Battling Botnets With An Awesome OS

Apr 09, 2010

(PhysOrg.com) -- Despite security software, patches and updates, your computer remains threatened by attack and takeover from hackers and cyber-criminals who will turn your PC into their networked robot -- or "bot" -- creating mischief to mayhem by everything from spreading spam to looting bank accounts.

"Today's computer operating systems are thoroughly penetrated and unfixable," said University of Illinois at Chicago computer security expert Jon Solworth. "Every year we spend more and more on the problem, but every year the problem gets worse because we're working at the edges instead of at the heart of the problem."

Solworth, associate professor of computer science at UIC, along with cryptography expert Daniel Bernstein, research professor of computer science, just received a $1.15 million grant from the National Science Foundation to build a new computer -- or OS -- that plugs holes against intruding bugs, viruses and other harmful e-critters.

Solworth is building an operating system he calls Ethos -- essentially a blueprint for an OS that ratchets up security in ways not yet considered or believed necessary when operating systems like Windows, Mac and Linux were conceived.

Today, the applications that run on your are more vulnerable than the OS itself, Solworth said. He and his laboratory staff are working to make Ethos OS guard against attacks that target the applications that run on it.

"Our goal is to learn what a security OS looks like," he said. "The attacker needs to find only one way into the system, whereas we as defenders have to protect against every way in. Security is not a field where you're going against a fixed target. You're going against the intelligence of another human."

Solworth's team has begun the laborious task of building this new generation of secure, robust operating systems one cyber-brick at a time, examining new ways to make sub-systems attack-proof and eliminate vulnerabilities in what are known as system calls, used to communicate with computers on the Internet.

While Solworth and his team are building the Ethos OS, Bernstein's primary role is as the hacker, exposing vulnerabilities that need fixing. Bernstein's expertise in cryptography and networks will also be tapped in the construction of Ethos.

The new OS will run on so-called "virtual machine" computers that run one or more operating systems together, like Windows and Mac. Older applications written for those OS systems where security is not a big issue, like games, will continue to work, but new OS like Ethos will simultaneously handle applications such as online banking and other sensitive business transactions as part of the evolution to tomorrow's more secure operating systems.

Solworth thinks that new OS will also free software developers from worrying about security so they can spend more time writing programs that make applications work better.

But Solworth doesn't underestimate the task at hand.

"This is a huge undertaking, with complex scientific aspects," he said. "But an equally large concern is the logistics of such a project, and my job is to sequence things so that they go smoothly.

"If we succeed, we'll have achieved what many thought couldn't be done. It's a little scary, daunting and humbling, yet it's extraordinarily exciting."

Explore further: Avatars make the Internet sign to deaf people

Related Stories

Control all your computers from one iPhone

Jan 21, 2009

I've gone on record defining the iPhone to really be a mobile computer that can also make cell phone calls. It uses OS X, the Macintosh operating system to run software such as productivity, game, Internet applications and ...

Should I buy a PC or Mac?

Nov 25, 2009

Q. Our 6-year-old PC computer is dying a slow death and we are considering moving to a new iMac but have a few concerns. First, of all, we have several Word documents on our disk drive now that we want to keep and add to ...

Recommended for you

Avatars make the Internet sign to deaf people

Aug 29, 2014

It is challenging for deaf people to learn a sound-based language, since they are physically not able to hear those sounds. Hence, most of them struggle with written language as well as with text reading ...

Chameleon: Cloud computing for computer science

Aug 26, 2014

Cloud computing has changed the way we work, the way we communicate online, even the way we relax at night with a movie. But even as "the cloud" starts to cross over into popular parlance, the full potential ...

User comments : 37

Adjust slider to filter visible comments by rank

Display comments: newest first

gopher65
not rated yet Apr 09, 2010
Excellent. Hopefully the results of this research will be used in the creation of the next generation of operating systems by their various makers.

I hope this group is taking into account the fact that return oriented programming techniques are inherently insecure due to a conceptual error in their initial design. They may have to create an entirely new form of programming language in order to make a secure OS.
baudrunner
5 / 5 (2) Apr 09, 2010
It's a sad statement of the shape that our world, and the caliber of its people, is in, that a simple, unprotected computer - no firewall or virus, worm or trojan protection or protection from hacker attacks - would be compromised beyond repair in the course of a normal day's innocent internet activity. Very sad indeed.
Royale
5 / 5 (1) Apr 09, 2010
@gopher65: That sounds great on paper, but how would one build a non return-oriented programming language. I mean I see your point, and maybe they could do "return-scanning inside the language on the fly", but you inherently need returns in order for a computer to function.
Skeptic_Heretic
3 / 5 (2) Apr 09, 2010
It's a sad statement of the shape that our world, and the caliber of its people, is in, that a simple, unprotected computer - no firewall or virus, worm or trojan protection or protection from hacker attacks - would be compromised beyond repair in the course of a normal day's innocent internet activity.

That's more due to the ignorance of the victim.

You don't see many 5 year olds walking through Harlem at 3am because they know better, but people still feel comfortable punching their information into an unsecured website form.
Javinator
not rated yet Apr 09, 2010
I think he's saying it's sad that you just compared the internet to a new person with an unprotected computer as a child in Harlem at 3am.
eachus
5 / 5 (2) Apr 09, 2010
@gopher65: That sounds great on paper, but how would one build a non return-oriented programming language. I mean I see your point, and maybe they could do "return-scanning inside the language on the fly", but you inherently need returns in order for a computer to function.


The problem is not the returns, it is the promiscuous behavior of allowing entry to any address in an executable library. Multics had the solution, what 40 years ago? When calling from untrusted code to (more highly) trusted code you went through a gate segment. Part of the gate segment, enforced by the hardware was a bound on the addresses that could accept calls. (These addresses at the beginning of the segment were transfers to the real routines that did sanity checking and so on before doing the real work.

A programming language that doesn't allow unbounded strings to be stored on the stack would be a big help, but C programmers will find a way to frustrate that protection.
Royale
3.7 / 5 (3) Apr 09, 2010
Since Skeptic was replying to baud it wouldnt make much sense to say something that happened in the future was sad. And he wasn't "comparing" the internet to a child. He was basically stating that common sense should be carried over to computers just as it is in the real world. As Fox Mulder would agree: "Trust no one." That works especially well in the case of people behind random websites who you never see or even know exist.
PinkElephant
not rated yet Apr 09, 2010
Seems to me, the easiest solution to the problem of security in applications, is already here. Has been here for more than a decade: managed languages, such as Java.

When not just the language itself, but the actual underlying execution engine does not allow you to work with raw pointers, and furthermore has built-in data structure bounds-checking and a robust exception heuristic, there's just no way for an application to break out of its sandbox by accident.

If all applications were written in Java, there'd be no buffer overflows, or any other uncontrollable behavior. If you overflow the stack or the heap, you just get an exception, and all the trash in memory gets safely disposed of by the garbage collector.

The argument used to be that managed languages are slow. But with optimizing just-in-time compilers and multi-threaded virtual machines (including dedicated threads for heap management and garbage collection) on multi-core computers, this has become a non-issue.
Javinator
5 / 5 (1) Apr 09, 2010
You completely misinterpretted what I said. I never compared the internet to a child. I never said baud's comment was a direct response to the comment later made by Skeptic.

Baud basically said it's sad that someone can't go onto the interent without layers of protection without the likely possibility of being scammed.

Similarly, it's pretty sad that a child can't walk around Harlem at 3am.

Sure, common sense says don't do those things. The sad part is that the only reason it's common sense not to do those things is because of how terrible some people can be.

"Trust no one" is a good motto. It's also pathetic that it is a good motto.
kasen
5 / 5 (1) Apr 09, 2010
Make something foolproof and they'll come up with a new and improved fool. I bet people could be convinced to share their security biometrics with a complete stranger, should that tech become status quo.

Then again, why not trust everyone, instead? Complete transparency, all secrets revealed. Botnets are used mainly for advertising, but if companies knew all your demands and what you can supply, wouldn't it eiminate the value of personal data and make mass advertising obsolete?
Caliban
3 / 5 (2) Apr 09, 2010
@kasen,
complete transparency on the order that you advocate would work- but only if, first, the concept of private property was entirely eliminated.

If all the goods and services created globally were available to each individual equally and upon demand, there would be no need for anyone to have private, personal property, and thieving/fraud would be rendered obsolete.

I've a feeling that you, like most of us, wouldn't be entirely -if at all- comfortable with that state of affairs.
migmigmig
5 / 5 (1) Apr 10, 2010
@Caliban

Starfleet is Socialism!
finitesolutions
Apr 10, 2010
This comment has been removed by a moderator.
Newbeak
not rated yet Apr 10, 2010
I use Sandboxie at all times online.Haven't had virus issues in years..
kasen
not rated yet Apr 10, 2010
@Caliban: Private property and private information, although treated equally by the current paradigm, can be easily discriminated. I'm speaking of information in the broadest sense, from personal data to songs, books, stock market quotes. It flows continuously and chaotically, so by trying to assign a monetary value to it, you're basically hooking the economy to a random number generator.

It's a whole lot easier to defend a piece of land, or a car, as yours, because of their "solidity": they can't be in two places at once. Information has a more quantum-like behaviour. It can be copied with practically 0 resource costs, but each copy is then assigned the same monetary value, which leads to the money-out-of-thin-air suite of problems.

So you don't have to eliminate private ownership, just limit it to objects that behave according to classical mechanics.
PinkElephant
not rated yet Apr 10, 2010
@finitesolutions,

What's with the Romanian? I had to use Google language tools to even figure out the language...

Anyway, that exact same code also makes for an infinite loop in C: the language of choice for the current crop of operating systems. In fact, Java's syntax and conceptual organization very closely mirror C++, minus all the redundancy and complexity. Infinite loops can be written in any language, so what's your point?

In a properly designed OS with a decently fair preemptive scheduler, any application that has entered an infinite loop can simply be killed by the user. There are no security implications here.

As for garbage collection, it's infinitely preferable to manual memory management. Most of the security problems and bugs in existing programs are due to direct memory management, and direct access to memory through pointers.

If you can't redirect the program counter into a data segment, or write data into code segment, you've just eliminated a lot of holes.
Caliban
1 / 5 (1) Apr 10, 2010
@kasen,
"private" information is merely a digital copy of private, and/or physical property.

The mere fact of it's lack of corporeality doesn't negate it's value. It's value is intrinsic in that it is inextricably linked to the notion that someone desires it that is not the creator or producer of it.

This notion of creation/production is what gives rise to the idea of ownerhip, and thence "Private Property". If someone takes this(whether in virtual/digital or physical form) without providing compensation, it is regarded as theft.

Transitive property: if A=B, and B=C, then A=C. Or, A=B=C. There is no distinguishing between the two- either it's all private property, or it's all not.
kasen
not rated yet Apr 11, 2010
digital copy of private, and/or physical property


So the information "I need a car and I'm an ecologist", which can be derived from my browser history, is the copy of what physical property of mine?

the creator or producer of it


The creator need not be the one who gets money from it. I'm not sure how copyright laws are formulated, but their application is simple, you own it, you can sell it. So ownership is defined by value, which in turn is defined by ownership. Physical property also has tangible qualities which further define and stabilise its value.

So, roughly mathematically speaking, if you take value as a function of time, tangible property should yield a differentiable function, as opposed to intellectual property, which might not even be continous. I think you could prove it theoretically, without resorting to empirical data.
HeloMenelo
not rated yet Apr 11, 2010
How long have operating systems been in existence?
2 or 3 Decades !!! ?
You'd think by now at the very least they would've solved all security issues. Or are they deliberately ignoring the core issues for a couple reasons i can think of.
eachus
5 / 5 (1) Apr 12, 2010
How long have operating systems been in existence?
2 or 3 Decades !!! ?

We can argue about which was the first "real" OS with all the necessary features, but about 50 years.
You'd think by now at the very least they would've solved all security issues. Or are they deliberately ignoring the core issues for a couple reasons i can think of.


If you can explain it to me, I'd love to be able to understand it. Robust, secure OSes have been around since the 1960's as have junk operating systems. The strong preference by programmers and users for junk instead of security has been around since then. It may have started with a FUD campaign against Multics, but...

The Motorola 68020 had support for hardware rings. (Well in the 68851 MMU chip.) That feature was dropped from the 68030 and later 68k CPUs since no one used it. The most recent x86 family chips support ring-like behavior as part of the virtualization support, but people still run insecure OSes on top of them.
Caliban
1 / 5 (1) Apr 13, 2010
@kasen,

Perhaps if I oversimplify:

Is your bank/credit card/market account PIN Private Property? Are the contents of those accounts?

How about your health history information? Type and amount of insurance? Shoe/shirt size? How often you purchase/view porn?

As long as these things represent some desireable quantity(property), and their distribution is accomplished through the exchange of some unit of currency, then there will be those who are willing to risk the legal penalties to obtain them via outright theft, through fraud, or by harvesting any and all information, by any means available, to enhance or tailor marketing efforts to sell you products that your habits indicate you may be interested in. Or to spam you.

The first two are illegal. The second pair, are on very shaky ground, and even if spam is illegal- targeted marketing is only infinitesimally superior, because it creates an incentive to be more and more invasive in pursuit of $$$.

Where do you stop?
kasen
not rated yet Apr 14, 2010
Which is why I'm saying that making them public(passwords excluded) is the best strategy. Nobody would pay for public information, so there'd be no incentive to obtain it by various means.

Sure, if it's one or two people doing it, there's little impact to be made, but if enough would agree to sign on a universal database, with details such as income, mobility radius(city/country), shirt size, favourite food, artistic preferences, sexual dysfunctions etc., the whole Internet advertising business could be automated.

People have already proved they're willing to give tons of such details on social networking sites. Instead of leaving it to bots and whatnot to obtain and synthesise that data, we could just send it straight to the companies. The infrastructure is already in place, mostly.

It's a way to optimise the free market, if you ask me. How is it socialist?
Skeptic_Heretic
5 / 5 (1) Apr 14, 2010
Which is why I'm saying that making them public(passwords excluded) is the best strategy. Nobody would pay for public information, so there'd be no incentive to obtain it by various means.

And then how do you protect yourself from being preyed upon due to your "public" information?

If I've had back surgery in the past, regardless of the outcome, many employers would frown upon hiring me because I've shown a medical history of needing back surgery.

You may put faith in people to do what's right, but don't make that mistake with corporations.
kasen
1 / 5 (1) Apr 14, 2010
And then how do you protect yourself from being preyed upon due to your "public" information?


Predation would quickly give way to farming/symbiosis. It's in the company's interest to keep you within certain functional parameters, where you have enough buying power and motivation.

Currently, there's really little communication between producers and consumers. Marketing is essentially a game of Battleship, with mass culture arising from the need to cast wide nets to maximise the chance of catching fish.

It's the same with the job market, except there you have the occasional poisonous fish, which is why precautions are taken. But if employers could verify your activity directly, and not through a potentially fictitious CV, you would get a fairer chance. Throw in AI specifically designed for assessing your utility to the company, and you just can't complain of subjectivism.

It's cold, heartless, but efficient. Our real problems don't come from the tools we use.
Skeptic_Heretic
5 / 5 (2) Apr 14, 2010
Predation would quickly give way to farming/symbiosis. It's in the company's interest to keep you within certain functional parameters, where you have enough buying power and motivation.

You're fairly oblivious to the outside world, aren't you?
kasen
2 / 5 (1) Apr 14, 2010
You're fairly oblivious to the outside world, aren't you?


I wish I were. Not saying my view of the world is all-encompassing or anything, just wish I had an off button. A non-permanent one.

You're not really going with the whole 'corporations are evil' tune, are you?
Skeptic_Heretic
5 / 5 (1) Apr 14, 2010
You're fairly oblivious to the outside world, aren't you?


I wish I were. Not saying my view of the world is all-encompassing or anything, just wish I had an off button. A non-permanent one.

You're not really going with the whole 'corporations are evil' tune, are you?

No, corporations are not necessarily evil, but much like religous institutions, it only takes a little poison to make the whole group do wrong.

Corporations are the best way to increase individual profit while shirking individual responsibility. Not all corps do so, but the potential is always present.
kasen
1 / 5 (1) Apr 14, 2010
The beauty of it is that greedy CEOs, the little poison you speak of, end up taking whole companies down, but in doing so, they actively contribute to the evolutionary process which makes new companies behave more rationally and, therefore, responsibly towards consumers.

Ultimately, technology will progress and proliferate to the point that economics becomes an actual science. Boards of directors will be replaced by a few lines of code. When that happens, the socialist motto of everyone giving what he can and receiving what he needs will become an emergent reality.

It's simply faster to get there by free market capitalism, because greed and self-preservation are stronger instincts than eusociality.
Skeptic_Heretic
5 / 5 (1) Apr 15, 2010
Ultimately, technology will progress and proliferate to the point that economics becomes an actual science. Boards of directors will be replaced by a few lines of code.

It's already there. I work within the field of metrology (measurement, not weather) and I've seen the majority of my collegues snapped up and fed into the economics sector for their high end math skills and ability to generate complex and accurate formulae.

I'm debating making the jump as well but my ethics rail against it.
Caliban
1 / 5 (1) Apr 15, 2010

I'm debating making the jump as well but my ethics rail against it.


Right you are. Code can be manipulated. Someone will have to remain independent to discover wrongdoing.

@kasen,
The market is always optimised at the consumer's
expense- not the other way around.

I'm not sure why you want to insist that I'm advocating socialism, but go right ahead. I will say again: for so long as you possess private property(mainly in the form of financial accounts) that someone else deems desireable in any way or for any purpose, then they will attepmt to relieve you of it, by any means available to them. This includes via botnets/hacking/ID theft. Get it?
kasen
1 / 5 (2) Apr 15, 2010
@Skeptic_Heretic: If it were already there, there wouldn't have been a crisis now. I'm talking about technology becoming so pervasive that less and less abstraction and simplification will have to be made for modelling various processes happening in the anthroposhere, which become quantised due to reliance on numerical methods.

Also, that's a second line straight out of an anti-corp documentary you quote. Just curious, though, no subtext meant, what do you consider high-end math skills?

@Caliban: I'm not sure where you got the idea I was discussing what you're advocating. You said my idea required private property eliminated in order to work, I argued it could even improve the current system.

You keep repeating the problem, I keep giving my solution: eliminate monetary value by making supply infinite, which entails making your "private" information public. No value, no desirability. No one's ever tried to steal the sun.
Skeptic_Heretic
5 / 5 (1) Apr 15, 2010
Also, that's a second line straight out of an anti-corp documentary you quote. Just curious, though, no subtext meant, what do you consider high-end math skills?
Formulaic and integral calculus.
You keep repeating the problem, I keep giving my solution: eliminate monetary value by making supply infinite, which entails making your "private" information public.

Since there is only one me, and you are not me. My information is unique regardless of whether it's public or private as it pertains to an individual. It will always have a value based on the abilities or value one can affix to unique information.

No one's ever tried to steal the sun.

But when the technology exists, and someone can, what do you think the ransom payment will be to maintain life on Earth?
Caliban
1 / 5 (1) Apr 15, 2010
@kasen
So, you've swerved completely away from the thrust of the article, which is about the illegal access of an individual's property.

I understand your point about making your personal info available for marketing purposes. I am sure that the corporate world would clap their hands in benificent glee, and ecstatically agree with you in that regard.

This does nothing, however, to address the matter of theft.
kasen
1 / 5 (1) Apr 15, 2010
My information is unique


That's just the point, the information itself isn't. You might be, but the data that can be collected about you overlaps with that of many other persons. Never entirely, but enough to make profit from mass production possible.

Only a small amount of information, the type that links to the real world, makes you an individual. Stuff like home address, or various account/ID numbers, whatever points to a physical property that can't be duplicated(house, body). But that information in itself is worthless, since ownership of physical property always has the safeguard of being verifiable with other physical objects, like deeds, or shotguns.

ID theft should really only hurt banks, insurance companies and whatever system gets duped by fake/stolen data, not whomever it's obtained from. If more information attached to a name were readily available for those systems, security checks could be reduced to answering a few randomised questions about yourself.
J-n
not rated yet Apr 15, 2010
"No value, no desirability. No one's ever tried to steal the sun."
Though often free things are abused. If everyone's private details are publically available.. Then privacy is completely abolished. I dont like the thought of having zero privacy.
There are a lot of things that are free. The air around us.. no folks don't steal oxygen.. but they sure use it in ways that are dangerous and harmful to everyone. Pumping pollutants into it, using the oxygen for explosive reactions.. and other fun stuff.
Who's to say that one might not use the plethora of information available freely in your model to do harm?
Beyond all of this. I believe that the larger problem right now being addressed in this article is not the use and theft of information, but the creation of botnets, which are usually used not for intrusion but for disruption of services via denial of service attacks. (like the recent attack from china to several austrailian companies)

Security at the price of Freedom, bogus.
J-n
5 / 5 (2) Apr 15, 2010
the problem is that information theft can be far far more damaging than just simple bank and money issues.

Your Illness (HIV) status, Genetic predispositions, your sexual prefrences, When you leave your house vacant, When your kids get dropped off from school and how many blocks from your house that is.

I dont know if i want anyone having that sort of information about me.

kasen
1 / 5 (1) Apr 16, 2010
Who's to say that one might not use the plethora of information available freely in your model to do harm?


Well, then you are theorising that pure evil exists, that there is a pretty big number of people out there whose sole purpose in life is to do harm.

I guess I'm an optimist and prefer to think that all that information would also be in the hands of my friends, family, neighbours and society as a whole and it would help them help me, should I ever be in need, and vice versa. Also, the criminally inclined would be easier to tag and recognise.

But, alas, the whole deal would require that a lot of people evolve beyond their animalistic fears and instincts(territoriality, for one). That's going to take a while, from what I can tell. 1984 didn't help.
Skeptic_Heretic
not rated yet Apr 16, 2010
Good and evil are subjective.

Good to me may be stealing $5000 dollars because now I can feed my family.

It'd be pretty evil to you if it was your $5000.