Lecture 1

Security questions were useful at the time they were developed, 1960s, but today they're problematic. Social media allows an attacker to track down the data.

2-factor authentication is the suggested alternative. This form of authentication requires a user provide 2 of the following 3 proofs of identity

  1. Something you know (password)
  2. Something you have (device)
  3. Somethign you are (biometric)

The problem with unique passwords is that they are difficult to remember, which

The proposed solution to this is a password manager. As long as the password to your password manager is secure, you're secure, but you're only as secure as your master password. This system was less convenient before cloud synchronized password managers became mainstream.

Case study: AWS Code Spaces

An attacker gained access to the AWS control panel powering Code Spaces.

To prevent this, they could have made it harder to log into an account using two-factor authentication. They also could have enforced the principle of least privilege to prevent compromised accounts from having a large blast-radius of damage. They could have had off-site backups of the data that was compromised.

Result: The attacker deleted most of the data from the Amazon Cloud.

Air gaps

An air-gapped computer can still be infected remotely. The most famous example of this was stuxnet. It ended up decreasing enrichment performed by centrifuges by 30%.

Threat model

For any attack or defense, we have a threat model, process by which potential threats, such as structural vulnerabilities or the absence of appropriate safeguards, can be identified, enumerated, and mitigations can be prioritized. The purpose of threat modeling is to provide defenders with a systematic analysis of what controls or defenses need to be included, given the nature of the system, the probable attacker's profile, the most likely attack vectors, and the assets most desired by an attacker.