A Bold New Year

As this blog transitions from being developer focused to security focused– I think it’s time to change some things up.  I am looking to find this blog a new home, and likely a new name soon too.  That said, tween the now and then– there are many things on my mind I will be exploring this year.  These include, but are not limited to:

  • Deception, Ambiguity, Tempo
  • Kuzushi, Tsukuri, Kake
  • Boyd’s Loop & Sente
  • Rapid Web Exploitation – Intrusion Theory
  • Reverse Engineering and Exploit Creation
  • System Awareness

You should expect to see blog posts and even full presentations (such as BSidesAustin) regarding these topics.  Since many of the aforementioned may be unfamiliar, I thought it perhaps prudent to define what some of these things are and why I care about them.  As a final thought, nothing above is really “new”; I am not that smart.  These are old and proven principles of warfare and strategy that I would like to see applied deliberately on both sides of the InfoSec coin.

Deception, Ambiguity, and Tempo

John Boyd was a modern warfare strategist and fighter pilot.  Perhaps one of the most influential of our time.  He is best known for the Boyd’s loop (below) however, the heart of his warfare strategies revolved around the above.  He was known as “Forty Second Boyd”, as he had a standing challenge to anyone that he could start from a position of disadvantage and regain advantage in less than forty seconds.  All accounts seem to indicate he never failed– and that alone should cause you to pay attention to him.

The heart of his strategy was simple– disrupt the opponent and cause confusion, while at the same time hiding your actual intent.  Whoever can do that first and maintain it throughout an engagement has a great advantage.

All of these principles have direct implications to both those attacking a system and those defender it.  The methods of success are the same, though the targets and means change.  This is one of my primary studies of 2011.

Boyd’s Loop & Sente

Related to pace, Boyd proposed a decision actualizing loop (OODA Loop) based on: Observation, Orientation, Decision and Action.  Whomever can close their own loop faster than the opponent can potentially gain very key strategic advantage.  The SPEED in which this happens is important, but often misunderstood.  For instance, if I can actualize a better decision– despite a disadvantaged position– I can cause disruption and the opponent must start their own loop over again.  If I can actualize a better decision AND it’s quicker– all the better.

Sen (or Sente) is a Japanese term which can be understood as initiative.  It is used in Go, as well as in budo.  Tomiki Sensei (a key teacher in my martial lineage) outlines three major forms of Sen, each related to where inside of a cycle (aka loop) an opponent might affect you.  This understanding also helps with deciding the when, why and perhaps how you might disrupt theirs.  This again has very interesting parallels in computer security and is one of my primary study of 2011.

Kuzushi, Tsukuri, and Kake

Rounding out my primary studies of 2011 is applying some of the foundational components of my budo practice to attacking applications and systems.  Kuzushi can be thought of as unbalancing, Tsukuri can be understood as fitting.  Kake is an odd bit to describe– but more or less is the technique itself.  For simplicity sake, I am going to associate it to a payload that is delivered.

If none of that makes sense, consider this basic example.  In a basic buffer overflow, kuzushi describes the vector in which we over-ran memory, tsukuri relates toward both the process of fitting with the opening (how much memory) and fitting yourself (through encoding / packing) to properly deliver the technique (payload).

I have demonstrated aspects of these components already at BsidesDFW– and am hoping to expand on this through unique attacks to computers and systems.

The Rest:

With the exception of System Awareness– the remaining studies are technical manifestations of things already mentioned.

System Awareness– however– is an oddball.  None of ANY of the mentioned points matter if you aren’t paying attention.  However, surprisingly enough– paying attention is harder than it seems.  During the process of my evaluations I am taking notes about specific drivers which will assist in identifying issues not only after they occur but WHILE they occur.  Expect to hear more about tripwiring web applications and other such trickery as time goes forward.

I look forward, sincerely, in taking this journey with you all together.

-Andrew

Advertisements
Post a comment or leave a trackback: Trackback URL.

Trackbacks

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: