Avi Rubin: All your devices can be hacked

43,872 views ・ 2015-07-15

TED


Dobbeltklik venligst på de engelske undertekster nedenfor for at afspille videoen.

00:00
Translator: Joseph Geni Reviewer: Morton Bast
0
0
7000
Translator: Anders Finn Jørgensen Reviewer:
00:12
I'm a computer science professor,
1
12588
3031
Jeg er professor i datalogi,
00:15
and my area of expertise is
2
15619
2313
og er ekspert indenfor
00:17
computer and information security.
3
17932
2199
computer- og informationssikkerhed.
00:20
When I was in graduate school,
4
20131
2320
Da jeg læste på universitet
00:22
I had the opportunity to overhear my grandmother
5
22451
2601
overhørte jeg hvordan min bedstemor
00:25
describing to one of her fellow senior citizens
6
25052
4134
beskrev overfor en af hendes ældre venner
00:29
what I did for a living.
7
29186
2369
hvad jeg arbejde med.
00:31
Apparently, I was in charge of making sure that
8
31555
3562
Tilsyneladende, havde jeg ansvaret for at
00:35
no one stole the computers from the university. (Laughter)
9
35117
3900
ingen stjal computere fra universitetet. (latter)
00:39
And, you know, that's a perfectly reasonable thing
10
39017
2744
Og, som I ved, det er en ganske fornuftig ting
00:41
for her to think, because I told her I was working
11
41761
1920
for hende at tro, fordi jeg havde fortalt hende at jeg
00:43
in computer security,
12
43681
1507
arbejde med computersikkerhed,
00:45
and it was interesting to get her perspective.
13
45188
3597
og det var interessant at se det fra hendes perspektiv.
00:48
But that's not the most ridiculous thing I've ever heard
14
48785
2617
Men det er ikke det mest morsomme jeg har hørt
00:51
anyone say about my work.
15
51402
2017
nogen sige om mit arbejde.
00:53
The most ridiculous thing I ever heard is,
16
53419
2284
Det mest latterlige jeg endnu har hørt var -
00:55
I was at a dinner party, and a woman heard
17
55703
3134
Jeg var til en selskab og en kvinde hørte
00:58
that I work in computer security,
18
58837
1783
at jeg arbejde med computersikkerhed
01:00
and she asked me if -- she said her computer had been
19
60620
3517
og hun spurgte mig -- hun sagde at hendes computer var blevet
01:04
infected by a virus, and she was very concerned that she
20
64137
3436
smittet med en virus, og hun var meget bekymret for
01:07
might get sick from it, that she could get this virus. (Laughter)
21
67573
3951
hun kunne blive syg af den virus. (Latter)
01:11
And I'm not a doctor, but I reassured her
22
71524
2943
Jeg er ikke en læge, men jeg forsikrede hende om
01:14
that it was very, very unlikely that this would happen,
23
74467
3144
at det var meget meget usandsynligt at det ville ske,
01:17
but if she felt more comfortable, she could be free to use
24
77611
2801
men hvis hun følte sig mere sikker kunne hun bruge
01:20
latex gloves when she was on the computer,
25
80412
1848
gummihandsker når hun brugte sin computer
01:22
and there would be no harm whatsoever in that.
26
82260
3392
og der ville ikke være noget farligt i det.
01:25
I'm going to get back to this notion of being able to get
27
85652
2507
Jeg vil vende tilbage til den opfattelse at det er muligt
01:28
a virus from your computer, in a serious way.
28
88159
3508
at få en virus fra sin computer, i en alvorligt sag.
01:31
What I'm going to talk to you about today
29
91667
1640
Hvad jeg vil tale med jer om i dag
01:33
are some hacks, some real world cyberattacks that people
30
93307
4846
er nogle hacks, nogle virkelige cyber-angreb som folk
01:38
in my community, the academic research community,
31
98153
2554
i mit samfund, det videnskabelige forskningssamfund,
01:40
have performed, which I don't think
32
100707
2794
har udført og som jeg ikke tror
01:43
most people know about,
33
103501
1208
at mange mennesker har hørt om.
01:44
and I think they're very interesting and scary,
34
104709
3028
og jeg syntes de er meget interessante og skræmmende
01:47
and this talk is kind of a greatest hits
35
107737
2441
og denne tale er en slags greatest hits
01:50
of the academic security community's hacks.
36
110178
2991
af hacks indenfor det akademiske samfund.
01:53
None of the work is my work. It's all work
37
113169
1987
Intet af dette arbejde er mit arbejde, det er alt sammen
01:55
that my colleagues have done, and I actually asked them
38
115156
2174
udført af mine kollegaer og jeg har bedt dem
01:57
for their slides and incorporated them into this talk.
39
117330
2557
om nogen af deres slides og lagt dem ind i denne tale.
01:59
So the first one I'm going to talk about
40
119887
1742
Så, det første jeg vil tale om
02:01
are implanted medical devices.
41
121629
2674
er indopererede medicotekniske apparater.
02:04
Now medical devices have come a long way technologically.
42
124303
3040
Nu er medicotekniske apparater kommet langt teknologisk.
02:07
You can see in 1926 the first pacemaker was invented.
43
127343
3856
Dette er den første opfindelse af en pacemaker fra 1926.
02:11
1960, the first internal pacemaker was implanted,
44
131199
3552
i 1960 den første indre pacemaker var indopereret,
02:14
hopefully a little smaller than that one that you see there,
45
134751
2552
forhåbentligt en smule mindre end den I ser her,
02:17
and the technology has continued to move forward.
46
137303
2968
og teknologien har forsat bevæget sig fremad
02:20
In 2006, we hit an important milestone from the perspective
47
140271
4633
I 2006, ramte vi en vigtig milesten set ud fra
02:24
of computer security.
48
144904
3167
computersikkerhed.
02:28
And why do I say that?
49
148071
1341
Og hvorfor siger jeg dette?
02:29
Because that's when implanted devices inside of people
50
149412
2890
Fordi det var dengang man begyndte at indoperere
02:32
started to have networking capabilities.
51
152302
2745
apparater med netværksadgang.
02:35
One thing that brings us close to home is we look
52
155047
1880
En ting som er bekendt vi kan kigge
02:36
at Dick Cheney's device, he had a device that
53
156927
2705
på er Dick Cheney's apparat, han har et apparat
02:39
pumped blood from an aorta to another part of the heart,
54
159632
3869
som pumper blod fra aorta til en anden del af hjertet,
02:43
and as you can see at the bottom there,
55
163501
1183
og som I kan se nede i bunden her
02:44
it was controlled by a computer controller,
56
164684
3009
var det kontrolleret af en computer
02:47
and if you ever thought that software liability
57
167693
2517
og hvis I nogensinde har tænkt at software troværdighed
02:50
was very important, get one of these inside of you.
58
170210
3589
var meget vigtigt, så prøv at få en af disse ind i dig.
02:53
Now what a research team did was they got their hands
59
173799
3695
Hvad et forskningshold gjorde var at de fik fat på
02:57
on what's called an ICD.
60
177494
1420
hvad der kaldes en ICD.
02:58
This is a defibrillator, and this is a device
61
178914
2070
Det er en defibrillator, og det er et apparat
03:00
that goes into a person to control their heart rhythm,
62
180984
4336
som placeres inde i personer for at kontrollere deres hjerterytme
03:05
and these have saved many lives.
63
185320
2338
og disse har reddet mange liv.
03:07
Well, in order to not have to open up the person
64
187658
2472
Okay, for ikke at åbne op ind i personen
03:10
every time you want to reprogram their device
65
190130
2194
hver gang vi ønsker at reprogrammere apparatet
03:12
or do some diagnostics on it, they made the thing be able
66
192324
2455
eller lave noget diagnostik, de har gjort dimsen i stand til
03:14
to communicate wirelessly, and what this research team did
67
194779
3102
at kommunikere trådløst, og hvad dette forskningsteam gjorde
03:17
is they reverse engineered the wireless protocol,
68
197881
2610
var at reverse engineere den trådløse protokol
03:20
and they built the device you see pictured here,
69
200491
1872
og bygge dette apparat I ser her,
03:22
with a little antenna, that could talk the protocol
70
202363
2760
med en lille antenne, som kunne tale med
03:25
to the device, and thus control it.
71
205123
4475
apparatet og derved kontrollere det.
03:29
In order to make their experience real -- they were unable
72
209598
2689
For at gøre deres eksperiment naturtro -- de kunne ikke
03:32
to find any volunteers, and so they went
73
212287
2472
nogen frivillige, så de tog noget
03:34
and they got some ground beef and some bacon
74
214759
2144
kød og noget bacon
03:36
and they wrapped it all up to about the size
75
216903
1788
og om bandt det sammen
03:38
of a human being's area where the device would go,
76
218691
2798
så det svarede til en menneskekrop
03:41
and they stuck the device inside it
77
221489
1454
og de placerede apparatet inde i det
03:42
to perform their experiment somewhat realistically.
78
222943
3132
for at udføre deres eksperiment nogenlunde realistisk.
03:46
They launched many, many successful attacks.
79
226075
3020
De gennemførte mange succesfulde angreb.
03:49
One that I'll highlight here is changing the patient's name.
80
229095
3056
En som jeg vil fremhæve her er at ændre patientens navn.
03:52
I don't know why you would want to do that,
81
232151
993
Jeg ved ikke hvorfor du skulle ønske at gøre det,
03:53
but I sure wouldn't want that done to me.
82
233144
2104
men jeg er sikker på at jeg ikke ønskede at det skete for mig.
03:55
And they were able to change therapies,
83
235248
2331
Og de kunne ændre på behandlinger,
03:57
including disabling the device -- and this is with a real,
84
237579
2495
herunder at slå apparatet fra -- og dette med ægte,
04:00
commercial, off-the-shelf device --
85
240074
1896
kommercielle, apparater i handlen --
04:01
simply by performing reverse engineering and sending
86
241970
2046
kun ved at lave reverse engineering og sende
04:04
wireless signals to it.
87
244016
2989
trådløse signaler til det.
04:07
There was a piece on NPR that some of these ICDs
88
247005
3580
Der var en udsendelse på NPR, at nogle af disse ICD'er
04:10
could actually have their performance disrupted
89
250585
2422
kan få deres funktion forstyrret
04:13
simply by holding a pair of headphones onto them.
90
253007
3651
ved bare at holde et par hovedtelefoner hen til dem.
04:16
Now, wireless and the Internet
91
256658
1409
Okay, trådløst netværk og internettet
04:18
can improve health care greatly.
92
258067
1652
kan forbedre sundhedspleje enormt.
