  
  48. \usepackage{graphicx,listings,color,xcolor}
  49. % Put settings for the code layout.
  50. \lstset{ %
  51. basicstyle=\ttfamily\scriptsize, % the size of the fonts that are used for the code
  52. numbers=left, % where to put the line-numbers
  53. numberstyle=\tiny\color{gray}, % the style that is used for the line-numbers
  54. stepnumber=1, % the step between two line-numbers. If it's 1, each line
  55. % will be numbered
  56. numbersep=5pt, % how far the line-numbers are from the code
  57. backgroundcolor=\color{lightgray}, % choose the background color. You must add \usepackage{color}
  58. showspaces=false, % show spaces adding particular underscores
  59. showstringspaces=false, % underline spaces within strings
  60. showtabs=false, % show tabs within strings adding particular underscores
  61. basewidth=0.54em,
  62. frame=single, % adds a frame around the code
  63. rulecolor=\color{black}, % if not set, the frame-color may be changed on line-breaks within not-black text (e.g. commens (green here))
  64. tabsize=2, % sets default tabsize to 2 spaces
  65. captionpos=b, % sets the caption-position to bottom
  66. breaklines=true, % sets automatic line breaking
  67. breakatwhitespace=false, % sets if automatic breaks should only happen at whitespace
  68. title=\lstname, % show the filename of files included with \lstinputlisting;
  69. % also try caption instead of title
  70. keywordstyle=\color{blue}, % keyword style
  71. commentstyle=\color{OliveGreen}, % comment style
  72. stringstyle=\color{mauve}, % string literal style
  73. escapeinside={\%*}{*)}, % if you want to add a comment within your code
  74. morekeywords={*,...} % if you want to add more keywords to the set
  75. }
  76.  
  77. \renewcommand{\baselinestretch}{1.18}
  78.  
  79. \title{Understanding the fundamentals of attacks}
  80. \subtitle{What is happening when someone writes an exploit?}
  81. \date{\today}
  82. \author{Halvar Flake / Thomas Dullien}
  83. \institute{The /home owners association}
  84. %\titlegraphic{\hfill\includegraphics[height=1.5cm]{logo}}
  85.  
  86. \tikzset{
  87. invisible/.style={opacity=0},
  88. visible on/.style={alt={#1{}{invisible}}},
  89. alt/.code args={<#1>#2#3}{%
  90. \alt<#1>{\pgfkeysalso{#2}}{\pgfkeysalso{#3}} % \pgfkeysalso doesn't change the path
  91. },
  92. }
  93.  
  94. \begin{document}
  95.  
  96. %\maketitle
  97.  
  98. \definecolor{verylightgray}{gray}{0.85}
  99.  
  100. \begin{frame}
  101.  
  102. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  103. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5, 4.5);
  104.  
  105. \node at (5.5, 1.3) { \fontfamily{augie}\selectfont{\huge Rearchitecting }};
  106. \node at (5.5, 0.3) { \fontfamily{augie}\selectfont{\huge a }};
  107. \node at (5.5, -0.7) { \fontfamily{augie}\selectfont{\huge defendable }};
  108. \node at (5.5, -1.7) { \fontfamily{augie}\selectfont{\huge Internet }};
  109.  
  110. \node at (5.5, -3.8) { \fontfamily{augie}\selectfont{Halvar Flake / Thomas Dullien}};
  111.  
  112. \end{tikzpicture}
  113. \end{frame}
  114.  
  115.  
  116. \begin{frame}
  117. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  118. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  119.  
  120. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Who is this guy? }};
  121.  
  122. \node at (5.5, 0.2) {
  123. \begin{tabular}{l}
  124. \fontfamily{augie}\selectfont{\large
  125. - Reverse engineering \& vuln-dev since 1998}\\ \\
  126. \fontfamily{augie}\selectfont{\large
  127. - 2004-2011: Small company in Bochum}\\ \\
  128. \fontfamily{augie}\selectfont{\large
  129. - Offensive and defensive customers}\\ \\
  130. \fontfamily{augie}\selectfont{\large
  131. - 2011-2015: Defensive work at Google}\\ \\
  132. \fontfamily{augie}\selectfont{\large
  133. - Since Nov 2016: Offensive research at Google P0}\\
  134. \end{tabular}
  135. };
  136.  
  137. %\node at (5.5, -3.7) { \fontfamily{augie}\selectfont{\Large Who is this guy? }};
  138. \end{tikzpicture}
  139. \end{frame}
  140.  
  141.  
  142.  
  143. \begin{frame}
  144. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  145. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  146.  
  147. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Are we living in a dystopian
  148. sci-fi farce? }};
  149.  
  150. \node at (5.5, 0.2) {
  151. \begin{tabular}{l}
  152. \fontfamily{augie}\selectfont{\large
  153. - North Korea accused of hacking Sony ...}\\ \\
  154. \fontfamily{augie}\selectfont{\large
  155. - got protected by Google and Microsoft...}\\ \\
  156. \fontfamily{augie}\selectfont{\large
  157. - Russia accused of meddling in US elections}\\ \\
  158. \fontfamily{augie}\selectfont{\large
  159. - Governments are imitating hacking culture}\\ \\
  160. \fontfamily{augie}\selectfont{\large
  161. - People are getting hacked left, right, and center}\\
  162. \end{tabular}
  163. };
  164. \end{tikzpicture}
  165. \end{frame}
  166.  
  167.  
  168. \begin{frame}
  169. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  170. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  171.  
  172. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Attackers vs Defenders }};
  173.  
  174. \node at (2.5, 0.5) {
  175. \begin{tabular}{l}
  176. \fontfamily{augie}\selectfont{\large
  177. Attacker tasks:}\\ \\
  178.  
  179. \fontfamily{augie}\selectfont{\large
  180. Get in}\\ \\
  181. \fontfamily{augie}\selectfont{\large
  182. Stay in}\\ \\
  183. \fontfamily{augie}\selectfont{\large
  184. Get stuff out}\\ \\
  185. \end{tabular}
  186. };
  187.  
  188. \node at (7.5, 0) {
  189. \begin{tabular}{l}
  190. \fontfamily{augie}\selectfont{\large
  191.  
  192. Defender tasks:}\\ \\
  193.  
  194. \fontfamily{augie}\selectfont{\large
  195. Deny}\\ \\
  196. \fontfamily{augie}\selectfont{\large
  197. Contain}\\ \\
  198. \fontfamily{augie}\selectfont{\large
  199. Detect}\\ \\
  200. \fontfamily{augie}\selectfont{\large
  201. Cleanup}\\ \\
  202. \end{tabular}
  203. };
  204.  
  205. %\draw [decorate,thick,decoration={brace,amplitude=10pt,mirror}]
  206.  
  207. \draw[decorate,thick,decoration={brace,amplitude=5mm,mirror}]
  208. (8, -2) -- (8, 1.5) node[midway,right] {
  209. \fontfamily{augie}\selectfont{\large \;\;
  210. Tactical}};
  211. \end{tikzpicture}
  212.  
  213. \end{frame}
  214.  
  215.  
  216. \begin{frame}
  217. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  218. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  219.  
  220. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Attackers vs Defenders }};
  221.  
  222. \node at (2.5, 0.5) {
  223. \begin{tabular}{l}
  224. \fontfamily{augie}\selectfont{\large
  225. Attacker tasks:}\\ \\
  226.  
  227. \fontfamily{augie}\selectfont{\large
  228. Get in}\\ \\
  229. \fontfamily{augie}\selectfont{\large
  230. Stay in}\\ \\
  231. \fontfamily{augie}\selectfont{\large
  232. Get stuff out}\\ \\
  233. \end{tabular}
  234. };
  235.  
  236. \node at (7.5, 0) {
  237. \begin{tabular}{l}
  238. \fontfamily{augie}\selectfont{\large
  239.  
  240. Defender tasks:}\\ \\
  241.  
  242. \fontfamily{augie}\selectfont{\large
  243. Deny}\\ \\
  244. \fontfamily{augie}\selectfont{\large
  245. Contain}\\ \\
  246. \fontfamily{augie}\selectfont{\large
  247. Detect}\\ \\
  248. \fontfamily{augie}\selectfont{\large
  249. Cleanup}\\ \\
  250. \end{tabular}
  251. };
  252.  
  253.  
  254. \node at (7.3, -3) {
  255. \begin{tabular}{l}
  256. \fontfamily{augie}\selectfont{\large
  257. Desgining the}\\
  258. \fontfamily{augie}\selectfont{\large
  259. battlefield}
  260.  
  261. \end{tabular}
  262. };
  263. %\draw [decorate,thick,decoration={brace,amplitude=10pt,mirror}]
  264.  
  265. \draw[decorate,thick,decoration={brace,amplitude=5mm,mirror}]
  266. (8, -2) -- (8, 1.5) node[midway,right] {
  267. \fontfamily{augie}\selectfont{\large \;\;\;
  268. Tactical}};
  269.  
  270. \draw[decorate,thick,decoration={brace,amplitude=3mm,mirror}]
  271. (8.8, -3.8) -- (8.8, -2.2) node[midway,right] {
  272. \fontfamily{augie}\selectfont{\large \;\;
  273. Strategic}};
  274. \end{tikzpicture}
  275.  
  276. \end{frame}
  277.  
  278.  
  279. \begin{frame}
  280. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  281. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  282. \node[text width=9cm] at (5.5, 0.5) {
  283. \fontfamily{augie}\selectfont{\Large
  284. \begin{center}
  285. ``We build our computer (systems) the way we build our cities: over time, without a plan, on top of ruins."
  286.  
  287. \vspace{5mm}
  288. - Ellen Ullman
  289. \end{center}
  290. }};
  291. \end{tikzpicture}
  292. \end{frame}
  293.  
  294.  
  295. \begin{frame}
  296. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  297. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  298.  
  299. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Building forts }};
  300.  
  301. \node[inner sep=0pt] (whitehead) at (5.5,-1)
  302. {\includegraphics[width=1\textwidth]{Jaisalmer-Fort.jpg}};
  303.  
  304. \node[text width=9cm] at (5.5, 2.3) {
  305. \fontfamily{augie}\selectfont{\large
  306. \begin{center}
  307. Jaisalmer (Rajastan)
  308. \end{center}
  309. }};
  310. \end{tikzpicture}
  311. \end{frame}
  312.  
  313. \begin{frame}
  314. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  315. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  316.  
  317. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Building forts }};
  318.  
  319. \node[inner sep=0pt] (whitehead) at (5.5,-1)
  320. {\includegraphics[width=1.8\textwidth]{jaisalmer_map.jpg}};
  321.  
  322. \node[text width=9cm] at (5.5, 2.3) {
  323. \fontfamily{augie}\selectfont{\large
  324. }};
  325. \end{tikzpicture}
  326. \end{frame}
  327.  
  328.  
  329.  
  330. \begin{frame}
  331. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  332. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  333. \node[text width=9cm] at (5.5, 0.5) {
  334. \fontfamily{augie}\selectfont{\Huge
  335. \begin{center}
  336. How\; should\; things\; be\; designed\; differently\; to\; give\; the\;
  337. defensive\; side\; a\; fighting\; chance?\footnote{
  338. \fontfamily{augie}\selectfont{Caveat on the next slide}}
  339. \vspace{5mm}
  340. \end{center}
  341. }};
  342. \end{tikzpicture}
  343. \end{frame}
  344.  
  345. \begin{frame}
  346. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  347. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  348.  
  349. \node[text width=9cm] at (5.5, 1) {
  350. \fontfamily{augie}\selectfont{\large
  351. \begin{center}
  352. ``Offensive\; problems\; are\; largely\; technical,\; defensive\; problems\; are
  353. \;largely\; political.''
  354. \vspace{3.4mm}
  355.  
  356. This talk ignores political problems.
  357. \vspace{3.4mm}
  358.  
  359. Focus is on technical problems on the defensive side.
  360. \end{center}
  361. }};
  362. \end{tikzpicture}
  363. \end{frame}
  364.  
  365.  
  366.  
  367. \begin{frame}
  368. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  369. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  370.  
  371. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large The status quo }};
  372.  
  373.  
  374. \node[text width=9cm] at (5.5, 2.3) {
  375. \fontfamily{augie}\selectfont{\large
  376. What is the only safe way to disinfect a computer that was hacked
  377. by a nontrivial attacker?
  378. }};
  379. \end{tikzpicture}
  380.  
  381. \end{frame}
  382.  
  383. \begin{frame}
  384. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  385. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  386.  
  387. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large The status quo }};
  388.  
  389. \node[inner sep=0pt] (whitehead) at (5,-1)
  390. {\includegraphics[width=.25\textwidth]{trash-can-24015_960_720.png}};
  391.  
  392. \node[text width=9cm] at (5.5, 2.3) {
  393. \fontfamily{augie}\selectfont{\large
  394. What is the only safe way to disinfect a computer that was hacked
  395. by a nontrivial attacker?
  396. }};
  397. \end{tikzpicture}
  398. \end{frame}
  399.  
  400.  
  401. \newcommand*{\drawdown}[3]{
  402. \draw[decorate,thick] (#1, #2) -- (#1+0.5, #2)
  403. -- (#1+0.5, #2+0.5) -- (#1+2.0, #2+0.5) -- (#1+2.0, #2) -- (#1+2.5, #2)
  404. -- (#1+1.25, #2-1) -- (#1, #2);
  405. }
  406.  
  407.  
  408. \begin{frame}[fragile]
  409. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  410. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  411.  
  412. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Ownership - Possession - Control}};
  413.  
  414. \node[text width=4cm] at (2, 1.7) {
  415. \fontfamily{augie}\selectfont{\large
  416. The real world:
  417. }
  418. };
  419.  
  420. \node[text width=3cm] at (2, 0.7) {
  421. \fontfamily{augie}\selectfont{\large
  422. Ownership
  423. }
  424. };
  425.  
  426. \node[text width=3cm] at (2, -0.3) {
  427. \fontfamily{augie}\selectfont{\large
  428. Possession
  429. }
  430. };
  431.  
  432. \node[text width=3cm] at (2, -2.8) {
  433. \fontfamily{augie}\selectfont{\large
  434. Control
  435. }
  436. };
  437.  
  438. \node[text width=4cm] at (9, 1.7) {
  439. \fontfamily{augie}\selectfont{\large
  440. The digital world:
  441. }
  442. };
  443.  
  444. \node[text width=3cm] at (9, 0.7) {
  445. \fontfamily{augie}\selectfont{\large
  446. Ownership
  447. }
  448. };
  449.  
  450. \node[text width=3cm] at (9, -0.3) {
  451. \fontfamily{augie}\selectfont{\large
  452. Possession
  453. }
  454. };
  455.  
  456. \node[text width=3cm] at (9, -2.8) {
  457. \fontfamily{augie}\selectfont{\large
  458. Control
  459. }
  460. };
  461.  
  462. \drawdown{0.5}{-1.5}{0};
  463.  
  464. \end{tikzpicture}
  465. \end{frame}
  466.  
  467.  
  468. \begin{frame}[fragile]
  469. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  470. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  471.  
  472. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Ownership - Possession - Control}};
  473.  
  474. \node[text width=4cm] at (2, 1.7) {
  475. \fontfamily{augie}\selectfont{\large
  476. The real world:
  477. }
  478. };
  479.  
  480. \node[text width=3cm] at (2, 0.7) {
  481. \fontfamily{augie}\selectfont{\large
  482. Ownership
  483. }
  484. };
  485.  
  486. \node[text width=3cm] at (2, -0.3) {
  487. \fontfamily{augie}\selectfont{\large
  488. Possession
  489. }
  490. };
  491.  
  492. \node[text width=3cm] at (2, -2.8) {
  493. \fontfamily{augie}\selectfont{\large
  494. Control
  495. }
  496. };
  497.  
  498. \node[text width=4cm] at (9, 1.7) {
  499. \fontfamily{augie}\selectfont{\large
  500. The digital world:
  501. }
  502. };
  503.  
  504. \node[text width=3cm] at (9, 0.7) {
  505. \fontfamily{augie}\selectfont{\large
  506. Ownership
  507. }
  508. };
  509.  
  510. \node[text width=3cm] at (9, -0.3) {
  511. \fontfamily{augie}\selectfont{\large
  512. Possession
  513. }
  514. };
  515.  
  516. \node[text width=3cm] at (9, -2.8) {
  517. \fontfamily{augie}\selectfont{\large
  518. Control
  519. }
  520. };
  521.  
  522. \drawdown{0.5}{-1.5}{0};
  523. \drawdown{7.5}{-1.5}{0};
  524. \draw[decorate,thick] (7.5, -2.5) -- (10.0, -1.0);
  525.  
  526. \end{tikzpicture}
  527. \end{frame}
  528.  
  529.  
  530. \begin{frame}[fragile]
  531. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  532. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  533.  
  534. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Ownership - Possession - Control}};
  535.  
  536. \node[text width=4cm] at (2, 1.7) {
  537. \fontfamily{augie}\selectfont{\large
  538. The real world:
  539. }
  540. };
  541.  
  542. \node[text width=3cm] at (2, 0.7) {
  543. \fontfamily{augie}\selectfont{\large
  544. Ownership
  545. }
  546. };
  547.  
  548. \node[text width=3cm] at (2, -0.3) {
  549. \fontfamily{augie}\selectfont{\large
  550. Possession
  551. }
  552. };
  553.  
  554. \node[text width=3cm] at (2, -2.8) {
  555. \fontfamily{augie}\selectfont{\large
  556. Control
  557. }
  558. };
  559.  
  560.  
  561.  
  562. \node[text width=4cm] at (9, 1.7) {
  563. \fontfamily{augie}\selectfont{\large
  564. The digital world:
  565. }
  566. };
  567.  
  568. \node[text width=3cm] at (9, 0.7) {
  569. \fontfamily{augie}\selectfont{\large
  570. Ownership
  571. }
  572. };
  573.  
  574. \node[text width=3cm] at (9, -0.3) {
  575. \fontfamily{augie}\selectfont{\large
  576. Possession
  577. }
  578. };
  579.  
  580. \node[text width=3cm] at (9, -2.8) {
  581. \fontfamily{augie}\selectfont{\large
  582. Control
  583. }
  584. };
  585.  
  586. \drawdown{0.5}{-1.5}{0}
  587. \drawdown{7.5}{-1.5}{0}
  588.  
  589. \draw[decorate,thick] (7.5, -2.5) -- (10, -1);
  590. \draw[decorate,thick,->] (6, 1.75) -- (4.5, 1.75)
  591. node[midway,above] {
  592. \fontfamily{augie}\selectfont{\large \;\;
  593. Eats world}};
  594.  
  595. node[thick, decorate]{Eats world};
  596.  
  597. \end{tikzpicture}
  598. \end{frame}
  599.  
  600.  
  601. \begin{frame}[fragile]
  602. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  603. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  604.  
  605. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Ownership - Possession - Control}};
  606.  
  607. \node[text width=4cm] at (2, 1.7) {
  608. \fontfamily{augie}\selectfont{\large
  609. The real world:
  610. }
  611. };
  612.  
  613. \node[text width=3cm] at (2, 0.7) {
  614. \fontfamily{augie}\selectfont{\large
  615. Ownership
  616. }
  617. };
  618.  
  619. \node[text width=3cm] at (2, -0.3) {
  620. \fontfamily{augie}\selectfont{\large
  621. Possession
  622. }
  623. };
  624.  
