8 CAPTCHAs [133] are often used in an attempt to restrict access to humans (as opposed to automated processes).Give a real‐world example where you were required to solve a CAPTCHA to gain access to some resource. What did you have to do to solve the CAPTCHA?Discuss various technical methods that might be used to break the CAPTCHA you described in part a) of this problem.Outline a non‐technical method that might be used to attack the CAPTCHA from part a).How effective is the CAPTCHA in part a)? How user‐friendly is the CAPTCHA?Do you hate solving CAPTCHAs as much as your easily‐annoyed author?
9 Suppose that a particular security protocol is well designed and secure. However, there is a fairly common situation where insufficient information is available to complete the security protocol. In such cases, the protocol fails and, ideally, communication between the participants, say, Alice and Bob, should not be allowed to occur. However, in the real world, protocol designers must decide how to handle cases where protocols fail and, as a practical matter, both security and convenience must be considered. Comment on the relative merits of each of the following solutions to protocol failure. Be sure to mention the relative security and user‐friendliness of each.When the protocol fails, a brief warning is given to Alice and Bob, but communication is allowed to continues as if the protocol had succeeded, without any intervention required from either Alice or Bob.When the protocol fails, a warning is given to Alice and she decides (by clicking a checkbox) whether communication is allowed to continue or not.When the protocol fails, a notification is given to Alice and Bob and the protocol terminates.When the protocol fails, the protocol terminates, with no explanation given to Alice or Bob.
10 Automatic teller machines (ATMs) are an interesting case study in security. Anderson [3] claims that when ATMs were first developed, most attention was paid to high‐tech attacks. However, most real‐world attacks on ATMs were decidedly low tech.Examples of high‐tech attacks on ATMs would include breaking the encryption or authentication protocol. If possible, find a real‐world case where a high‐tech attack on an ATM has actually occurred and provide the details.Shoulder surfing is an example of a low‐tech attack. In a shoulder‐surfing scenario, Trudy stands behind Alice in line and watches the numbers Alice presses when entering her PIN. Then Trudy bonks Alice in the head and takes her ATM card. Give another example of a low‐tech attack on an ATM that has actually occurred in the real world.
11 Large and complex software systems invariably have many bugs.For honest users, such as Alice and Bob, buggy software is certainly annoying but why is it a security issue?Why does Trudy love buggy software?
12 Malware is software that is intentionally malicious, that is, malware is designed to do damage or break the security of a system. Malware comes in many familiar varieties, including viruses, worms, and Trojans.Has your computer ever been infected with malware? If so, what did the malware do and how did you get rid of the problem? If not, how have you been so lucky?In the past, most malware was designed to annoy users. Today, it is believed (with good evidence) that most malware is written for profit. How could malware possibly be profitable?
13 In the movie Office Space, software developers attempt to modify company software so that for each financial transaction, any leftover fraction of a cent goes to the software developers, instead of staying where it belongs—with the company. The idea is that for any particular transaction, nobody will notice the missing fraction of a cent, but over time the developers will accumulate a large sum of money. This type of attack is sometimes known as a salami attack.Discuss a real‐world example of a salami attack.In the movie, the salami attack fails. Why?
14 It has been said that “complexity is the enemy of security”.Give an example of commercial software to which this statement applies, that is, find an example of software that is large and complex and has had significant security problems.Find a security protocol to which this statement applies.
15 Suppose that this textbook was sold online (as a PDF) by your money‐grubbing author for, say, $5. Then the author would make more money off each copy sold than he currently does9 and people who purchase the book would save a lot of money.What are the security issues related to the sale of an online book?How could you make the selling of an online book more secure, from the copyright holder's perspective?How secure is your approach in part b)? How user‐friendly is your approach in part b)? What are some possible attacks on your proposed system?
16 The PowerPoint slides at [135] describe a security class project where students successfully hacked the Boston subway system.Summarize each of the various attacks. What was the crucial vulnerability that enabled each attack to succeed?The students planned to give a presentation at the self‐proclaimed “hacker's convention,” Defcon. At the request of the Boston transit authority, a judge issued a temporary restraining order that prevented the students from talking about their work. Do you think this was justified, based on the material in the slides?What are war dialing and war driving? What is war “carting”?Comment on the production quality of the “melodramatic video about the warcart” (a link to the video can be found at [124]).
Notes
1 1 Not to be confused with “Alice's Restaurant” [52].
2 2 No, not that CIA.
3 3 This sentence is brought to you by the Department of Redundancy Department.
4 4 You did read that, right?
5 5 If someone asks you why a specific weak security measure is used when better options are available, the correct answer is usually “money,” or it might simply be due to an inability to overcome inertia.
6 6 Access control list, or ACL, is one of many overloaded terms that arise in the field of information security.
7 7 Consider, for example, the infamous buffer overflow attack. Historically, this one of the most serious security flaws of all time. What is the grand theory behind this particular exploit? There isn't any—it's essentially made possible by a quirk in the way that memory is laid out in modern processors.
8 8 Shadoobie [116].
9 9 Believe it or not.
Chapter 2
Classic Crypto
The solution is by no means so difficult as you might be led to imagine from the first hasty inspection of the characters. These characters, as any one might readily guess, form a cipher—that is to say, they convey a meaning…
—Edgar Allan Poe, The Gold Bug