1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information...
-
Upload
tabitha-short -
Category
Documents
-
view
217 -
download
0
Transcript of 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information...
![Page 1: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/1.jpg)
1 J. Alex Halderman
Legal Challenges in Security
ResearchJ. Alex Halderman
Center for Information Technology PolicyDepartment of Computer Science
Princeton University
![Page 2: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/2.jpg)
2 J. Alex Halderman
![Page 3: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/3.jpg)
3 J. Alex Halderman
![Page 4: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/4.jpg)
4 J. Alex Halderman
Part 1 — CD DRM
![Page 5: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/5.jpg)
5 J. Alex Halderman
CD DRM
CD Players
Plays normally
Computers
Restricted usee.g. Can’t copy disc
Can’t rip as MP3 Can’t use on iPod
![Page 6: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/6.jpg)
6 J. Alex Halderman
Why Study CD DRM?
• Add to practical knowledge of DRM designWhat works well in practice? What tends to
break?
• Independently critique deployed systemsStrengths and weaknesses? Prospects for
success?
• Assess dangers to users’ security and privacyPhoning home? Vulnerability to attacks?
Who wants to know?Record companies, musicians, investors,policy makers, music buyers, researchers
![Page 7: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/7.jpg)
7 J. Alex Halderman
The DMCA
Prohibits:• “circumvent[ing] a technological measure
that effectively controls access to a work”• distributing “any technology, product,
service, device, component, or part thereof” primarily intended to circumvent an effective TPM
Extremely limited security testing and encryption research exemptions not applicable here.
— Digital Millennium Copyright Act [17 U.S.C. 1201]
![Page 8: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/8.jpg)
8 J. Alex Halderman
EULAs
“You will not reverse engineer, decompile, disassemble or otherwise tamper with or modify the [copy protection software]”
“You will comply with and will not circumvent or attempt to circumvent the [copy protection] or any technology designed to enforce the [copy protection]”
— SonyBMG End User License Agreement
![Page 9: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/9.jpg)
9 J. Alex Halderman
SunnComm MediaMax (2003)
“[An outside testing firm] determined that none of the ripper programs used in the testing process was able to produce a usable unauthorized copy of the protected CD yielding a verifiable and commendable level of security for the SunnComm product.”
— SunnComm Press Release
![Page 10: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/10.jpg)
10 J. Alex Halderman
Security Analysis of MediaMax
First time a protected CD is inserted…Autorun (normal Windows feature) installs a copy protection driver between CD drive and applications
When a user tries to rip or copy a disc…Driver blocks access to audio
A major undisclosed design defect:Users can disable AutoRun by holding the “shift” key
CD Drive
Ripper/copier Application
OS
Protection driver
![Page 11: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/11.jpg)
11 J. Alex Halderman
“… Halderman and Princeton University have significantly damaged SunnComm’s reputation and caused the market value of SunnComm to drop by more than $10 million.”
“… Halderman has violated the Digital Millennium Copyright Act (DMCA) by disclosing unpublished MediaMax management files placed on a user's computer … SunnComm intends to refer this possible felony to authorities having jurisdiction over these matters…”
“SunnComm believes that the author’s report was ‘disseminated in a manner which facilitates infringement’ in violation of the DMCA or other applicable law.”
“The act of publishing instructions under the cloak of ‘academic research’ showing how to defeat MediaMax such as those instructions found in Halderman's report is, at best, duplicitous and, at worst, a felony.”
“SunnComm … intends to take legal action”
— SunnComm Press Release
![Page 12: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/12.jpg)
12 J. Alex Halderman
The SonyBMG Episode (2005)
Mark RussinovichOctober 31, 2005
![Page 13: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/13.jpg)
13 J. Alex Halderman
Sony Rootkit Vulnerability
Privilege escalation attack
– Hidden objects not limited to copy protection software
– Malware unable to install its own rootkit can utilize Sony’s
– Use to hide from virus checkers, admin tools
Exploits found in wildBackdoor.Ryknos.BTrojan.Welomoch
![Page 14: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/14.jpg)
14 J. Alex Halderman
I Felt the Chill
![Page 15: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/15.jpg)
15 J. Alex Halderman
MediaMax Vulnerability
13+ MB installed before EULA screen
Access permissions set incorrectly
An unprivileged attacker can exploit this error to run with administrative access when a CD is inserted
![Page 16: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/16.jpg)
16 J. Alex Halderman
CD DRM as Spyware
Sony’s CD DRM systems:• “Phone home” about each title played
despite privacy statement to the contrary• Ship without a meaningful uninstaller• Install without consent or exceed consent
Spyware is hard to define, but these meet most common definitions.
![Page 17: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/17.jpg)
17 J. Alex Halderman
Sony CD DRM Uninstallers
“Oops! ... I did it again”
![Page 18: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/18.jpg)
18 J. Alex Halderman
“Most people, I think, don't even know what a Rootkit is, so why should they care about it?”
— Thomas Hesse President, Sony BMG Global Digital Business
“It’s very important to remember that it’s your intellectual property — it’s not your computer. And in the pursuit of protection of intellectual property, it’s important not to defeat or undermine the security measures that people need to adopt in these days.”
— Stewart BakerAsst. U.S. Secretary of Homeland Security
![Page 19: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/19.jpg)
19 J. Alex Halderman
Scientist / Attorney Ratio
Two Researchers Eight Lawyers(actual lawyers not pictured)
![Page 20: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/20.jpg)
20 J. Alex Halderman
Aftermath
Rootkit discs recalled …but still in many stores and CD collections
Major class-action suits filed, settledCustomers can trade discs for cash,
MP3 downloads, and non-DRM versions
Sony won’t use CD DRM, for now
![Page 21: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/21.jpg)
21 J. Alex Halderman
Hope for Copyright Reform
H.R. 1201: Digital Media Consumers Rights Act (Rick Boucher, D-VA)
• Requires labeling for DRMed CDs• Adds new DMCA exemptions:
– persons “acting solely in furtherance of scientific research into technological measures”
– circumventing TPMs “in order to obtain access to the work for purposes of making noninfringing use”
• Codifies the Sony “capable of substantial non-infringing uses” test for secondary liability
![Page 22: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/22.jpg)
22 J. Alex Halderman
Part 2 — E-Voting
![Page 23: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/23.jpg)
23 J. Alex Halderman
![Page 24: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/24.jpg)
24 J. Alex Halderman
2000 Recount Debacle
Legislative response:
Help America Vote Act
Provided $3.9 billion to statesto upgrade voting machines by November 2006
![Page 25: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/25.jpg)
25 J. Alex Halderman
DREs to the Rescue?
Direct Recording Electronic – Store votes in internal memory
![Page 26: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/26.jpg)
26 J. Alex Halderman
DREs are Computers
Bugs
RootkitsVirusesAttacks
![Page 27: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/27.jpg)
27 J. Alex Halderman
The Diebold AccuVote-TS
![Page 28: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/28.jpg)
28 J. Alex Halderman
Diebold’s History of Secrecy
• Uses NDAs to prevent states from allowing independent security audits
• Source code leaked in 2003, researchers at Johns Hopkins found major flawsDiebold responded with vague legal threats,personal attacks
• Internal emails leaked in 2003 reveal poor security practices by developersDiebold tried to suppress sites with DMCA letters(Several sites successfully sue for misrepresentation of copyright)
![Page 29: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/29.jpg)
29 J. Alex Halderman
We Get a Machine (2006)
Obtained legally from an anonymous private party
Software is 2002 version, but certified and used in actual elections
First complete, public, independent security audit of a DRE
![Page 30: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/30.jpg)
30 J. Alex Halderman
Our Findings
• Malicious software running on the machine can steal votes undetectably, altering all backups and logs
• Anyone with physical access to the machine or memory card can install malicious code in as little as one minute
• Malicious code can spread automatically and silently from machine to machine in the form of a voting machine virus
![Page 31: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/31.jpg)
31 J. Alex Halderman
Video Demonstration
![Page 32: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/32.jpg)
32 J. Alex Halderman
Low-Tech vs. High-Tech
Paper BallotsLow-cost cheating(ballot stuffing)Small scale tampering(individual precincts)
Electronic VotingHigh-cost cheating(viral attacks)Large scale tampering(counties or states)
Leverage these complementary failure modes for greater security.
![Page 33: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/33.jpg)
33 J. Alex Halderman
Paper to the Rescue
Voter-Verified Paper Audit Trails (VVPAT)
• DRE prints a paper ballot, voter verifies and places in a ballot box
• At a few random precincts, paper ballots counted to ensure machines totals are accurate
• If discrepancies found, paper ballots can be counted more widely
![Page 34: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/34.jpg)
34 J. Alex Halderman
Proposed Legislation
H.R. 550: Voter Confidence and IncreasedAccessibility Act (Rush Holt, D-NJ)
• Amends HAVA to require VVPATs– Paper ballots would be the official record– Random manual recounts in 2% of precincts
• Opens voting software and source code to public inspection
• Additional $150 million for states
![Page 35: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/35.jpg)
35 J. Alex Halderman
![Page 36: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/36.jpg)
36 J. Alex Halderman
Final Thoughts
• Security research remains a risky businesswhere chilling effects are widely felt
• Legal uncertainty adds cost and delay, harming users of insecure systems
• Legal changes (e.g. DMCA reform) would be a major boon
• Pro bono legal help makes research possible — Thank you!
![Page 37: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/37.jpg)
37 J. Alex Halderman
Legal Challenges to Security
ResearchJ. Alex Halderman
Center for Information Technology PolicyDepartment of Computer Science
Princeton University
http://itpolicy.princeton.edu
![Page 38: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/38.jpg)
38 J. Alex Halderman
Research in the Blogosphere
![Page 39: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/39.jpg)
39 J. Alex Halderman
Research Goals
• Conduct independent security audit
• Confirm findings of previous researchers
• Verify threats by implementing attack demos
Who wants to know? Voters, candidates, election officials, policy makers, researchers
![Page 40: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/40.jpg)
40 J. Alex Halderman
Vulnerabilities
• Malicious software running on the machine can steal votes undetectably, altering all backups and logs
• Anyone with physical access to the machine or memory card can install malicious code in as little as one minute
• Malicious code can spread automatically and silently from machine to machine in the form of a voting machine virus
![Page 41: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/41.jpg)
41 J. Alex Halderman
Correct result: George 5, Benedict 0
![Page 42: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/42.jpg)
42 J. Alex Halderman
![Page 43: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/43.jpg)
43 J. Alex Halderman
Vulnerabilities
• Malicious software running on the machine can steal votes undetectably, altering all backups and logs
• Anyone with physical access to the machine or memory card can install malicious code in as little as one minute
• Malicious code can spread automatically and silently from machine to machine in the form of a voting machine virus
![Page 44: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/44.jpg)
44 J. Alex Halderman
![Page 45: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/45.jpg)
45 J. Alex Halderman
![Page 46: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/46.jpg)
46 J. Alex Halderman
Vulnerabilities
• Malicious software running on the machine can steal votes undetectably, altering all backups and logs
• Anyone with physical access to the machine or memory card can install malicious code in as little as one minute
• Malicious code can spread automatically and silently from machine to machine in the form of a voting machine virus
![Page 47: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/47.jpg)
47 J. Alex Halderman
Voting Machine Virus
![Page 48: 1 J. Alex Halderman Legal Challenges in Security Research J. Alex Halderman Center for Information Technology Policy Department of Computer Science Princeton.](https://reader038.fdocuments.us/reader038/viewer/2022110403/56649e605503460f94b5b2c1/html5/thumbnails/48.jpg)
48 J. Alex Halderman
Viral Spread