  625. \node[text width=3cm] at (2, -2.8) {
  626. \fontfamily{augie}\selectfont{\large
  627. Control
  628. }
  629. };
  630.  
  631. \node[text width=4cm] at (9, 1.7) {
  632. \fontfamily{augie}\selectfont{\large
  633. The digital world:
  634. }
  635. };
  636.  
  637. \node[text width=3cm] at (9, 0.7) {
  638. \fontfamily{augie}\selectfont{\large
  639. Ownership
  640. }
  641. };
  642.  
  643. \node[text width=3cm] at (9, -0.3) {
  644. \fontfamily{augie}\selectfont{\large
  645. Possession
  646. }
  647. };
  648.  
  649. \node[text width=3cm] at (9, -2.8) {
  650. \fontfamily{augie}\selectfont{\large
  651. Control
  652. }
  653. };
  654.  
  655. \drawdown{0.5}{-1.5}{0}
  656. \drawdown{7.5}{-1.5}{0}
  657.  
  658. \draw[decorate,thick] (7.5, -2.5) -- (10, -1);
  659.  
  660. \draw[decorate,thick] (0.5, -2.5) -- (3, -1);
  661.  
  662.  
  663. \draw[decorate,thick,->] (6, 1.75) -- (4.5, 1.75)
  664. node[midway,above] {
  665. \fontfamily{augie}\selectfont{\large \;\;
  666. Eats world}};
  667.  
  668. \end{tikzpicture}
  669. \end{frame}
  670.  
  671.  
  672.  
  673. \begin{frame}[fragile]
  674. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  675. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  676.  
  677. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Ownership - Possession -
  678. Control}};
  679.  
  680. \node[text width=10cm] at (5.5, -0.1) {
  681. \fontfamily{augie}\selectfont{\large
  682. \begin{itemize}
  683. \item Control is very easily delegateable
  684. \vspace{3mm}
  685. \item Our computing systems require constant delegation of control
  686. \vspace{3mm}
  687. \item Real-world analogy:
  688. \begin{itemize}
  689. \item Give power-of-attorney over your bank account to pay for train ticket
  690. \vspace{6mm}
  691. \item Give access to your flat (and shoe cupboard) to your shoe vendor
  692. \end{itemize}
  693. \end{itemize}
  694. }
  695. };
  696. \end{tikzpicture}
  697. \end{frame}
  698.  
  699.  
  700. \begin{frame}[fragile]
  701. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  702. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  703.  
  704. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Revoke delegated control?}};
  705.  
  706. \node[text width=10cm] at (5.5, -0.1) {
  707. \fontfamily{augie}\selectfont{\large
  708. \begin{itemize}
  709. \item Our systems require delegating control.
  710. \vspace{3mm}
  711. \item Our systems fail \emph{horribly} at revoking control.
  712. \vspace{3mm}
  713. \item Status quo: Near-impossible to revoke control against a party that resists.
  714. \end{itemize}
  715. }
  716. };
  717. \end{tikzpicture}
  718. \end{frame}
  719.  
  720.  
  721. \begin{frame}
  722. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  723. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  724. \node[text width=9cm] at (5.5, 0.5) {
  725. \fontfamily{augie}\selectfont{\Huge
  726. \begin{center}
  727. Redesign,\; Step\; 1: Establishing\; who\; is\; in\; control\; of\; a\; device\;
  728. right\; now.
  729. \end{center}
  730. }};
  731. \end{tikzpicture}
  732. \end{frame}
  733.  
  734.  
  735. \begin{frame}[fragile]
  736. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  737. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  738.  
  739. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Need to inventory privileged code}};
  740.  
  741. \node[text width=10cm] at (4.5, -0.1) {
  742. \fontfamily{augie}\selectfont{\large
  743. \begin{itemize}
  744. \item Userspace code
  745. \item Kernel code
  746. \item BIOS code, EFI stuff
  747. \item CPU Microcode
  748. \item \dots
  749. \end{itemize}
  750. }
  751. };
  752. \end{tikzpicture}
  753. \end{frame}
  754.  
  755. \begin{frame}[fragile]
  756. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  757. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  758.  
  759. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Need to inventory privileged code}};
  760.  
  761. \node[text width=10cm] at (4.5, -0.1) {
  762. \fontfamily{augie}\selectfont{\large
  763. \begin{itemize}
  764. \item Userspace code
  765. \item Kernel code
  766. \item BIOS code, EFI stuff
  767. \item CPU Microcode
  768. \item \dots
  769. \end{itemize}
  770. }
  771. };
  772.  
  773. \node[text width=10cm] at (9.5, -0.1) {
  774. \fontfamily{augie}\selectfont{\large
  775. \begin{itemize}
  776. \item Harddisk firmware
  777. \item NIC firmware
  778. \item Intel ME firmware
  779. \item GPU firmware
  780. \item Keyboard firmware
  781. \item USB controller firmware
  782. \item \dots
  783. \end{itemize}
  784. }
  785. };
  786.  
  787. \draw[decorate,thick,decoration={brace,amplitude=5mm,mirror}]
  788. (1, -2.5) -- (10, -2.5) node[midway,below=5mm] {
  789. \fontfamily{augie}\selectfont{\large \;\;
  790. Check Origin!}}
  791. node[midway,yshift=-5mm,below=5mm] {
  792. \fontfamily{augie}\selectfont{\large \;\;
  793. Check that origin affirms this code is theirs!}};
  794.  
  795. \end{tikzpicture}
  796. \end{frame}
  797.  
  798.  
  799. \begin{frame}[fragile]
  800. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  801. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  802.  
  803. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Problems Inventorizing Code}};
  804.  
  805. \node[text width=10cm] at (5.5, -0.1) {
  806. \fontfamily{augie}\selectfont{\large
  807. \begin{itemize}
  808. \item No standard way of getting firmware from a device.
  809. \vspace{3mm}
  810. \item The few places where there is a way, the existing firmware gets to decide
  811. what to answer.
  812. \vspace{3mm}
  813. \item Needed: Non-updateable, pure hardware path to dump all firmwares.
  814. \end{itemize}
  815. }
  816. };
  817. \end{tikzpicture}
  818. \end{frame}
  819.  
  820.  
  821. \begin{frame}[fragile]
  822. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  823. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  824.  
  825. \node (harddisk) at (1.5, 3.75) {
  826. \fontfamily{augie}\selectfont{\large
  827. Harddisk FW
  828. }
  829. };
  830.  
  831. \node (nic) at (1.5, 3.25) {
  832. \fontfamily{augie}\selectfont{\large
  833. NIC FW
  834. }
  835. };
  836.  
  837. \node (bios) at (1.5, 2.75) {
  838. \fontfamily{augie}\selectfont{\large
  839. BIOS Flash
  840. }
  841. };
  842.  
  843. \node (me) at (1.5, 2.25) {
  844. \fontfamily{augie}\selectfont{\large
  845. Intel ME
  846. }
  847. };
  848.  
  849. \node (os) at (1.5, 1.75) {
  850. \fontfamily{augie}\selectfont{\large
  851. Minimal OS
  852. }
  853. };
  854.  
  855. \node[draw,thick, decorate, text width=4cm] (datapath) at (6.5, 2.5) {
  856. \fontfamily{augie}\selectfont{\large
  857. Non-updateable pure hardware path to dump memory
  858. }
  859. };
  860.  
  861. \node[draw,thick, decorate, text width=4cm] (hasher) at (6.5, 0) {
  862. \fontfamily{augie}\selectfont{\large
  863. Hardware-implemented hash calculation (actual wires)
  864. }
  865. };
  866.  
  867.  
  868. \node[draw,thick, decorate, text width=4cm] (screen) at (4.5, -3) {
  869. \fontfamily{augie}\selectfont{\large
  870. Simplest possible screen to display numbers
  871. }
  872. };
  873.  
  874. \node[draw,thick, decorate, text width=4cm] (radio) at (9.5, -3) {
  875. \fontfamily{augie}\selectfont{\large
  876. Simplest possible transmitter to transmit device ID, hash
  877. }
  878. };
  879.  
  880. \draw[thick,decorate,->] (hasher) -- (radio);
  881. \draw[thick,decorate,->] (hasher) -- (screen);
  882.  
  883. \draw[thick,decorate,->] (datapath) -- (hasher);
  884.  
  885. \draw[thick,decorate,->] (harddisk) -- (datapath);
  886. \draw[thick,decorate,->] (nic) -- (datapath);
  887. \draw[thick,decorate,->] (bios) -- (datapath);
  888. \draw[thick,decorate,->] (me) -- (datapath);
  889. \draw[thick,decorate,->] (os) -- (datapath);
  890.  
  891. \end{tikzpicture}
  892. \end{frame}
  893.  
  894.  
  895. \begin{frame}[fragile]
  896. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  897. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  898.  
  899. \node (harddisk) at (1.5, 3.75) {
  900. \fontfamily{augie}\selectfont{\large
  901. Harddisk FW
  902. }
  903. };
  904.  
  905. \node (nic) at (1.5, 3.25) {
  906. \fontfamily{augie}\selectfont{\large
  907. NIC FW
  908. }
  909. };
  910.  
  911. \node (bios) at (1.5, 2.75) {
  912. \fontfamily{augie}\selectfont{\large
  913. BIOS Flash
  914. }
  915. };
  916.  
  917. \node (me) at (1.5, 2.25) {
  918. \fontfamily{augie}\selectfont{\large
  919. Intel ME
  920. }
  921. };
  922.  
  923. \node (os) at (1.5, 1.75) {
  924. \fontfamily{augie}\selectfont{\large
  925. Minimal OS
  926. }
  927. };
  928.  
  929. \node[draw,thick, decorate, text width=4cm] (datapath) at (6.5, 2.5) {
  930. \fontfamily{augie}\selectfont{\large
  931. Non-updateable pure hardware path to dump memory
  932. }
  933. };
  934.  
  935. \node[draw,thick, decorate, text width=4cm] (hasher) at (6.5, 0) {
  936. \fontfamily{augie}\selectfont{\large
  937. Hardware-implemented hash calculation (actual wires)
  938. }
  939. };
  940.  
  941.  
  942. \node[draw,thick, decorate, text width=4cm] (screen) at (4.5, -3) {
  943. \fontfamily{augie}\selectfont{\large
  944. Simplest possible screen to display numbers
  945. }
  946. };
  947.  
  948. \node[draw,thick, decorate, text width=4cm] (radio) at (9.5, -3) {
  949. \fontfamily{augie}\selectfont{\large
  950. Simplest possible transmitter to transmit device ID, hash
  951. }
  952. };
  953.  
  954. \draw[thick,decorate,->] (hasher) -- (radio);
  955. \draw[thick,decorate,->] (hasher) -- (screen);
  956. \draw[thick,decorate,->] (datapath) -- (hasher);
  957. \draw[thick,decorate,->,color=red] (harddisk) -- (datapath);
  958. \draw[thick,decorate,->,color=red] (nic) -- (datapath);
  959. \draw[thick,decorate,->,color=red] (bios) -- (datapath);
  960. \draw[thick,decorate,->,color=red] (me) -- (datapath);
  961. \draw[thick,decorate,->,color=red] (os) -- (datapath);
  962.  
  963. \node[draw,thick, decorate, color=red, text width=3cm] (label) at (1.5, 0) {
  964. \fontfamily{augie}\selectfont{\large
  965. Needs standardized interface.
  966. }
  967. };
  968.  
  969. \draw[thick,decorate,color=red] (label) -- (datapath);
  970.  
  971. \end{tikzpicture}
  972. \end{frame}
  973.  
  974.  
  975.  
  976.  
  977. \begin{frame}[fragile]
  978. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  979. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  980.  
  981. \node (harddisk) at (1.5, 3.75) {
  982. \fontfamily{augie}\selectfont{\large
  983. Harddisk FW
  984. }
  985. };
  986.  
  987. \node (nic) at (1.5, 3.25) {
  988. \fontfamily{augie}\selectfont{\large
  989. NIC FW
  990. }
  991. };
  992.  
  993. \node (bios) at (1.5, 2.75) {
  994. \fontfamily{augie}\selectfont{\large
  995. BIOS Flash
  996. }
  997. };
  998.  
  999. \node (me) at (1.5, 2.25) {
  1000. \fontfamily{augie}\selectfont{\large
  1001. Intel ME
  1002. }
  1003. };
  1004.  
  1005. \node (os) at (1.5, 1.75) {
  1006. \fontfamily{augie}\selectfont{\large
  1007. Minimal OS
  1008. }
  1009. };
  1010.  
  1011. \node[draw,thick, decorate, text width=4cm, color=red] (datapath) at (6.5, 2.5) {
  1012. \fontfamily{augie}\selectfont{\large
  1013. Non-updateable pure hardware path to dump memory
  1014. }
  1015. };
  1016.  
  1017. \node[draw,thick, decorate, text width=4cm, color=red] (hasher) at (6.5, 0) {
  1018. \fontfamily{augie}\selectfont{\large
  1019. Hardware-implemented hash calculation (actual wires)
  1020. }
  1021. };
  1022.  
  1023.  
  1024. \node[draw,thick, decorate, text width=4cm, color=red] (screen) at (4.5, -3) {
  1025. \fontfamily{augie}\selectfont{\large
  1026. Simplest possible screen to display numbers
  1027. }
  1028. };
  1029.  
  1030. \node[draw,thick, decorate, text width=4cm, color=red] (radio) at (9.5, -3) {
  1031. \fontfamily{augie}\selectfont{\large
  1032. Simplest possible transmitter to transmit device ID, hash
  1033. }
  1034. };
  1035.  
  1036. \draw[thick,decorate,->] (hasher) -- (radio);
  1037. \draw[thick,decorate,->] (hasher) -- (screen);
  1038. \draw[thick,decorate,->] (datapath) -- (hasher);
  1039. \draw[thick,decorate,->] (harddisk) -- (datapath);
  1040. \draw[thick,decorate,->] (nic) -- (datapath);
  1041. \draw[thick,decorate,->] (bios) -- (datapath);
  1042. \draw[thick,decorate,->] (me) -- (datapath);
  1043. \draw[thick,decorate,->] (os) -- (datapath);
  1044.  
  1045. \node[draw,thick, decorate, color=red, text width=3cm] (label) at (1.5, 0) {
  1046. \fontfamily{augie}\selectfont{\large
  1047. Should be a standardized component.
  1048. }
  1049. };
  1050. \end{tikzpicture}
  1051. \end{frame}
  1052.  
  1053.  
  1054.  
  1055.  
  1056. \begin{frame}[fragile]
  1057. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  1058. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  1059.  
  1060. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large What now?}};
  1061.  
  1062. \node[text width=10cm] at (5.5, -0.1) {
  1063. \fontfamily{augie}\selectfont{\large
  1064. \begin{itemize}
  1065. \item We have a tamper-resistant way of obtaining hashes of code
  1066. in the device.
  1067. \vspace{3mm}
  1068. \item We need a mechanism for vendors to ``affirm'' binaries:
  1069. ``Yes, this is our binary and we stand by it.''
  1070. \end{itemize}
  1071. }
  1072. };
  1073. \end{tikzpicture}
  1074. \end{frame}
  1075.  
  1076.  
  1077.  
  1078.  
  1079. \begin{frame}[fragile]
  1080. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  1081. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  1082.  
  1083. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Status quo?}};
  1084.  
  1085. \node[text width=10cm] at (5.5, -0.1) {
  1086. \fontfamily{augie}\selectfont{\large
  1087. Code Signatures are a bad way to affirm provenance of code.
  1088. \begin{itemize}
  1089. \item Signing keys may be stolen and used for years without anybody
  1090. noticing.
  1091. \vspace{3mm}
  1092. \item Vendors may be compelled to secretly sign something that is then
  1093. only deployed on few machines.
  1094. \end{itemize}
  1095. \vspace{5mm}
  1096.  
  1097. Code signatures in their current form cannot be trusted. }
  1098. };
  1099. \end{tikzpicture}
  1100. \end{frame}
  1101.  
  1102.  
  1103. \begin{frame}[fragile]
  1104. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  1105. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  1106.  
  1107. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large What's needed?}};
  1108.  
  1109. \node[text width=10cm] at (5.5, -0.1) {
  1110. \fontfamily{augie}\selectfont{\large
  1111. \begin{itemize}
  1112. \item Code signing transparency.
  1113. \item Public distributed ledger.
  1114. \item Append-only, tamperproof.
  1115. \item Hashes of all code by all vendors need to be placed in public
  1116. ledger.
  1117. \item ``My name is X and I endorse this binary.''
  1118. \end{itemize}
  1119. \vspace{5mm}
  1120.  
  1121. % Code signatures in their current form cannot be trusted.
  1122. }
  1123. };
  1124. \end{tikzpicture}
  1125. \end{frame}
  1126.  
  1127.  
  1128.  
  1129. \begin{frame}[fragile]
  1130. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  1131. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  1132.  
  1133. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large What else?}};
  1134.  
  1135. \node[text width=10cm] at (5.5, -0.1) {
  1136. \fontfamily{augie}\selectfont{\large
  1137. \begin{itemize}
  1138. \item We have hashes now.
  1139. \item And a public ledger to check that the vendor ``claims'' them.
  1140. \item How to address third-party code being backdoored?
  1141. \end{itemize}
  1142. \vspace{5mm}
  1143.  
  1144. Transitive trust is the silent killer of security.
  1145. }
  1146. };
  1147. \end{tikzpicture}
  1148. \end{frame}
  1149.  
  1150.  
  1151.  
  1152. \begin{frame}[fragile]
  1153. \begin{tikzpicture}[node distance=2cm, overlay,remember picture, decoration=penciline]
  1154. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  1155.  
  1156. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Detour: Trust graphs}};
  1157.  
  1158. \node[draw,thick, decorate] (computer) at (5.5, -3) {
  1159. \fontfamily{augie}\selectfont{\large
  1160. Your computer
  1161. }
  1162. };
  1163.  
  1164. \node[visible on=<2->,draw,thick, decorate, above =.5cm of computer.north] (Adobe) {
  1165. \fontfamily{augie}\selectfont{\large
  1166. Adobe
  1167. }
  1168. };
  1169.  
  1170. \node[visible on=<2->,draw,thick, decorate, left =.5cm of Adobe.west] (ms) {
  1171. \fontfamily{augie}\selectfont{\large
  1172. MS
  1173. }
  1174. };
  1175. \node[visible on=<2->,draw,thick, decorate, left =.5cm of ms.west] (nVidia) {
  1176. \fontfamily{augie}\selectfont{\large
  1177. nVidia
  1178. }
  1179. };
  1180. \node[visible on=<2->,draw,thick, decorate, right =.5cm of Adobe.east] (Google) {
  1181. \fontfamily{augie}\selectfont{\large
  1182. Google
  1183. }
  1184. };
  1185. \node[visible on=<2->,draw,thick, decorate, right =.5cm of Google.east] (HP) {
  1186. \fontfamily{augie}\selectfont{\large
  1187. HP
  1188. }
  1189. };
  1190. \draw[visible on=<2->,thick, decorate,->] (nVidia) -- (computer);
  1191. \draw[visible on=<2->,thick, decorate,->] (ms) -- (computer);
  1192. \draw[visible on=<2->,thick, decorate,->] (Adobe) -- (computer);
  1193. \draw[visible on=<2->,thick, decorate,->] (Google) -- (computer);
  1194. \draw[visible on=<2->,thick, decorate,->] (HP) -- (computer);
  1195.  
  1196.  
  1197.  
  1198.  
  1199.  
  1200. \node[visible on=<3->,draw,thick, decorate, above =1.5cm of Adobe.north] (zlib) {
  1201. \fontfamily{augie}\selectfont{\large
  1202. zlib
  1203. }
  1204. };
  1205. \node[visible on=<3->,draw,thick, decorate, left = .5cm of zlib.west] (kernel) {
  1206. \fontfamily{augie}\selectfont{\large
  1207. kernel.org
  1208. }
  1209. };
  1210. \node[visible on=<3->,draw,thick, decorate, right =.5cm of zlib.east] (libtiff) {
  1211. \fontfamily{augie}\selectfont{\large
  1212. libtiff
  1213. }
  1214. };
  1215.  
  1216. \draw[visible on=<4->,thick, decorate,->] (libtiff) -- (Adobe);
  1217. \draw[visible on=<4->,thick, decorate,->] (libtiff) -- (HP);
  1218. \draw[visible on=<4->,thick, decorate,->] (zlib) -- (Google);
  1219. \draw[visible on=<4->,thick, decorate,->] (zlib) -- (nVidia);
  1220. \draw[visible on=<4->,thick, decorate,->] (kernel) -- (Google);
  1221. \draw[visible on=<4->,thick, decorate,->] (kernel) -- (nVidia);
  1222. \draw[visible on=<4->,thick, decorate,->] (kernel) -- (HP);
  1223.  
  1224.  
  1225.  
  1226. \node[visible on=<5->,draw,thick, decorate, above =1.5cm of zlib.north] (AMI) {
  1227. \fontfamily{augie}\selectfont{\large
  1228. AMI Bios
  1229. }
  1230. };
  1231. \node[visible on=<5->,draw,thick, decorate, left = .5cm of AMI.west] (Phoenix) {
  1232. \fontfamily{augie}\selectfont{\large
  1233. Phoenix
  1234. }
  1235. };
  1236. \node[visible on=<5->,draw,thick, decorate, right =.5cm of AMI.east] (Broadcom) {
  1237. \fontfamily{augie}\selectfont{\large
  1238. Broadcom
  1239. }
  1240. };
  1241. \node[visible on=<5->,draw,thick, decorate, right =.5cm of Broadcom.east] (Apple) {
  1242. \fontfamily{augie}\selectfont{\large
  1243. Apple
  1244. }
  1245. };
  1246.  
  1247. \draw[visible on=<6->,thick, decorate,->] (Apple) -- (Google);
  1248. \draw[visible on=<6->,thick, decorate,->] (Apple) -- (Adobe);
  1249. \draw[visible on=<6->,thick, decorate,->] (Adobe) -- (Apple);
  1250. \draw[visible on=<6->,thick, decorate,->] (zlib) -- (Apple);
  1251. \draw[visible on=<6->,thick, decorate,->] (AMI) -- (ms);
  1252. \draw[visible on=<6->,thick, decorate,->] (Phoenix) -- (ms);
  1253. \draw[visible on=<6->,thick, decorate,->] (AMI) -- (kernel);
  1254.  
  1255.  
  1256. \draw[visible on=<7->,thick, decorate,->] (ms) -- (Phoenix);
  1257. \draw[visible on=<7->,thick, decorate,->] (ms) -- (AMI);
  1258. \draw[visible on=<7->,thick, decorate,->] (ms) -- (Broadcom);
  1259. \draw[visible on=<7->,thick, decorate,->] (Google) -- (Broadcom);
  1260. \draw[visible on=<7->,thick, decorate,->] (Apple) -- (Broadcom);
  1261. \draw[visible on=<7->,thick, decorate,->] (Apple) -- (libtiff);
  1262. \draw[visible on=<7->,thick, decorate,->] (AMI) -- (Apple);
  1263. \draw[visible on=<7->,thick, decorate,->] (Broadcom) -- (AMI);
  1264. \draw[visible on=<7->,thick, decorate,->] (kernel) -- (AMI);
  1265. \draw[visible on=<7->,thick, decorate,->] (kernel) -- (Phoenix);
  1266. \draw[visible on=<7->,thick, decorate,->] (nVidia) -- (Phoenix);
  1267.  
  1268. \end{tikzpicture}
  1269. \end{frame}
  1270.  
  1271.  
  1272.  
  1273.  
  1274.  
  1275. \begin{frame}[fragile]
  1276. \begin{tikzpicture}[node distance=2cm, overlay,remember picture, decoration=penciline]
  1277. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  1278.  
  1279. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Detour: Trust graphs}};
  1280.  
  1281. \node[draw,thick, decorate] (computer) at (5.5, -3) {
  1282. \fontfamily{augie}\selectfont{\large
  1283. Your computer
  1284. }
  1285. };
  1286. \begin{scope}[shift={(5,0.5)}]
  1287. \def \n {20}
  1288. \def \radius {2.4cm}
  1289. \def \margin {4} % margin in angles, depends on the radius
  1290. \foreach \s in {1,...,\n}
  1291. {
  1292. \node[draw, thick, decorate, rectangle] (\s) at ({360/\n * (\s - 1)}:\radius) {
  1293. \fontfamily{augie}\selectfont{\tiny\s}};
  1294. \draw[->, decorate, thick, ->] ({360/\n * (\s - 1)+\margin}:\radius)
  1295. arc ({360/\n * (\s - 1)+\margin}:{360/\n * (\s)-\margin}:\radius);
  1296. }
  1297.  
  1298.  
  1299. \foreach \s in {1,2,...,20}
  1300. {
  1301. \foreach \k in {3,5,7,...,19} {
  1302. \draw[->, decorate, thick, ->] (\s) -- (\k);
  1303. }
  1304. }
  1305.  
  1306. \foreach \k in {1,2,...,20} {
  1307. \draw[->, decorate, thick, ->] (\k) -- (computer);
  1308. }
  1309.  
  1310. \end{scope}
  1311.  
  1312. \end{tikzpicture}
  1313. \end{frame}
  1314.  
  1315.  
  1316.  
  1317.  
  1318. \begin{frame}[fragile]
  1319. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  1320. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  1321.  
  1322. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large What's needed?}};
  1323.  
  1324. \node[text width=10cm] at (5.5, -0.1) {
  1325. \fontfamily{augie}\selectfont{\large
  1326. Assume you find malicious code signed by a third party on your machine...
  1327. \begin{itemize}
  1328. \item Is there even a way for you to figure out how it got there?
  1329. \item Is the signer obliged to investigate?
  1330. \item Is there even an auditable trail to establish who committed the
  1331. malicious code to the signers code repo?
  1332. \end{itemize}
  1333. Answer: No on all of the above.
  1334. \vspace{5mm}
  1335.  
  1336. % Code signatures in their current form cannot be trusted.
  1337. }
  1338. };
  1339. \end{tikzpicture}
  1340. \end{frame}
  1341.  
  1342.  
  1343.  
  1344. \begin{frame}[fragile]
  1345. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  1346. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  1347.  
  1348. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large What's needed?}};
  1349.  
  1350. \node[text width=10cm] at (5.5, -0.1) {
  1351. \fontfamily{augie}\selectfont{\large
  1352. What is needed to establish this?
  1353. \begin{itemize}
  1354. \item Signed commits.
  1355. \item Reproducible / deterministic builds.
  1356. \item Public code ledger should
  1357. include hash of sources from which the code was built.
  1358.  
  1359. \end{itemize}
  1360. \vspace{5mm}
  1361.  
  1362. % Code signatures in their current form cannot be trusted.
  1363. }
  1364. };
  1365. \end{tikzpicture}
  1366. \end{frame}
  1367.  
  1368.  
  1369.  
  1370. \begin{frame}[fragile]
  1371. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  1372. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  1373.  
  1374. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large What's needed?}};
  1375.  
  1376. \node[text width=10cm] at (5.5, -0.1) {
  1377. \fontfamily{augie}\selectfont{\large
  1378. \begin{itemize}
  1379. \item Ideally, the source code from which binaries are built should be in the
  1380. ledger, too.
  1381.  
  1382. \item Given the fear that source code is ``secret sauce'', this is unrealistic.
  1383.  
  1384. \item So at a minimum, a generic ``right to reverse engineer'' would be needed.
  1385. \end{itemize}
  1386. \vspace{5mm}
  1387.  
  1388. % Code signatures in their current form cannot be trusted.
  1389. }
  1390. };
  1391. \end{tikzpicture}
  1392. \end{frame}
  1393.  
  1394.  
  1395.  
  1396. \begin{frame}[fragile]
  1397. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  1398. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  1399.  
  1400. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Recap}};
  1401.  
  1402. \node[text width=10cm] at (5.5, -0.1) {
  1403. \fontfamily{augie}\selectfont{\large
  1404. Given these engineering changes, we would get:
  1405.  
  1406. \begin{itemize}
  1407. \item Devices where we can establish ``no malicious control'' at points in time.
  1408. \item The ability to diagnose key theft and software backdooring.
  1409. \end{itemize}
  1410.  
  1411. What would this cost us?
  1412.  
  1413. \vspace{5mm}
  1414.  
  1415. % Code signatures in their current form cannot be trusted.
  1416. }
  1417. };
  1418. \end{tikzpicture}
  1419. \end{frame}
  1420.  
  1421. \begin{frame}[fragile]
  1422. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  1423. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  1424.  
  1425. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Recap}};
  1426.  
  1427. \node[text width=10cm] at (5.5, -0.1) {
  1428. \fontfamily{augie}\selectfont{\large
  1429. What would the costs of these changes be?
  1430.  
  1431. \begin{itemize}
  1432. \item Hardware: Less than 1\$ per device.
  1433. \item Software: Global ledger, less than \$ 1m a year (with staff).
  1434. \item Legal: Changes to RE laws \& standardization.
  1435. \end{itemize}
  1436.  
  1437. Not excessive, in my view?
  1438.  
  1439. \vspace{5mm}
  1440.  
  1441. % Code signatures in their current form cannot be trusted.
  1442. }
  1443. };
  1444. \end{tikzpicture}
  1445. \end{frame}
  1446.  
  1447.  
  1448. \begin{frame}[fragile]
  1449. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  1450. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  1451.  
  1452. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Who is doing this?}};
  1453.  
  1454. \node[text width=10cm] at (5.5, -0.1) {
  1455. \fontfamily{augie}\selectfont{\large
  1456. Right now, none of the big vendors are doing this.
  1457. % Code signatures in their current form cannot be trusted.
  1458.  
  1459. \begin{itemize}
  1460. \item Microsoft: Does not control hardware, focus on making exploits
  1461. difficult instead (CFG, RFG, VBS).
  1462. \item Android: Does not control hardware, focus on fixing bugs.
  1463. \item Apple: Closest. Gets extra slide.
  1464. \end{itemize}
  1465. }
  1466. };
  1467. \end{tikzpicture}
  1468. \end{frame}
  1469.  
  1470. \begin{frame}[fragile]
  1471. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  1472. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  1473.  
  1474. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Is Apple building this?}};
  1475.  
  1476. \node[text width=10cm] at (5.5, -0.1) {
  1477. \fontfamily{augie}\selectfont{\large
  1478.  
  1479. % Code signatures in their current form cannot be trusted.
  1480.  
  1481. \begin{itemize}
  1482. \item The touch bar is already an independent screen.
  1483. \item Does not meet criteria for non-updateability and inspectability, though.
  1484. \item Also: Apple's intransparent culture is probably obstacle to
  1485. adopting a public ledger?
  1486. \end{itemize}
  1487.  
  1488. }
  1489. };
  1490. \end{tikzpicture}
  1491. \end{frame}
  1492.  
  1493. \begin{frame}[fragile]
  1494. \begin{tikzpicture}[overlay,remember picture, decoration=penciline]
  1495. \draw[style=help lines,color=verylightgray] (-.5, -4.5) grid[step=0.5cm] (11.5,4.5);
  1496.  
  1497. \node at (5.5, 3.7) { \fontfamily{augie}\selectfont{\Large Summary}};
  1498.  
  1499. \node[text width=10cm] at (5.5, -0.1) {
  1500. \fontfamily{augie}\selectfont{\large
  1501.  
  1502. Defendable systems can be engineered.
  1503. \vspace{3mm}
  1504. \begin{itemize}
  1505. \item Require long-term thinking, planning, and execution.
  1506. \item Require concerted engineering efforts.
  1507. \item Defenders should think in terms of re-engineering their
  1508. infrastructure to be defendable.
  1509. \item Defenders need to coalesce into larger groups
  1510. that can shape market through buying power.
  1511. \end{itemize}
  1512.  
  1513.  
  1514.  
  1515. \vspace{5mm}
  1516.  
  1517. % Code signatures in their current form cannot be trusted.
  1518. }
  1519. };
  1520. \end{tikzpicture}
  1521. \end{frame}
  1522.  
  1523.  
  1524.  
  1525.  
  1526. \begin{frame}[standout]
  1527. \fontfamily{augie}\selectfont{\large Questions? }
  1528. \end{frame}
  1529.  
  1530.  
  1531.  
  1532.  
  1533. \end{document}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!