Lecture 13: Program Security (Mar 8th)

Lecture 13 began with a presentation by Joshua about Encrypted Viruses. His presentation covered what encrypted viruses were and how they are used. Essentially, the presentation explained that an encrypted virus is one that the virus code is either encrypted so that it is not easily detected by the system, or is a virus that encrypts files on one’s computer so they cannot be accessed. His presentation shows that encryption can also be used for malicious reasons.

The lecture began with a continuation on the discussion of non-malicious security flaws. Dr. Gunes began by discussing string formatting vulnerabilities and how simple printf() functions, if not used properly can cause serious security issues. In addition, he continued with his explanation of Incomplete Mediate. This is where the programmer doesn’t specify exactly the correct data to be accepted from the user and can therefore allow the program to accept unreasonable values, poorly formatted entries, and allows the system to become susceptible to buffer overflow and malicious code injections. Furthermore, the lecture concluded with a discussion on TOCTTOU errors, otherwise known as “race conditions”. In this circumstance, lets say two processes of a program are using the same data in their code. Well the system will check to see if the first process is allowed to use the data, then lets it, and same for the second process. However if something changes in the time it takes for the system to check if the process is allowed to use the data, then many errors can occur. The lecture finished with an overview of what will be on the mid-term.