User Account

All Pages

Why combination of security controls present in modern os

Assignment Help Operating System
Reference no: EM131303288

Assignment

(In)security Controls

Have you ever walked on a new sidewalk? If so, you might have noticed how clean and smooth it was. You also might have been impressed with how seemingly impenetrable it was. If you were to revisit that same sidewalk years later, you likely would see cracks running through it. Although concrete is one of the toughest and most durable materials in existence today, it has vulnerabilities that the forces of nature can exploit.

OSs and browsers are like sidewalks. New versions are clean and smooth, with seemingly hard, unassailable attack surfaces. However, like tiny cracks in new sidewalks that are invisible to the naked eye, design flaws are inherent in any new version's source code. Each flaw is a potential vulnerability just waiting to be discovered. Will the good guys or the bad guys discover a particular flaw first? If it is the good guys, they will patch it as quickly as possible. If it is the bad guys, they likely will keep it secret until they decide to exploit it.

To prepare for this Discussion, read the notes in the Unit 4 Notes, located in this unit's Learning Resources, before proceeding.

In light of the Pwn2Own annual contests, explain why the combination of security controls present in modern OSs and browsers is still failing to prevent exploitation by determined attackers.

Notes

Since 2007, information security professionals have been able to gauge the relative robustness of the major web browsers thanks to the Pwn2Own annual browserbreaking contest. In this annual contest, held in conjunction with the CanSecWest conference in Vancouver, Canada, security researchers can demonstrate their ability to compromise a machine by attacking the one application that everyone on the Internet is using-the web browser. In exchange for the prize monies, the security researchers share the particular vulnerabilities exploited with browser vendors, who in turn, work to resolve the issues quickly.

While today's browsers and OSs are more robust against attacks with technologies like Data Execution Prevention (DEP), Address Space Layout Randomization (ASLR), and sandboxing, attackers and security researchers have demonstrated year after year that a determined opponent can still find and exploit weaknesses at the OS or browser level.

Required Resources Readings

• Oriyano, S.-P. (2014). Hacker techniques, tools, and incident handling. (2nd ed.) Burlington, MA: Jones & Bartlett Learning.
• Chapter 9, "Web and Database Attacks"

This chapter discusses common web server and database vulnerabilities and how they are typically exploited.

• Wikipedia. (n.d.). Pwn2Own at CANSEC west. Retrieved July 27, 2012, from https://en.wikipedia.org/wiki/Pwn2Own

This entry contains the history of the Pwn2Own competition from 2007 to the current year.

• Nachreiner, C. (2012). Radio free security: April 2012 episode. WatchGuard Security Center. Retrieved from https://watchguardsecuritycenter.com/tag/pwn2own/

This site contains a number of short security related articles.

• Naked Security. (2012). Pw2Own. Retrieved from https://nakedsecurity.sophos.com/tag/pwn2own/

This page contains several links to articles related to Pwn2Own.

Reference no: EM131303288

Questions Cloud

When you hear the word ethics, what comes to mind : When you hear the word ethics, what comes to mind? Which ethical traits, concepts, and/or principles are important to you?
Explain in full the concept of the war on drugs : Explain in full the concept of the "war on drugs." Based upon what you have learned, do you think it was successful? Your answer must be at least 250 words in length.
Budget deficits and a sovereign debt crisis : An article in the Wall Street Journal reported.- What is the connection between budget deficits and a sovereign debt crisis?
Compare and contrast the role of environment : Compare and contrast the role of environment and biology regarding individuals with phenylketonuria (PKU) and Down syndrome.Include a discussion on learning and personality development and cite evidence to support your analysis regarding these indi..
Why combination of security controls present in modern os : In light of the Pwn2Own annual contests, explain why the combination of security controls present in modern OSs and browsers is still failing to prevent exploitation by determined attackers.
Why should a recession connected with a financial crisis : Why should a recession connected with a financial crisis be more severe than a recession that did not involve a financial crisis?
Discuss the variations in life expectancy due to ethnic : Discuss the variations in life expectancy due to ethnic group membership. Discuss the particular issues/causes related to this issue.
What is the debt deflation process : Why is the Great Depression of the 1930s considered to be the worst economic downturn in U.S. history?- What role did the bank panics of the early 1930s play in explaining the severity of the Great Depression?
What influenced your reaction to the situation : When have you encountered a situation that challenged your ethical principles? What influenced your reaction to the situation and would you handle it differently if the situation occurred again today? If you can, include a brief synopsis of the s..

Reviews

Write a Review

Operating System Questions & Answers

  Implementation of algorithms for process management

The Shortest Job Next (SJN) algorithm queues processes in a way that the ones that use the shortest CPU cycle will be selected for running rst.

  Develop a user mode command interpreter

Develop a user mode command interpreter which support list-short.

  Memory allocation in operating system

Analysis and implementation of algorithms for memory allocation in operating system, Explain First- t and best- t methods are used in memory allocation in operating systems.

  Stand alone child process

Forking the child process

  Write a multi-threaded program

Write a multi-threaded program to solve producer and consumer problem

  Marginal and average cost curves

n a competitive market place (pure competition) is it possible to continually sell your product at a price above the average cost of production.

  Simulating operating systems scheduling

Simulate the long-term scheduler, the short-term scheduler and the I/O scheduler of the computer using the First-Come-First-Serve algorithm.

  Issues with trusted platform module

Research paper discussing the issues with Trusted Platform Module (TPM)

  Threads

Explain a complication that concurrent processing adds to an operating system.

  Design and programming

Use the semaphore methods to control the concurrency of the solution

  Virtual machines

Virtual machines supported by a host operating system

  Discuss an application that benefits barrier synchronization

Discuss an application that would benefit from the use of barrier synchronization

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd