WinVote Security One of several systems built in response to Help America Vote Act of 2002 Based on Windows XP Uses WiFi to program election details and download results In 2014 reports of crashing when a poll worker downloaded music on his iPhone ID: 814967
Download The PPT/PDF document "“I am not in the office at the moment..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
“I
am not in the office at the moment. Send any work to be translated
.”
Slide2WinVote SecurityOne of several systems built in response to Help America Vote Act of 2002Based on Windows XP
Uses Wi-Fi to program election details and download resultsIn 2014 reports of crashing when a poll worker downloaded music on his iPhoneLed to new assessment of the system
Slide3WinVote Security ResultsXP embedded not patched since 2004
Uses WEP, considered obsolete already in 2004 due to security flawsWEP key hardwired to “abcde”Disabling Wi-Fi disabled the WinVote app, left XP exposedWindows administrator password set to “admin” with no interface to change it
No logs or checksums to detect tampering with system’s database“If system was not hacked it was only because nobody tried”
Slide4Apple Security UpdateiOS 7.0.6Data Security
Available for: iPhone 4 and later, iPod touch (5th generation), iPad 2 and laterImpact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLSDescription: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.
Slide5hashOut.data = hashes + SSL_MD5_DIGEST_LEN;hashOut.length
= SSL_SHA1_DIGEST_LEN;if ((err = SSLFreeBuffer(&hashCtx)) != 0)
goto fail;if ((err = ReadyHash(&SSLHashSHA1, &hashCtx
)) != 0
)
goto
fail;
if
((err = SSLHashSHA1.update(&
hashCtx
, &
clientRandom
)) !=
0)
goto
fail;
if
((err = SSLHashSHA1.update(&
hashCtx
, &
serverRandom
)) !=
0)
goto
fail;
if
((err = SSLHashSHA1.update(&
hashCtx
, &
signedParams
)) !=
0)
goto
fail;
goto
fail;
if
((err = SSLHashSHA1.final(&
hashCtx
, &
hashOut
)) !=
0)
goto
fail;
err
=
sslRawVerify
(...);
f
ail: . . . Return(err);
Slide6In other cases it is not so funny.
Slide7Patriot Timing Glitch Loses Scud25 Feb 1991 (Gulf War) Iraqi scud rocket hits American base in Saudia
, killing 28Patriot missile battery failed to track the scudPatriot keeps time using 0.1 sec clockCalculates seconds by multiplying by 1/10Using 24-bit value for 1/10 lost 0.34 sec after 100 hours of operationScud travels >500m in this time, and tracking failed
Slide8AA 965 Crash – 159 Dead20 Dec 1995 flight from Miami to ColombiaPilots entered “R” for
Rozo waypoint into navigational computer“R” also represented Romeo waypoint, which was somewhere elseRomeo was more common, so it was the defaultPlane automatically turned towards RomeoUnfortunately there was a mountain in the way
Slide9Ariane 5 Explodes4 Jun 1996, maiden flight of new launcher for placing satellites into orbit
Destroyed after ~40 seconds due to obvious flight problemsPrimary cause: failure to convert a 64-bit value into 16-bits in inertial reference system (SRI)Secondary cause: diagnostic error data from SRI was interpreted as (extremely strange) flight data by main computerTrying to “correct” flight led to instability
Slide10Ariane 5 IronyThe original 64-bit value is used only for alignment before launch, but left on for ~45 sec later as was desired in
Ariane 4Backup SRI ran identical software, had same failureAssumes that errors are random and shutdown is a good solutionConversion was not checked because in Ariane 4 values were indeed much smaller
Slide11NASA Loses Mars Climate OrbiterOrbiter Launched in 1998, reached Mars in 1999Supposed to orbit at 140-150 km, but went as low as 57km, causing excessive stress and friction
Cause: computer controlling the thrusters underestimated their power by a factor of 4.45Root cause: not converting metric units specified by NASA to Imperial units used by software
Slide12LA Air Traffic Loses Radio Contact14 Sep 2004 afternoonAir traffic controllers lose radio contact with ~400 planes, backup fails within 1 minute
System uses touch screen to create voice channels between controller and airplane or other controllerUpon failure controllers couldn’t alert pilots about necessary course changesSeveral near collisions avoided by on-board collision avoidance systems that alerted pilots
Slide13LA Air Contact Lose CausesTechnicians did not perform 30-day rebootSystem looked OKReboot regulation instated after previous failures occurred after 49.7 days
Cause of failures is a 32-bit millisecond timer used for continuous self test (and other things)When counter reaches 0 system crashes
Slide14Knight Trading loses $440M1 Aug 2012 at 9:30-10:15 AMRepeatedly trade about 140 securities, buying them at the (high) ask price and selling at the (low) bid price
Repeat ~40 times per second for 45 minutesExample: in security where price difference is 15 cents/share, lose $6/sec = $360/min or $16,200 in the 45 minutes for each shareThis was part of testing new software