04:19
There's several examples up on the screen
93
259719
2087
Der er adskillelige eksempler på skærmen
04:21
of situations where doctors are looking to implant devices
94
261806
3107
med situationer hvor læger kan kigge på implanterede apparater
04:24
inside of people, and all of these devices now,
95
264913
2865
inde i folk, og alle disse apparater kan som
04:27
it's standard that they communicate wirelessly,
96
267778
3125
standard kommunikere trådløst,
04:30
and I think this is great,
97
270903
1412
og jeg syntes det er fantastisk,
04:32
but without a full understanding of trustworthy computing,
98
272315
3105
men uden fuld forståelse for sikre computere,
04:35
and without understanding what attackers can do
99
275420
2407
og uden forståelse for hvad hackere kan gøre
04:37
and the security risks from the beginning,
100
277827
2147
og sikkerhedsrisici fra begyndelsen,
04:39
there's a lot of danger in this.
101
279974
2390
så er der mange farer ved det.
04:42
Okay, let me shift gears and show you another target.
102
282364
1477
Okay, lad mig skifte gear og vise jer et andet mål.
04:43
I'm going to show you a few different targets like this,
103
283841
2088
Jeg vil vise jer nogle andre typer mål som dette,
04:45
and that's my talk. So we'll look at automobiles.
104
285929
2917
og det er min tale. Så vi vil kigge på biler.
04:48
This is a car, and it has a lot of components,
105
288846
2896
Dette er en bil og den har en masse komponenter,
04:51
a lot of electronics in it today.
106
291742
1620
en masse elektronik i den i dag.
04:53
In fact, it's got many, many different computers inside of it,
107
293362
4377
Faktisk indeholder den en masse computere,
04:57
more Pentiums than my lab did when I was in college,
108
297739
3155
flere pentiumer end mit laboratorium havde da jeg gik i college,
05:00
and they're connected by a wired network.
109
300894
3639
og de er forbundne med et kablet netværk.
05:04
There's also a wireless network in the car,
110
304533
3431
Der er også et trådløst netværk i bilen,
05:07
which can be reached from many different ways.
111
307964
3233
som man kan tilgå på en række forskellige måder.
05:11
So there's Bluetooth, there's the FM and XM radio,
112
311197
3701
Der er Bluetooth, der er FM og der er XM radio,
05:14
there's actually wi-fi, there's sensors in the wheels
113
314898
2820
der er faktisk Wifi, der er sensorer i hjulene
05:17
that wirelessly communicate the tire pressure
114
317718
2153
som trådløst kan kommunikere dæktrykket
05:19
to a controller on board.
115
319871
1806
til et kontrolpanel.
05:21
The modern car is a sophisticated multi-computer device.
116
321677
4918
Den moderne bil er et sofistikeret multicomputerapparat.
05:26
And what happens if somebody wanted to attack this?
117
326595
3322
Og hvad sker der hvis nogen prøver at angribe det?
05:29
Well, that's what the researchers
118
329917
1317
Well, det var hvad forskerne gjorde.
05:31
that I'm going to talk about today did.
119
331234
1871
det vil jeg fortælle om i dag.
05:33
They basically stuck an attacker on the wired network
120
333105
2977
Basalt set koblede en angriber sig på netværket både det kablede
05:36
and on the wireless network.
121
336082
2322
og det trådløse netværk.
05:38
Now, they have two areas they can attack.
122
338404
2699
Så, de havde to områder hvor de kunne angribe.
05:41
One is short-range wireless, where you can actually
123
341103
2038
Et var det kortrækkende trådløse, hvor du faktisk kan kommunikere
05:43
communicate with the device from nearby,
124
343141
1781
med apparatet på tæt hold,
05:44
either through Bluetooth or wi-fi,
125
344922
2137
enten gennem Bluetooth eller wi-fi,
05:47
and the other is long-range, where you can communicate
126
347059
2174
og det andet var langtrækkende hvor du kan kommunikere
05:49
with the car through the cellular network,
127
349233
1782
med bilen vha. mobilnettet,
05:51
or through one of the radio stations.
128
351015
1960
eller gennem en af radiostationerne.
05:52
Think about it. When a car receives a radio signal,
129
352975
3049
Tænk på det. Når bilen modtager et radiosignal,
05:56
it's processed by software.
130
356024
2201
bliver det behandlet af software.
05:58
That software has to receive and decode the radio signal,
131
358225
3061
Denne software skal modtage og afkode radiosignalet,
06:01
and then figure out what to do with it,
132
361286
1119
for derefter at beslutte hvad den skal gøre med det,
06:02
even if it's just music that it needs to play on the radio,
133
362405
3024
selvom det bare er musik der skal spilles i radioen,
06:05
and that software that does that decoding,
134
365429
2268
og den software som udfører afkodningen,
06:07
if it has any bugs in it, could create a vulnerability
135
367697
3093
hvis der er en fejl i den, kan føre til en sårbarhed der kan
06:10
for somebody to hack the car.
136
370790
3035
udnyttes af nogen til at hacke bilen.
06:13
The way that the researchers did this work is,
137
373825
2952
Måden forskerne gjorde dette var at
06:16
they read the software in the computer chips
138
376777
4223
de læste softwaren i de computerchips
06:21
that were in the car, and then they used sophisticated
139
381000
3193
der var i bilen og de brugte sofistikerede
06:24
reverse engineering tools
140
384193
1414
reverse engineering værktøjer
06:25
to figure out what that software did,
141
385607
2055
for at finde ud af hvordan softwaren fungerede,
06:27
and then they found vulnerabilities in that software,
142
387662
3041
og de fandt sårbarheder i denne software,
06:30
and then they built exploits to exploit those.
143
390703
3346
og de byggede exploits for at udnytte disse.
06:34
They actually carried out their attack in real life.
144
394049
2382
De udførte faktisk deres angreb i virkeligheden.
06:36
They bought two cars, and I guess
145
396431
1350
De købte to biler, og jeg tror
06:37
they have better budgets than I do.
146
397781
2918
de har bedre budgetter end jeg.
06:40
The first threat model was to see what someone could do
147
400699
2590
Den første trusselsmodel var at se om hvad en angriber kunne gøre
06:43
if an attacker actually got access
148
403289
2144
hvis han faktisk fik adgang
06:45
to the internal network on the car.
149
405433
2053
til bilens interne netværk.
06:47
Okay, so think of that as, someone gets to go to your car,
150
407486
2603
Okay, forstil dig at nogle kommer hen til din bil,
06:50
they get to mess around with it, and then they leave,
151
410089
2904
de piler ved den og går igen,
06:52
and now, what kind of trouble are you in?
152
412993
2368
og hvilke problemer er du så i?
06:55
The other threat model is that they contact you
153
415361
2792
Den anden trusselsmodel er at de kontakter dig
06:58
in real time over one of the wireless networks
154
418153
2457
direkte over et trådløse netværk
07:00
like the cellular, or something like that,
155
420610
2055
f.eks. mobilnettet eller noget tilsvarende,
07:02
never having actually gotten physical access to your car.
156
422665
4000
og faktisk aldrig har haft fysisk adgang til bilen.
07:06
This is what their setup looks like for the first model,
157
426665
2824
Dette er hvordan deres setup så ud i den første model,
07:09
where you get to have access to the car.
158
429489
1683
hvor de har adgang til bilen.
07:11
They put a laptop, and they connected to the diagnostic unit
159
431172
3387
De tog en laptop og forbandt den til vedligeholdelsesenheden
07:14
on the in-car network, and they did all kinds of silly things,
160
434559
2939
i bilene netværk, og de gjorde en masse underlige ting,
07:17
like here's a picture of the speedometer
161
437498
2783
som her et billede af speedometeret
07:20
showing 140 miles an hour when the car's in park.
162
440281
2816
som viser 225 km/t mens bilen står parkeret.
07:23
Once you have control of the car's computers,
163
443097
2373
Ligeså snart du har kontrol over bilens computere,
07:25
you can do anything.
164
445470
919
kan du gøre hvad som helst.
07:26
Now you might say, "Okay, that's silly."
165
446389
1616
Nu kan du sige at det er underligt
07:28
Well, what if you make the car always say
166
448005
1659
Men, hvad hvis du fik speedometeret til altid at sige
07:29
it's going 20 miles an hour slower than it's actually going?
167
449664
2741
at farten er 30 km/t langsommere end den faktisk er?
07:32
You might produce a lot of speeding tickets.
168
452405
2542
Du vil modtage en masse fartbøder.
07:34
Then they went out to an abandoned airstrip with two cars,
169
454947
3856
Så tog de til en nedlagt lufthavn med to biler,
07:38
the target victim car and the chase car,
170
458803
2745
bilen der var mål og en forfølger,
07:41
and they launched a bunch of other attacks.
171
461548
2746
og de udførte en række andre angreb.
07:44
One of the things they were able to do from the chase car
172
464294
2766
En ting de var istand til fra forfølgerbilen
07:47
is apply the brakes on the other car,
173
467060
1974
var at styre bremserne i den anden bil,
07:49
simply by hacking the computer.
174
469034
1560
ved at hacke dens computer.
07:50
They were able to disable the brakes.
175
470594
2431
De var istand til at slå bremserne fra.
07:53
They also were able to install malware that wouldn't kick in
176
473025
3178
De var også istand til at installere malware som ikke
07:56
and wouldn't trigger until the car was doing something like
177
476203
2425
ville udføre noget før bilen gjorde noget som at
07:58
going over 20 miles an hour, or something like that.
178
478628
3746
køre over 30 km/t eller noget tilsvarende.
08:02
The results are astonishing, and when they gave this talk,
179
482374
2758
Resultaterne var forbløffende og da de præsenterede dem,
08:05
even though they gave this talk at a conference
180
485132
1716
selvom de gjorde det til en konference
08:06
to a bunch of computer security researchers,
181
486848
1726
til en samling computersikkerhedsforskere,
08:08
everybody was gasping.
182
488574
1700
gispede alle.
08:10
They were able to take over a bunch of critical computers
183
490274
3699
De var istand til at overtage en håndfuld kritiske computere
08:13
inside the car: the brakes computer, the lighting computer,
184
493973
3761
inde i bilen: Bremsernes computer, lysenes computer,
08:17
the engine, the dash, the radio, etc.,
185
497734
2827
motoren, instrumentbrættet, radioen, osv.,
08:20
and they were able to perform these on real commercial
186
500561
2293
og de var istand til at gøre det med en rigtig bil
08:22
cars that they purchased using the radio network.
187
502854
3027
som de overtog ved at bruge radioen.
08:25
They were able to compromise every single one of the
188
505881
3003
De var istand til at bryde ind i hver enkelt
08:28
pieces of software that controlled every single one
189
508884
2466
stykke software som kontrollerede hver enkelt
08:31
of the wireless capabilities of the car.
190
511350
3015
af de trådløse muligheder i bilen.
08:34
All of these were implemented successfully.
191
514365
2513
Alt dette var succesfuldt udført.
08:36
How would you steal a car in this model?
192
516878
2352
Hvordan vil du stjæle en bil af denne model?
08:39
Well, you compromise the car by a buffer overflow
193
519230
3680
Well, du angriber med en buffer overflow
08:42
of vulnerability in the software, something like that.
194
522910
2527
sårbarhed i softwaren eller tilsvarende.
08:45
You use the GPS in the car to locate it.
195
525437
2203
Du bruger GPS'en til at finde den.
08:47
You remotely unlock the doors through the computer
196
527640
2195
Du åbner døren ved at fjernbetjene dem gennem computeren
08:49
that controls that, start the engine, bypass anti-theft,
197
529835
3138
som kontrollere dem, starter motoren og forbigår tyverikontrollen
08:52
and you've got yourself a car.
198
532973
1668
og du har fået dig en bil.
08:54
Surveillance was really interesting.
199
534641
2487
Overvågning er virkeligt interessant.
08:57
The authors of the study have a video where they show
200
537128
3209
Forfatterne til studiet viste en video hvor
09:00
themselves taking over a car and then turning on
201
540337
2549
havde taget kontrol over bilen og tændt for
09:02
the microphone in the car, and listening in on the car
202
542886
2761
mikrofonen i bilen og lyttede til hvad de blev sagt
09:05
while tracking it via GPS on a map,
203
545647
3351
samtidigt med at bilen blev fulgt vha GPS på et kort,
09:08
and so that's something that the drivers of the car
204
548998
1713
og det kunne sket uden at bilens fører
09:10
would never know was happening.
205
550711
2168
fandt ud af det skete.
09:12
Am I scaring you yet?
206
552879
2134
Har jeg fået skræmt jer?
09:15
I've got a few more of these interesting ones.
207
555013
1943
Jeg har nogle flere spændende eksempler.
09:16
These are ones where I went to a conference,
208
556956
1833
Der er en fra en konference jeg deltog i,
09:18
and my mind was just blown, and I said,
209
558789
1933
og min hjerne bare skreg og jeg sagde,
09:20
"I have to share this with other people."
210
560722
1826
"Jeg må fortælle andre om dette"
09:22
This was Fabian Monrose's lab
211
562548
1623
Dette er fra Fabian Monrose's lab
09:24
at the University of North Carolina, and what they did was
212
564171
3456
på University of North Carolina, og hvad de gjorde var
09:27
something intuitive once you see it,
213
567627
2075
noget meget intuitiv når I har set det
09:29
but kind of surprising.
214
569702
1714
men noget overraskende.
09:31
They videotaped people on a bus,
215
571416
2259
De videofilmede folk i en bus,
09:33
and then they post-processed the video.
216
573675
2840
og de efterbehandlede videoen.
09:36
What you see here in number one is a
217
576515
2463
Hvad I ser her er de numre der
09:38
reflection in somebody's glasses of the smartphone
218
578978
4383
reflekteres i ens briller fra en smartphone
09:43
that they're typing in.
219
583361
1425
som de taster ind.
09:44
They wrote software to stabilize --
220
584786
1975
De skrev noget software til at stabilisere --
09:46
even though they were on a bus
221
586761
1365
og selvom de var med en bus
09:48
and maybe someone's holding their phone at an angle --
222
588126
3211
og at nogle hold deres telefon i en vinkel --
09:51
to stabilize the phone, process it, and
223
591337
2370
til at stabilisere telefonen, behandle det
09:53
you may know on your smartphone, when you type
224
593707
1885
og som I ved på jeres smartphone, når i taster
09:55
a password, the keys pop out a little bit, and they were able
225
595592
2939
et password, talene vises et kort sekund, og de var i stand
09:58
to use that to reconstruct what the person was typing,
226
598531
2840
til at bruge dette til at rekonstruere hvad personen tastede,
10:01
and had a language model for detecting typing.
227
601371
4321
og havde en sprogmodel til at opfatte indtastningen.
10:05
What was interesting is, by videotaping on a bus,
228
605692
2335
Det interessante er at ved at videofilme i en bus
10:08
they were able to produce exactly what people
229
608027
2129
er man i stand til at reproducere præcist hvad folk
10:10
on their smartphones were typing,
230
610156
2151
skrev på deres smartphones,
10:12
and then they had a surprising result, which is that
231
612307
2260
og deres overraskende resultat, som er at
10:14
their software had not only done it for their target,
232
614567
2764
deres software ikke kun angreb deres mål,
10:17
but other people who accidentally happened
233
617331
1403
men også andre folk som tilfældigvis
10:18
to be in the picture, they were able to produce
234
618734
2086
var i billedet, de kunne genskabe
10:20
what those people had been typing, and that was kind of
235
620820
2727
hvad disse folk havde tastet, og det var en slags
10:23
an accidental artifact of what their software was doing.
236
623547
3617
tilfældig egenskab ved hvad deres software gjorde.
10:27
I'll show you two more. One is P25 radios.
237
627164
4303
Jeg vil vise jer to eksempler mere. Den første er P25 radioer.
10:31
P25 radios are used by law enforcement
238
631467
2800
P25 radioer bruges af politiet
10:34
and all kinds of government agencies
239
634267
3407
og en række statslige tjenester
10:37
and people in combat to communicate,
240
637674
1736
og soldater til at kommunikere,
10:39
and there's an encryption option on these phones.
241
639410
2833
og der er en krypteringsmulighed på disse telefoner.
10:42
This is what the phone looks like. It's not really a phone.
242
642243
2728
Her kan I se hvordan telefonen ser ud. Det er ikke en rigtig telefon.
10:44
It's more of a two-way radio.
243
644971
1206
Det er mere en tovejs radio.
10:46
Motorola makes the most widely used one, and you can see
244
646177
3322
Motorola laver den mest udbredte, og som I kan se
10:49
that they're used by Secret Service, they're used in combat,
245
649499
2649
er de brugt af Secret Service, de er brugt i kamp,
10:52
it's a very, very common standard in the U.S. and elsewhere.
246
652148
3102
det er en meget, meget udbredt standard i USA og andre steder.
10:55
So one question the researchers asked themselves is,
247
655250
2305
Så en af de ting forskerne spurgte sig selv om var:
10:57
could you block this thing, right?
248
657555
2704
Kan man blokere sådan en ting?
11:00
Could you run a denial-of-service,
249
660259
1583
Kan man udføre et denial-of-service angreb,
11:01
because these are first responders?
250
661842
1824
fordi den bruges på stedet?
11:03
So, would a terrorist organization want to black out the
251
663666
1801
Så, kunne en terroristorganisation forsøge at mørkelægge
11:05
ability of police and fire to communicate at an emergency?
252
665467
4488
muligheden for at politi og brandvæsen kan kommunikere i en ulykke?
11:09
They found that there's this GirlTech device used for texting
253
669955
3072
De fandt denne GirlTech dims brugt til SMS
11:13
that happens to operate at the same exact frequency
254
673027
2718
som viste sig at bruge de eksakt samme frekvenser
11:15
as the P25, and they built what they called
255
675745
2271
som P25'eren, og de byggede hvad de kaldte
11:18
My First Jammer. (Laughter)
256
678016
4334
"Min første Jammer". (Latter)
11:22
If you look closely at this device,
257
682350
2378
Hvis du kigger grundigt på apparatet,
11:24
it's got a switch for encryption or cleartext.
258
684728
3630
har det en vælger for kryptering eller klartekst.
11:28
Let me advance the slide, and now I'll go back.
259
688358
3050
Lad mig skifte slide og nu gå tilbage.
11:31
You see the difference?
260
691408
2547
Kan I se forskellen?
11:33
This is plain text. This is encrypted.
261
693955
2557
Dette er klartekst. Dette er krypteret.
11:36
There's one little dot that shows up on the screen,
262
696512
2557
Der er en lille prik som bliver vist på skærmen,
11:39
and one little tiny turn of the switch.
263
699069
2085
og et lille drej på kontakten.
11:41
And so the researchers asked themselves, "I wonder how
264
701154
1904
Og forskerne spurgte dem selv; "Gad vide hvor
11:43
many times very secure, important, sensitive conversations
265
703058
4257
mange gange meget hemmelige, vigtige og følsomme samtaler
11:47
are happening on these two-way radios where they forget
266
707315
1623
foregår med disse tovejsradioer, hvor de har glemt
11:48
to encrypt and they don't notice that they didn't encrypt?"
267
708938
2910
at kryptere og de ikke har opdaget at de ikke kryptere?"
11:51
So they bought a scanner. These are perfectly legal
268
711848
3339
Så de købte en skanner, hvilket er fuldstændigt lovligt
11:55
and they run at the frequency of the P25,
269
715187
3458
og kørte den på samme de frekvenser som P25,
11:58
and what they did is they hopped around frequencies
270
718645
1767
og hvad de gjorde var at hoppe rundt mellem disse frekvenser
12:00
and they wrote software to listen in.
271
720412
2510
og de skrev software for at lytte til med.
12:02
If they found encrypted communication, they stayed
272
722922
2634
Hvis de fandt krypteret kommunikation, de blev
12:05
on that channel and they wrote down, that's a channel
273
725556
1686
på kanalen og noterede at på den kanal
12:07
that these people communicate in,
274
727242
1788
var de folk som brugte den
12:09
these law enforcement agencies,
275
729030
1622
politiet
12:10
and they went to 20 metropolitan areas and listened in
276
730652
3391
og de var i 20 storbyområder og lyttede med
12:14
on conversations that were happening at those frequencies.
277
734043
3475
på de samtaler som foregik på disse frekvenser.
12:17
They found that in every metropolitan area,
278
737518
3239
De fandt at i hvert storbyområde,
12:20
they would capture over 20 minutes a day
279
740757
2154
kunne de opfange over 20 minutters daglig
12:22
of cleartext communication.
280
742911
2375
ukrypteret kommunikation.
12:25
And what kind of things were people talking about?
281
745286
2000
Og hvad var det for ting folk talte om?
12:27
Well, they found the names and information
282
747286
1484
Well, de fandt navne og information om
12:28
about confidential informants. They found information
283
748770
2852
om hemmelige meddelere. De fandt information
12:31
that was being recorded in wiretaps,
284
751622
2202
som var blevet optaget af aflytningsudstyr,
12:33
a bunch of crimes that were being discussed,
285
753824
2710
en flok kriminelle der diskuterede,
12:36
sensitive information.
286
756534
1162
følsomme oplysninger.
12:37
It was mostly law enforcement and criminal.
287
757696
3363
Det var mest politi og kriminelle.
12:41
They went and reported this to the law enforcement
288
761059
1834
De rapporterede det til politiet
12:42
agencies, after anonymizing it,
289
762893
2023
efter at have anonymiseret det,
12:44
and the vulnerability here is simply the user interface
290
764916
3000
og sårbarheden her er simpelthen at brugergrænsefladen
12:47
wasn't good enough. If you're talking
291
767916
1394
ikke er god nok. Hvis du taler om noget
12:49
about something really secure and sensitive, it should
292
769310
2816
som er virkeligt hemmeligt og følsomt, så skal det være helt klart
12:52
be really clear to you that this conversation is encrypted.
293
772126
3293
for dig at samtalen er krypteret.
12:55
That one's pretty easy to fix.
294
775419
1886
Den er forholdsvis enkelt af ordne.
12:57
The last one I thought was really, really cool,
295
777305
1669
Den sidste er rigtig, rigtig cool,
12:58
and I just had to show it to you, it's probably not something
296
778974
2813
og jeg vil vise den til jer, det er ikke noget
13:01
that you're going to lose sleep over
297
781787
1005
der vil holde jer søvnløse om natten
13:02
like the cars or the defibrillators,
298
782792
1791
som bilerne eller defibrillatorene,
13:04
but it's stealing keystrokes.
299
784583
3023
men det er at stjæle tastetryk.
13:07
Now, we've all looked at smartphones upside down.
300
787606
2747
Vi kender smartphones oppefra og ned.
13:10
Every security expert wants to hack a smartphone,
301
790353
2190
Hver eneste sikkerhedsekspert ønsker at hacke en smartphone,
13:12
and we tend to look at the USB port, the GPS for tracking,
302
792543
4612
og vi kiggede på USB porten, GPS'en for tracking,
13:17
the camera, the microphone, but no one up till this point
303
797155
3208
kameraet, mikrofonen, men ingen har hidtil
13:20
had looked at the accelerometer.
304
800363
1580
kigget på accelerometerne.
13:21
The accelerometer is the thing that determines
305
801943
1647
Et accelerometer er den ting som måler den
13:23
the vertical orientation of the smartphone.
306
803590
3494
den lodrette orientering af smartphonen.
13:27
And so they had a simple setup.
307
807084
1417
De havde et simpelt setup.
13:28
They put a smartphone next to a keyboard,
308
808501
2758
De placerede en smartphone ved siden af keyboardet,
13:31
and they had people type, and then their goal was
309
811259
2712
og de havde folk til at taste og deres mål var
13:33
to use the vibrations that were created by typing
310
813971
2856
at bruge vibrationerne som var skabt ved at taste
13:36
to measure the change in the accelerometer reading
311
816827
4240
til at måle ændringer i accelerometeret
13:41
to determine what the person had been typing.
312
821067
3176
for at bestemme hvad person skrev.
13:44
Now, when they tried this on an iPhone 3GS,
313
824243
2576
Da de prøvede det med en iPhone 3GS,
13:46
this is a graph of the perturbations that were created
314
826819
2769
er dette en graf over rystelserne som blev skabt
13:49
by the typing, and you can see that it's very difficult
315
829588
3241
af tastningerne. Og som I kan se er det meget vanskeligt
13:52
to tell when somebody was typing or what they were typing,
316
832829
3078
at afgøre om nogen taster eller hvad de taster,
13:55
but the iPhone 4 greatly improved the accelerometer,
317
835907
3090
men iPhone 4 har et meget forbedret accelerometer,
13:58
and so the same measurement
318
838997
3480
og den samme måling
14:02
produced this graph.
319
842477
1832
skabte denne graf.
14:04
Now that gave you a lot of information while someone
320
844309
2486
Dette gav dem en masse information mens nogen
14:06
was typing, and what they did then is used advanced
321
846795
3241
tastede, og hvad de gjorde var at anvende en avanceret
14:10
artificial intelligence techniques called machine learning
322
850036
3007
kunstig intelligensteknik kaldet maskinlæring
14:13
to have a training phase,
323
853043
1431
til at have en træningsfase,
14:14
and so they got most likely grad students
324
854474
2236
hvor de havde en masse studerende
14:16
to type in a whole lot of things, and to learn,
325
856710
3789
til at taste en masse ind, og de satte
14:20
to have the system use the machine learning tools that
326
860499
2768
systemet til at bruge dette maskinlæringsværktøj
14:23
were available to learn what it is that the people were typing
327
863267
2863
som var istand til at lære hvad folkene tastede,
14:26
and to match that up
328
866130
2827
og de sammenlignede dette med
14:28
with the measurements in the accelerometer.
329
868957
2477
målingerne fra accelerometeret.
14:31
And then there's the attack phase, where you get
330
871434
1635
Og der er en angrebsfase, hvor du får nogen
14:33
somebody to type something in, you don't know what it was,
331
873069
2811
til at taste noget ind, som du ikke ved hvad er,
14:35
but you use your model that you created
332
875880
1297
men du bruger den model du har skabt
14:37
in the training phase to figure out what they were typing.
333
877177
3442
i træningsfasen til at regne ud hvad de taster.
14:40
They had pretty good success. This is an article from the USA Today.
334
880619
3484
De havde temmelig god succes. Dette er en artikel fra USA Today.
14:44
They typed in, "The Illinois Supreme Court has ruled
335
884103
2609
De tastede følgende: "The Illinois Supreme Court has ruled
14:46
that Rahm Emanuel is eligible to run for Mayor of Chicago"
336
886712
2962
that Rahm Emanuel is eligible to run for Mayor of Chicago"
14:49
— see, I tied it in to the last talk —
337
889674
1354
— se, jeg forbinder den med den forrige taler —
14:51
"and ordered him to stay on the ballot."
338
891028
2118
"and ordered him to stay on the ballot."
14:53
Now, the system is interesting, because it produced
339
893146
2771
Se! systemet er interessant, fordi det producerede
14:55
"Illinois Supreme" and then it wasn't sure.
340
895917
2886
"Illinois Supreme" og så var det usikkert.
14:58
The model produced a bunch of options,
341
898803
1950
Modellen producerede en række muligheder,
15:00
and this is the beauty of some of the A.I. techniques,
342
900753
2709
og skønheden ved mange kunstig intelligensteknikker,
15:03
is that computers are good at some things,
343
903462
2250
er at computere er gode til nogle ting,
15:05
humans are good at other things,
344
905712
1534
mennesker er gode til andre.
15:07
take the best of both and let the humans solve this one.
345
907246
1931
Tag det bedste fra begge og lad mennesker løse denne.
15:09
Don't waste computer cycles.
346
909177
1382
Spil ikke compterkraft på det.
15:10
A human's not going to think it's the Supreme might.
347
910559
2136
Et menneske vil ikke tænke at det er "Supreme might".
15:12
It's the Supreme Court, right?
348
912695
1740
Det er "Supreme Court", ikke sandt?
15:14
And so, together we're able to reproduce typing
349
914435
2530
og videre, vi er istand til at rekonstruere hvad der blev tastet
15:16
simply by measuring the accelerometer.
350
916965
2949
simpelthen ved at måle med accelerometeret.
15:19
Why does this matter? Well, in the Android platform,
351
919914
3502
Hvorfor er dette vigtigt? Fordi, på Android platformen,
15:23
for example, the developers have a manifest
352
923416
4133
for eksempel, har udviklerne et manifest
15:27
where every device on there, the microphone, etc.,
353
927564
2584
hvor hvert apparat der, mikrofonen, osv,
15:30
has to register if you're going to use it
354
930148
1956
skal vi at at du er i gang med at bruge det
15:32
so that hackers can't take over it,
355
932104
2316
så hackere ikke kan overtage det,
15:34
but nobody controls the accelerometer.
356
934420
3108
men ingen kontrollerer accelerometeret.
15:37
So what's the point? You can leave your iPhone next to
357
937528
2216
Så hvad er pointen? Du kan lægge din iPhone ved siden af
15:39
someone's keyboard, and just leave the room,
358
939744
2106
en eller andens keyboard og forlade rummet
15:41
and then later recover what they did,
359
941850
1639
og senere genskabe hvad de gjorde,
15:43
even without using the microphone.
360
943489
1711
endda uden at bruge mikrofonen.
15:45
If someone is able to put malware on your iPhone,
361
945200
2174
Hvis nogen kan installere malware på din iPhone,
15:47
they could then maybe get the typing that you do
362
947374
2848
kunne de muligvis se hvad du skriver
15:50
whenever you put your iPhone next to your keyboard.
363
950222
2321
hver gang du lægger din iPhone ved siden af dit keyboard.
15:52
There's several other notable attacks that unfortunately
364
952543
2271
Der er flere andre nævneværdige angreb som jeg desværre
15:54
I don't have time to go into, but the one that I wanted
365
954814
2131
ikke har tid til at komme ind på, men en som jeg ønsker at
15:56
to point out was a group from the University of Michigan
366
956945
2277
fremhæve er lavet af en gruppe fra University of Michigan
15:59
which was able to take voting machines,
367
959222
2441
som var istand til at tage en stemmemaskine,
16:01
the Sequoia AVC Edge DREs that
368
961663
2498
Sequoia AVC Edge DRE, som skal
16:04
were going to be used in New Jersey in the election
369
964161
1555
bruges i New Jersey til afstemningen
16:05
that were left in a hallway, and put Pac-Man on it.
370
965716
2161
som var efterladt i en gang, og installerede Pac-Man på den.
16:07
So they ran the Pac-Man game.
371
967877
3623
Hvorefter de spillede Pac-Man.
16:11
What does this all mean?
372
971500
1747
Hvad betyder alt dette?
16:13
Well, I think that society tends to adopt technology
373
973247
3647
Well, jeg tror at samfundet har en tendens til at tage teknologien til sig
16:16
really quickly. I love the next coolest gadget.
374
976894
2824
meget hurtigt. Jeg elsker de nyeste cool gadgets.
16:19
But it's very important, and these researchers are showing,
375
979718
2614
Men det er meget vigtigt, og disse forskere viser
16:22
that the developers of these things
376
982332
1360
at udviklerne af disse ting
16:23
need to take security into account from the very beginning,
377
983692
2865
skal tænke sikkerhed ind fra begyndelsen,
16:26
and need to realize that they may have a threat model,
378
986557
2785
og de må indse at de skal have en trusselsmodel,
16:29
but the attackers may not be nice enough
379
989342
2462
og at angriberne næppe er så venlige
16:31
to limit themselves to that threat model,
380
991804
1777
til at begrænse sig til den trusselsmodel,
16:33
and so you need to think outside of the box.
381
993581
2537
og at at man skal kunne tænke ud af boksen.
16:36
What we can do is be aware
382
996118
1578
Hvad vi kan gøre er at være opmærksomme på
16:37
that devices can be compromised,
383
997696
2479
at apparater kan blive kompromitteret,
16:40
and anything that has software in it
384
1000175
1699
og at alt hvad der har software i sig
16:41
is going to be vulnerable. It's going to have bugs.
385
1001874
2649
vil være sårbart. Det vil have fejl.
16:44
Thank you very much. (Applause)
386
1004523
3497
Mange tak for jeres opmærksomhed. (Bifald)
Om denne hjemmeside

På dette websted kan du se YouTube-videoer, der er nyttige til at lære engelsk. Du vil se engelskundervisning, der er udført af førsteklasses lærere fra hele verden. Dobbeltklik på de engelske undertekster, der vises på hver videoside, for at afspille videoen derfra. Underteksterne ruller i takt med videoafspilningen. Hvis du har kommentarer eller ønsker, bedes du kontakte os ved hjælp af denne kontaktformular.

https://forms.gle/WvT1wiN1qDtmnspy7