[geeks] Looking for feedback on developing a course syllabus

[Jonathan Patschke]

On Sun, 22 May 2016, Ido Dubrawsky wrote:

> I spent the past Spring semester teaching a graduate class for the
> University of Maryland on Secure Operating Systems.  It's not from an IT
> perspective completely but more of a Comp Science perspective.  I've
> been offered the opportunity to teach it again next spring and - if I
> want - to revamp the syllabus over the summer (they're actually going to
> pay me to do this!).

I think a good topic of discussion is the harmful side-effects of dogmatic
engineering (rather than skepticism).

For example, code re-use is generally a Good Thing, but can lead to
monoculture-style vulnerabilities in the extreme.  For example, the "ping
of death" exploit had a wider-than-expected degree of surface area because
of Microsoft and Sun re-using the buggy code from the old BSD networking
stack.  However, totally-closed systems have vulnerabilities that remain
unexposed for very long periods of time due to reduced code review
(example: WinShock).

So, relying on either open-source or closed-source as an aspect of a
security architecture is flawed.  So is, for example, relying on hardware
to always do the right thing (Rowhammer), chains-of-trust to always do the
right thing (Verisign spoofed certificates in 2001), or any number of
things to be a silver bullet.

There's a corollary here to the old best practices of documenting the
software running on network nodes to help debug problems (Version
information for Sendmail, the OS, web servers, etc.).  While this helped
get problems solved quickly by giving people ancillary data to include
with bug reports, it also meant that attackers could easily identify hosts
affected by published vulnerabilities.

-- 
Jonathan Patschke
Austin, TX
USA