[PLUG] ANNOUNCEMENT: Advanced Topics April 20th 2005

[Alan]

Portland Linux/Unix Group Advanced Topics

Speaker:            Steve Beattie
                    Immunix
                    
Subject:            "Intrusion Prevention and Application Security:  The Good, The Bad, and the Ugly"
                 

Date:               April 20th 2005
Time:               7:00pm - 9:00pm

Location:           Jax 826 SW 2nd Ave
                    Portland, OR

Richard Clarke said that "The reason why you have people breaking into
your software is because your software sucks." More than just scathing
criticism of the software industry, this comment highlights the extreme
difficulty of assuring that your applications do what they are supposed
to do, and nothing else. You can test for what an application is
supposed to do, but you cannot effectively test for the surprising
"something else" mis-features that attackers exploit: they "tickle" your
applications with "creative" inputs that make software mis-behave, and
as a result can break into your systems. Effects like open source code
review help Linux to be more secure by being less likely to have
unpleasant surprises, but this does not eliminate the threat. To really
secure applications, host application security is required to nail down
what each application is permitted to do, to ensure that it is not doing
any surprising "something else"s. This talk will explain the theoretical
foundations that make proving "nothing else" impossible, and show how
host application security provides the only real alternative to
trust-worthy software. We then show how the LSM (Linux Security Modules)
feature (new in the Linux 2.6 kernel) enables unprecedented precision in
the control of application behavior on standard Linux kernels.

Usual meeting rules apply. Happy Hour meal prices for the first hour. 

-- 
"All power is derived from the barrel of a GNU." Mao Tse Stallman