CS338 Computer Security
Wednesday, 30 March 2022

+ CS 231 vs. CS 338
- We renumbered 231 to 338 starting this term. Same course.
- You'll see 231's in various videos and assignments.

+ Today
- Practicing the "security mindset"
- Getting started with Kali and Wireshark
- [Didn't get here] Ross Anderson reading

+ Practicing the security mindset: AirTag, Tile
- What is the stated purpose of the products?
    List a few standard use cases
    - Find your keys
    - Find your children
    - Find your pets
    - Where you parked your car
    - Shipping a valuable thing
- What software and hardware is involved?
    - Bluetooth
    - All the iOS devices in the world with BT turned on
    - Apps (Tile & AirTag)
    - Encryption? What's being encrypted?
    - Satellites (GPS)
    - Servers that coordinate all this data
- What people are (or could be) involved?
    - Owner of the AirTag/Tile
    - Every iOS device owner
    - Engineers & designers who created the stuff
    - Owners of the servers
    - Support technicians
    - Android owners with app installed
    - People with AirTag/Tile attached (my pet children)
    - People trying to get info about a particular AirTag/Tile
    - FBI, police, etc.
    - Congress????
    - Russian APT groups
    - Interpol, Mossad, etc.
    - Anybody who buys this location data
    - ...
- List a few ways to use them that might
    not be how Apple or Tile intended 
    - Stalk somebody by attaching a device to them
    - Toss your AirTag into the secure area at a concert
        "hey, I dropped my keys in there, can I go get them?"
    - Involuntary drug mules (???)
    - Claim somebody stole your thing
    - Follow NSA/CIA/TSA employee around
    - Lure somebody somewhere by taking their AirTag
    - Blackmail
    - Targeted marketing based on location data
    - ...
    - Hacking opportunities: make all the AirTags chirp
    - Put a ton of AirTags in one place....
- List some questions you would want answers to
- Any other 

+ Running Kali in Olin 310
- https://wiki.carleton.edu/display/carl/CS338%3A++Starting+VMWare+and+virtual+machines+in+Olin310
- Login
- Double-click on start-vms
- Say OK, I Copied It, Go Ahead Steal All My Stuff, and so on.
    Click click click.
- Close Metasploitable for the next few weeks
- Login to Kali (kali, kali)
- Open a terminal
- Open Firefox
- Top left -> Sniffing & Spoofing -> Wireshark
- In Wireshark, type "net 137.22.0.0/16" in green-icon filter box, hit Enter
- In Firefox, go to cs.carleton.edu
- In Wireshark, click Stop button (red square)
- Look around in Wireshark

+ Ross Anderson reading
- Highlights?
- Policy, mechanism, assurance, incentives
- ...