Overview
Explore the challenges and solutions for securing remote work environments in this 30-minute USENIX LISA21 conference talk. Delve into a comprehensive analysis of security measures across the entire technology stack, from physical security to the application layer. Learn about innovative approaches, including the use of QubesOS for virtualization-based segmentation and heads firmware for securing the boot environment with TPM. Discover practical strategies for addressing authentication, network security, and hardware isolation issues unique to remote work setups. Gain insights into the concept of "reasonable security" and how to implement effective measures against potential threats in adversarial networks and insecure physical environments.
Syllabus
Introduction
Disclosures
What is reasonable
The security pyramid
Physical security
Hardware kill switches
Unexpected attacks
Intel AMD
Purism
Security Tokens
TPMS
Cubes
Desktop
USB
Video Call Example
Hardware Isolation
Drivers
Disposable Cube
Networking Nightmares
cisnet cube
update path
BeyondCorp
Backups
Remote attestation
Taught by
USENIX