1. or unclear digressions about past present and future of Time & Security Baej Boczula DEFENSIVE TIME-OUT Source: http://forums.nba-live.com/dl_mod/thumbs/2379_se7sixtallclear.gif 2. Defenders are loosing? Groundhogs Day | time loop security I started mine security career as an IDS analyst and it was a horrible life you know they have to look at packet captures all damn day nothing, maybe other than marriage, will make you want to put a bullet in your head more. Joe McCray https://www.youtube.com/watch?feature=player_detailpage&v=qBVThFwdYTc#t=1294Cliff Stoll Tsutomu Shimomura DEFENSE game time timing all time Kevin Mitnick Marcus Hess ATTACK Vidocq? Abagnale? do time? 3. Source: http://cdn.thewire.com/img/upload/2013/03/04/nkkjudr.gif Source: http://gifrific.com/wp- content/uploads/2013/04/Dennis-Rodman-Karl-Malone- Fight-1998-NBA-Finals.gif http://www.garuyo.com/web/media/images/images/interviewgif s4.gif metaphores | facts & fictions | timeline https://www.youtube.com/watch? feature=player_detailpage&v=BlBT0Yv83DA#t=1265 4. timespan time bomb time zone full time job Stuxnet, for example, probably had a short shelf life, Axelrod says, because it relied on four different computer vulnerabilities in the nuclear enrichment plant remaining open at the same time, so it was likely deployed as soon as possible. http://www.nature.com/news/the-best-time-to-wage-cyberwar-1.14502 x APT30 POSSIBLY WORKING ON SHIFTS In our analysis of the BACKSPACE controller, we identified a dialog box in the portable executable (PE) resource section. The dialog box included a login prompt with the text , which translates to Please enter your attendant code(...)tool may have been designed to track work shifts amongst multiple operators(...) https://www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf Source: https://www.learner.org/jnorth/images/graphics/mclass/jr/Da 5. For some must watch while some must sleep so runs the world away Hamlet, Shakespeare time management, working time, productivity time, meatime, overtime, time book, timesheet, time-tracking software, part- time, free time, time off, do time Source: http://qph.is.quoracdn.net/main-qimg- 17e71c157715ffa101f1fc9c8b99a5ac? convert_to_webp=true Source:https://podio.com/site/creative-routines Source: https://www.learner.org/jnorth/images/graphics/mclass/jr/Da time perception 6. Where is code? Where are PCAPs? Where are momory dumps? Source: http://stream1.gifsoup.com/view7/3986291/superman-turns-back-time-o.gif time travel 7. or who will hack Lenovo ThinkPad X220 Tablet (2 copies), Intel Core i7- 2620M CPU @ 2.7GHz Intel 150Gb Solid-State Drive 520 Series Windows 7 Speech Synthesizers (3 copies): Manufacturer - Speech Plus (Incorporated 1988, Mountain View, CA) Model - CallText 5010 to hear about Time & Security from ingenious Stephen Hawking author of A Brief History of Time? DEFENSIVE TIME-OUT http://www.audioeditions.c om/audio-book- images/l/A-Brief-History- of-Time-292189.jpg 8. Conceptually information security is an incorrect, incomplete, inconsistent folk art like witchcraft and alchemy in the Dark Ages Don B. Parker https://www.youtube.com/watch?feature=player_detailpage&v=RW9hOBCSy0g#t=186 9. Its named mitigating side channels on the web but please bear with me there will be attacks in there, Right? Ok? Just so that you dont leave the room because its BORING, because its just mitigation no this is not the case we do attacks. Sebastian Shinzel Attacker Defender timing attacks | time series | statistics Source: https://www.youtube.com/watch? feature=player_detailpage&v=V3fzl4NbnF0#t=1128 10. The boundaries of my language demarcate the boundaries of my world Wittgensein time in language | language in security Source: Wolfgang Klein, Time in Language 11. time is a term used in at least four meanings: 1) moment, exact date, time point; moment is attribute of some point event eg. bullet hitting the target; moment can be defined (by abstraction) based on simultaneity term as common attribute of every and only those events, which are simultaneous; 2) time period, time segment, time interval - dense and continuous set of moments placed between two different moments; certain time period can be indicated by specification of delimiting moments (eg. period between 12:00PM and 13:00PM today in Warsaw), or by specifying process filling this this period (eg. during the reign of Kazimierz Wielki in Poland); 3) duration, the length of time period (eg. half-life period of radium) - in contrast to this exact time period; two different time periods can have the same duration, similar to two line segments can have the same length (eg. period between 12:00 PM and 01:00 PM today is different that between 01:00 PM and 02:00 PM, although both have the same duration); duration of some time period can be defined (by abstraction), using term of relation of equal duration as common attribute for every and only of those time periods, which lasts for the same amount as given period; 4) all-embracing time period, unlimited timeline - set of all moments, in other words - time period for which every time interval is part of it. Kazimierz Ajdukiewicz timestamp, uptime, boot time, expiration time, time-sharing/cloud, lamport time, time function, time to live, system time, time forwarding and storage bugs, time code ambiguity, uptime, downtime, real-time, boot time, epoch time, time (logic) bomb, timing attacks, total exhaust time, time-sharing, time servers, CPU time, process time, jiffy? Ross Anderson, Security Eng. II 12. The relations: earlier that W and the simultaneity R can be defined on the set S/R. They are defined respectively by means of the relations: W and R from the set S. The relation W in S/R is already connected and the relation R is in this set an identity relation. Because the relation W is in the set an ordering relation, then the definition of time has here the form: C *. Therefore, time is set S/R of abstraction classes of the relation R in S ordered by the relation W. It is a definition of time by abstraction. * C - time S - set of all physical events R - relation of absolute simultaneousness (quasi-simultaneousness) W - relation before It is assumed in this considerations that time and its properties exist objectively; the same is valid for such objects as moments and intervals and also time relations. It is assumed too, that properties of time and of the above mentioned objects and relations are established on the basis of experience. Both materialistic assumptions are involved implicite it the basis of every physical theory and explicite in the scientific philosophy of time. Discussion presented here in regard to the position that the question of times definition is a pseudo-problem because its solution contain always a logical circle. It is proved here hame is defined only by timet even then, when time is defined only by times notions - what is the ground of discussed point of view - it is possible to avoid such a circle. Stefan Augustynek, The Nature of Time 13. Julien Barbour The End of Time Parmenides no change / time Newton absolute time Mach relative time v. 1.0 Einstein relative time v. 2.0 + Minkowski spacetime Platonia = The Eternal Washing Band Universe? NO TIME = NO PROBLEM ! Source: https://www.youtube.com/watch?feature=player_detailpage&v=WKsNraFxPwk#t=866 14. TIME = CLOCK(S) ? Which one: sun; sand; water; fire; mechanical; quarz? electric oven - PC - https - Kerberos - PKI NTP David Mills lifetime project RFC958, NTP 0 Let t1, t2 and t3 represent the contents of the Originate Timestamp, Receive Timestamp and Transmit Timestamp fields and t4 the local time the NTP message is received. Then the roundtrip delay d and clock offset c is: d = (t4 - t1) - (t3 - t2) and c = (t2 - t1 + t3 - t4)/2 . The implicit assumption in the above is that the one-way delay is statistically half the roundtrip delay and that the intrinsic drift rates of both the client and server clocks are small and close to the same value. RFC5905, NTP4 A timescale is a frame of reference where time is expressed as the value of a monotonically increasing binary counter with an indefinite number of bits. David Mills, U. Delaware, J. Martin, Ed., ISC, J. Burbank, W. Kasch, JHU/APL Source: https://lh3.googleusercontent.com/- D1LC3KkrcKw/Uvoyy8ndGII/AAAAAAAAI34/Nza2r8_cPGI/w800-h800/arctic%2Bsummer.gif 15. second the duration of 9192631770 periods of the radiation corresponding to the transition between the two hyperfine levels of the ground state of the caesium 133 atom. 1967 "refers to a caesium atom at rest at a temperature of 0 K." 1997 National standards agencies in many countries maintain a network of atomic clocks (...) collectively define a continuous and stable time scale, International Atomic Time (TAI). For civil time, another time scale is disseminated,Coordinated Universal Time (UTC). UTC is derived from TAI, but approximately synchronised, by using leap seconds, to UT1, which is based on actual rotations of the Earth with respect to the solar time. TIME = ATOMIC CLOCK Louis Essen If you have one clock ... you are peaceful and have no worries," says Van Baak, fingering a length of cable connecting two of his machines. "If you have two clocks ... you start asking, 'What time is it, really? http://archive.wired.com/science/discoveries/news/2007/12/time_hackers?currentPage=all http://www.coleparmer.com/assets/techin fo/images/NIST-F1_178-300.jpg 16. The Open Systems Interconnection (OSI) model [19] creates seven abstraction layers (..) except for timing. The lowest layer, the physical layer, is required for timing signals. Timing through a communications network can be no better than this layer, while the separation of layers worsens timing signals that rely on upper layers. Thus although waves undeniably travel through waveguides at speeds faster than light, they produce no detectable result. This, however, is not always true (...) the very existence of long-range radio communication depends on the fact that radio waves in the ionized layers of the upper atmosphere have phase velocities greater than the speed of light. This is what enables them to be reflected by the ionosphere and to connect transmitters with receivers that are over the horizon. http://www.fis.cinvestav.mx/~lmontano/sciam/ThingsFasterLightSC0760-142.pdf source:http://tf.nist.gov/general/pdf/836.pdf https://www.youtube.com/watch? feature=player_detailpage&v=PxZE15SxwLI#t=533 http://nvlpubs.nist.gov/nistpubs/TechnicalNotes/NIST.TN.1867.pdf 17. If one customer has a consistent (though inadvertent) latency edge then it can gain an unfair advantage over the other customers by being the system that is on the front edge, or potentially being the intentional or unintentional cause of the microburst. The financial exchange therefore has the task to find an optimally small latency while minimizing jitter and still providing fairness under all ranges of network loading. If you are Wall Street algorytm and you are five microseconds behind you are looser. K. Slavin Time as a Service | realtime | Time Banks 18. Most people would probably say that an event a happened before an event b if a happened at an earlier time than b. They might justify this definition in terms of physical theories of time. However, if a system is to meet a specification correctly, then that specification must be given in terms of events observable within the system. If the specification is in terms of physical time, then the system must contain real clocks. Even if it does contain real clocks, there is still the problem that such clocks are not perfectly accurate and do not keep precise physical time. We will therefore define the "happened before" relation without using physical clocks. Leslie Lamport TIME-SHARING... CLOUD? http://azure.microsoft.com/blog/2012/03/09/summary-of-windows-azure-service-disruption-on-feb-29th-2012/ http://blog.scalyr.com/2012/03/the-azure-outage-time-is- a-spof-leap-day-doubly-so/ 19. http://cdn.screenrant.com/wp-content/uploads/20000-leagues-under-sea-remake.jpg Let's get a SIEM product! How about a SIEM solution? Wouldn't that be even better? That way we can correlate all of our useless logs that we don't look at! That would be awesome!!! Joe McCray Rombertik instead writes a byte of random data to memory 960 Million times. This is designed to consume time (...) Sandboxes may not be able to immediately determine that the application is intentionally stalling since its not sleeping (...) repetitive writing would flood application tracing tools. If an analysis tool attempted to log all of the 960 Million write instructions, the log would grow to over 100 gigabytes. http://blogs.cisco.com/security/talos/rombertik http://www.aerospaceweb.org/question/history/mach/bullet.j pg 20. http://cdn.screenrant.com/wp-content/uploads/20000-leagues-under-sea-remake.jpg Source:http://blogs.rockingham.k12.va.us/textbook02/files/2012/05/the_persistence_of_memor y_1931_salvador_dali.jpg The Persistence of Memory, famous Salvador Dals picture one of interpretation was understanding of the world introduced by Albert Einstein's Special Theory of Relativity. Asked by Ilya Prigogine whether this was in fact the case, Dal replied that the soft watches were not inspired by the theory of relativity, but by the surrealist perception of a Camembert melting in the sun. http://www.authenticsociety.com/about/thepersistenceofmemory_dali Cyber-Security is (choose one): a) Science of Cyber b) Art of Hacking c) Compliance Fiction 21. technologies (...) conditioned by knowledge and social efficiency ways to achieve its goals, intended by community, as well as those which no one predicted on the beginning (...) splitting of goals, and even replacing intended goals with others, often unwanted, is typical Stanisa Lem, Summa Tecnologiae http://www.cinecenta.c om/images/movies/59 2/image1.jpg 22. http://www.newscientist.com/article/dn21756-bullet-time-to-stop-cyber-attacks-on-power- grids.html#.VWH7DZQdRoB Time paradox Time travel Time loop Bullet time Fixed time Time capsule Time-lapse cryptography Infinite Time Turring Machines Time complexity IN THE MATRIX, the famous "bullet time" effect showed how Keanu Reeves's character Neo was able to sway out of the path of incoming bullets, as time appeared to slow. Now the film has inspired engineers to develop a way to cope with cyber attacks on crucial infrastructure, such as electricity grids, water utilities and banking networks.The idea, from security engineers at the University of Tulsa in Oklahoma, is to slow down internet traffic, including malicious data, to give networks time to deal with attacks. To do this, when a cyber attack has been sensed, an algorithm sends hyper-speed signals accelerating ahead of the malicious data packets to mobilise defences.Slowing the malicious traffic by just a few milliseconds will let the hyper- speed commands activate sophisticated network-defence mechanisms," 23. Defense might be cool and it doesnt have to be niceat the same time We need to go deeper - more concrete about abstract and more abstract about concrete (FACKIT) Spend some time with time (Y2KX millenium of bugs?) Fight entropy! Eddington's arrow of time & Security? Get familiar with boundaries of your ignorance Ballance figure out and configure out Why? Source: https://31.media.tumblr.com/tumblr_lt7137rXvc1r17215o1_500.gif INCEPTIO N attempts? 24. hack or hacker hack (v.1) "to cut roughly, cut with chopping blows," hack (n.2) "person hired to do routine work," hack (v.2) "illegally enter a computer system" by 1984; source: http://www.etymonline.com/index.php?term=hack ?