Risks of Computers: What do we Do? Steven M. Bellovin April 15,

Similar documents
Risks of Computers: What do we Do? Steven M. Bellovin February 14,

Risks of Computers. Steven M. Bellovin January 31,

Risks of Computers: Voting Machines. Steven M. Bellovin February 10,

Risks of Computers. Steven M. Bellovin April 8,

Risks of Computers: Voting Machines. Steven M. Bellovin February 11,

Risks of Computers. Steven M. Bellovin April 6,

Four Essential Steps for Removing Risk and Downtime from Your POWER9 Migration

Is Your Data Safe In The Cloud?

An Introduction to Business Disaster Recovery

Virtualization: For Victory Over IT Complexity ABERDEEN GROUP

CIO Guide: Disaster recovery solutions that work. Making it happen with Azure in the public cloud

The Fruits of Their Labor

I VE BEEN INFECTED! Ellen Freedman, CLM 2016 Freedman Consulting, Inc.

Designing a System. We have lots of tools Tools are rarely interesting by themselves Let s design a system... Steven M. Bellovin April 10,

RED HAT ENTERPRISE LINUX. STANDARDIZE & SAVE.

System Structure. Steven M. Bellovin December 14,

Clean & Speed Up Windows with AWO

GUIDANCE ON ELECTRONIC VOTING SYSTEM PREPARATION AND SECURITY

It s a Smart Phone World

Computers, Society, and the Law. Steven M. Bellovin Department of Computer Science, Columbia University

THE MORE THINGS CHANGE THE MORE THEY STAY THE SAME FOR BACKUP!

MANAGING GOVERNMENT

EXECUTIVE BRIEF Optimizing for Innovation: How Hybrid IT Outsourcing Shifts IT Focus to Innovation. At Stake

Understanding Software Engineering

9 th CA 2E/CA Plex Worldwide Developer Conference 1

Balancing RTO, RPO, and budget. Table of Contents. White Paper Seven steps to disaster recovery nirvana for wholesale distributors

Total Cost of Ownership: Benefits of the OpenText Cloud

Using Images in FF&EZ within a Citrix Environment

ROI CASE STUDY IBM SPSS CITY OF LANCASTER. ROI: 1301% Payback: 1.5 months Average annual benefit: $1,344,338. Cost : Benefit Ratio 1 : 45.

Slashing Downtime from 24 Hours to 24 Minutes:

Providing Continuous Customer Service since 1976

EXECUTIVE OVERVIEW. Upgrading to Magento 2

Why Microsoft s head is in the clouds and what it means to you.

Cyber Attack: Is Your Business at Risk?

THE OTTAWA SENATORS SCORE ON A CLOUD ASSIST FROM BRITESKY TECHNOLOGIES

IMPORTANT WORDS AND WHAT THEY MEAN

CISCO HYPERFLEX SYSTEMS FROM KEYINFO. Bring the potential of hyperconvergence to a wide range of workloads and use cases

Five Reasons It s Time For Secure Single Sign-On

Total Cost of Ownership: Benefits of ECM in the OpenText Cloud

Dental Buyers Guide 101

Security Automation Best Practices

Understanding Managed Services

Software Quality. What is Good Software?

2

A guide for assembling your Jira Data Center team

Office Move Checklist

Boot Camp. Dave Eckhardt Bruce Maggs

XP: Backup Your Important Files for Safety

Spam. Time: five years from now Place: England

IDERA HELPS PPG INDUSTRIES REDUCE SQL SERVER BACKUP STORAGE COSTS BY OVER 70%

TECHNOLOGY WHITE PAPER. Java for the Real Time Business

Balancing the pressures of a healthcare SQL Server DBA

4 Hidden Budget-Killing PDF Software Pitfalls. And how to avoid them

Architecture. Steven M. Bellovin October 31,

4/28/2014. Defining A Replacement Cycle for Your Association. Introductions. Introductions. April Executive Director, Idealware. Idealware.

Introduction. Published in IOUG Select Magazine

Cloudreach Data Center Migration Services

Search. Smart. Getting. About

Catalogic DPX: Backup Done Right

Printer and Driver Management

Excel Basics: Working with Spreadsheets

The Real Cost of Conversion to Xpa

ONLINE EVALUATION FOR: Company Name

Overview. Consolidating SCM Infrastructures - Migrating between Tools -

Election System and Software

FILE REPLICATION AND COLLABORATION REQUIREMENT: THE ESSENTIALS

INTRODUCTION TO DATA GOVERNANCE AND STEWARDSHIP

Digital Marketing Manager, Marketing Manager, Agency Owner. Bachelors in Marketing, Advertising, Communications, or equivalent experience

Choices when it comes to your communications infrastructure A BUYER S GUIDE TO IP-BASED SOLUTIONS

Expert Reference Series of White Papers. Introduction to Amazon Auto Scaling

WHAT YOU WILL LEARN IN THIS WHITE PAPER

DEL or DELETE - Deletes the character at cursor and/or characters to the right of the cursor and all highlighted (or selected) text.

SQL Server 2017 on Linux: Top Six Reasons Companies Make the Move

_APP A_541_10/31/06. Appendix A. Backing Up Your Project Files

What. Why. Where. Setting up Grid View. 5.1 Grid View. Quick Sheets Section 5 - Data Entry

TRILL Deployment Nears

David Werth IDEAS Design & Grayout Aerosports Albuquerque, q NM & Indianapolis, IN

Legal Notice: Copyright 2013 Hitman Advertising, all rights reserved.

HOW TO CHOOSE THE RIGHT PHONE SYSTEM FOR YOUR BUSINESS

Endpoint Security Can Be Much More Effective and Less Costly. Here s How

CLOUDALLY EBOOK. Best Practices for Business Continuity

Lesson 2. Introducing Apps. In this lesson, you ll unlock the true power of your computer by learning to use apps!

Micro Focus Desktop Containers

IMPORTANCE OF A MINISTRY WEBSITE

CASE STUDY INSURANCE. Innovation at Moody's Analytics: A new approach to database provisioning using SQL Clone

Name Jim Nolan Title Owner Company Name James Nolan Law Office. 65 Broadway, Suite 707, New York, NY 10006, (212)

How to Choose the Right Designer: A Checklist for Professional Web Design

Why Microsoft s head is in the clouds and what it means to you

270 Total Nodes. 15 Nodes Down 2018 CONTAINER ADOPTION SURVEY. Clusters Running. AWS: us-east-1a 23 nodes. AWS: us-west-1a 62 nodes

Vote Selling, Voter Anonymity, and Forensic Logging of Electronic Voting Machines

Simplified. Software-Defined Storage INSIDE SSS

How to Really Secure the Internet

The Importance of Data Protection

Nerds Support Saves You Money and Storage with Incremental Backup Software. nerdssupport.com

THE FOUR STEPS TO A TAPELESS BACKUP ENVIRONMENT: YOUR HOW-TO GUIDE FOR DATA MANAGEMENT SUCCESS INTRODUCTION

Full Website Audit. Conducted by Mathew McCorry. Digimush.co.uk

CYBER SECURITY FOR BUSINESS COUNTING THE COSTS, FINDING THE VALUE

Consolidating servers, storage, and incorporating virtualization allowed this publisher to expand with confidence in a challenging industry climate.

Choosing the Right. Ethernet Solution. How to Make the Best Choice for Your Business

THE UTILITY OF DNS TRAFFIC MANAGEMENT

Transcription:

Risks of Computers: What do we Do? Steven M. Bellovin April 15, 2010 1

We Have Problems... Software is buggy It takes too long to develop It s generally over budget What do we do? Steven M. Bellovin April 15, 2010 2

Custom Systems Even the big vendors of mass market software have such problems A lot of organizations rely on custom systems Custom system designs are frequently worse Steven M. Bellovin April 15, 2010 3

Conversions Different programs Different file formats Different processes Different things to back up Different inputs and outputs Repeat for each program in your system Steven M. Bellovin April 15, 2010 4

We re Dealing with Systems The hard part isn t one program on one machine Generally, it s many different programs They all interact You can t eat just one peanut Steven M. Bellovin April 15, 2010 5

A Tale of Two Airlines... WestJet and JetBlue wanted to switch to new, more capable reservations systems They independently selected the same new system WestJet went first Despite months of planning... its Web site crashed repeatedly and its call center was overwhelmed. It took months to resolve all the issues. (WSJ, 12 Apr 2010) Steven M. Bellovin April 15, 2010 6

Why? Massive data conversion: 840,000 files for existing reservations Too much complex hand-processing to convert files Too many passengers with reservations, despite the preemptive cancelation of some flights For competitive reasons, they didn t announce the conversion until that day Steven M. Bellovin April 15, 2010 7

Recovery Apology letters Flight credits Outsourced temporary call center A three- to six-month recovery process Steven M. Bellovin April 15, 2010 8

JetBlue Went Second They picked a light-traffic weekend They kept their planes abnormally empty They developed and deployed a backup web server (it was needed twice) They hired 500 temporary agents to handle routine calls, while their own, experienced staff handled complex situations The extra agents stayed for two months one of the wisest investments we made There were still a few problems Steven M. Bellovin April 15, 2010 9

The Differences Lighter load (though JetBlue is a bigger airline) Backup systems Personnel who were trained for conversion glitches Steven M. Bellovin April 15, 2010 10

What Wasn t a Problem For the most part, this did not involve new software development They were switching to an existing, well-tested product (There was undoubtedly some custom software written, both for the conversion and for customization) JetBlue spent $40M $25M in capital costs and $15M in one-time operating expenses The problem was conversion Steven M. Bellovin April 15, 2010 11

Conversion Principles Conversions never go smoothly If possible, run old and new systems in parallel for a while Lighten load Automate as much of the data conversion as possible Train people for the effort Temporarily shed non-essential features Steven M. Bellovin April 15, 2010 12

Why is the a Societal Issue? When large-scale or governmental systems are converted, the public at large is converted It costs money and poor service and we all pay Too often, the conversions are postponed or mismanaged Steven M. Bellovin April 15, 2010 13

The FBI The FBI s computer systems were old As of 2002, their network ran bisync, a protocol that was obsolete by 1980 (They had to buy spare parts on ebay!) The Trilogy project, the attempt to upgrade, was an unmitigated disaster Steven M. Bellovin April 15, 2010 14

What the FBI Did Wrong No user involvement they didn t know what they wanted the system to do Requirements change post-9/11, they realized they needed much more support for intelligence work No prototyping Inadequate IT management ability Plans for a flash cut Steven M. Bellovin April 15, 2010 15

The IRS Has Problems, Too Some of their systems are more than 40 years old, and are written in IBM mainframe assembler language They spent $3 billion trying and failing to upgrade their systems in the 1990s The problem: inadequate management, ill-defined goals, repeated cost overruns, and failure to meet deadlines and expectations. (CNET News) Steven M. Bellovin April 15, 2010 16

Requirements for Successful Software Clear goals A clean architecture Very good management Enough time A deployment plan Steven M. Bellovin April 15, 2010 17

Goals Meet the real needs of the organization Establish the goals up front, and don t keep changing them Have the political fight up front, before you spend money on software Steven M. Bellovin April 15, 2010 18

Architecure All that stuff you ve learned about software engineering really helps Remember that needs and hence software will change over time Clean system designs will smooth that process, too Steven M. Bellovin April 15, 2010 19

Deployment Plans Assume that things will go wrong Plan for this how will you cope? If you re running old and new systems in parallel, what if they disagree? How do you share data between different versions? Steven M. Bellovin April 15, 2010 20

Process Matters People are part of the system, too In understanding the functions and security of a system, it is important to understand what people do People are also much more flexible in coping with mistakes if the process lets them In some sense, process is the way you program the people... Steven M. Bellovin April 15, 2010 21

Counting Votes Photo by Dave Kopel; used by permission. (http: //volokh.com/2008/03/22/taiwan-presidential-election-results-and-process/) Steven M. Bellovin April 15, 2010 22

Why Show an Empty Ballot Box? Show that all of the votes have been counted (Do the same before the polls open) Many more aspects of process during voting Steven M. Bellovin April 15, 2010 23

Voting Systems DRE machines illustrate many of these problems Counties generally don t have enough IT management expertise There s no manual backup Conflicting goals Steven M. Bellovin April 15, 2010 24

The Really Scary Thing about DRE The big problem isn t security it s ordinary buggy code We ve already had many instances of this and we ll never really know how the election should have come out Steven M. Bellovin April 15, 2010 25

Programming Bugs and Elections Sarasota, FL, Congressional race, 2006 large undervote in a heavily Democratic precinct Bernalillo County, NM, 2000 bug tallying straight-ticket absentee ballots Voting machine tally tapes, NJ (several elections) Many more... And there s no manual backup! Steven M. Bellovin April 15, 2010 26

Large Software Systems Be afraid. Be very afraid. It never works well at first But there s bad and worse Expect this and plan for it Steven M. Bellovin April 15, 2010 27

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback