Time
3 hours 35 minutes
Difficulty
Intermediate
CEU/CPE
4

Video Transcription

00:00
hello and welcome to P C Security Intermediate Course.
00:04
In this video, I will be talking about PC architecture and in detail. It will be about security issues with each of the components off the PC that can bring some kind of security issue to B. C.
00:20
So first on the list, of course process, sir. It's a heart of PC, and it's there, too.
00:25
Execute.
00:27
Its primary function is to execute functions of the operating system and the programs and applications that you run in order to do your business or your fun parts on the PC.
00:40
I found things on a PC.
00:42
Um, however, unlike, um,
00:46
in the old days, when you're on the program and take control of the PC entirely.
00:52
Um, and even before PC's, I remember
00:56
quite a lot of time ago I had my first computer. It was Commodore 64 if when you when you started the program of the on the Commodore 64 whether it was,
01:07
uh, something you have written in basic that has come that was coming with the computer or if you start some game, it would take complete control of the PC azi, long as it's running, so you would have, Ah,
01:23
the program and this program would just sit there and take control. Off, off. All the resource is of a PC.
01:32
Um,
01:33
today is not the case. Even in the old days of PC is the concept personal computer that was introduced by the M when you had ah does on that
01:47
BC, and you'll run some program. That program would have complete control over all components of a PC. So if you have the hard drive memory,
01:56
the program had the full control.
02:00
It's not happening anymore. So, for example, program has its own firmer. And there are parts off process, sir, that there
02:07
can
02:07
time of the processor that is engaged in doing something called in isolation between applications and or us,
02:15
for example. And these things are done by processes fervor.
02:22
So,
02:23
uh, uh, firmer is, ah, the code that is being executed on a low level in the process, er and its determining that processor has to do some things other than just execute programs that you have started is user
02:40
and the typical way off exploit off.
02:45
Ah, bug. In that firmer were a specter and Mel down that captain happened couple off years ago, in which ah, bag in the firmer off the processor was exploited. In order to
03:00
do malicious things, I won't go into details off what Specter and Nell Dunn were using.
03:06
But what they were exploiting is the bug in the firmer off the process.
03:15
So the next component that can be compromised is input output. When you talk about important opportunity for Remember, we were talking about USB boards
03:24
and network connections, and these things they have, ah, the USB controller. They have a controller on the mother board that controls just these things, and these things can be manipulated. And if somebody changes the
03:43
firmer off the the USB controller, they can use it potentially to do some malicious things.
03:51
The same thing is happening with Network because all the traffic between PC and its environment is happening through network or through years. Be if you're exchanging files and you may be flesh. But anyway, if you compromise the network trip, what happens is that
04:08
you can, for example, track all the traffic that's going on through it or do some other things.
04:14
You can, for example, for through the network access the PC without with the bypassing all the security protocols imposed by operating system,
04:25
then we have storage on Duh. Why is this important? Because it has been used
04:32
Ah,
04:33
in the past. Um, and, uh, this is happening because both hard drives in this is these. They have, ah, small microprocessor on themselves, which are is actually handling.
04:47
It's receiving data from the bus on which the the rice is connected to a PC
04:56
and physically storing them in whatever part off them is used for storing. So if it's hard drive, it's a mechanical spinning drive. Then you have plates and then bring heads. Just go summer and the rights of magnetic.
05:13
Use the electric current to change the status off permanent magnets on the
05:18
on the plate.
05:20
And this is writing. And when you read, you just put head over there and you just read. Is it some location, magnetized or not?
05:29
With this is these. It's a different thing because you're writing things and flash memory. But these processes performed the
05:38
similar function, and these processors on microprocessors have their own firmer. And if that informer is manipulated, then for example, you can access all the files on the hard drive,
05:51
it's almost impossible to detect.
05:55
And we have examples like great fish. In the past, that was
05:59
it was used by governmental agencies to access the data on the hard drive. And the problem is that because they're manipulating these, even if you're having encryption, they can get to the road data. Because
06:15
this is how these things work.
06:16
I mean, if you're using hardware encryption, so So these things are rather dangerous.
06:24
Uh, they are hard to find it there, there. And this is why this is important from I t security standpoint
06:33
and the last component about which I'm going to talk about his graphic card. So as I mentioned, graphic Hard can have
06:43
extremely powerful processes which also have their own firmer on the board.
06:47
And if that is manipulated, it can be used to do some things like, for example, to perform brute force attacks on the OS or something like that.
06:57
And, um,
06:59
this thing has no documented attacks so far. So there is no documented case that somebody has written the malware to attack
07:11
graphic cards. The main reason is that every generation has a new processor, and sometimes If you write the code for one, it won't work on the other. The other reason is because there are simply seems much simpler ways to attack component firmer than to manipulate graphic card.
07:30
Um,
07:31
on the other hand, the things that has been known to be manipulated our drivers for these graphic cards, because these are very complex piece of softer than a lot of things. And you can they take a lot of processor time.
07:46
Oh, our resource is. And if you can manipulate them
07:51
because they're naturally their toe handle huge amounts of data, you can actually do the manipulation of the driver. And it's very difficult to notice that something unusual is happening on the PC if you do it.
08:09
So we have come to an end off
08:11
Theis part when we talk about components of a PC and the security risks involved with them.
08:20
And let's do
08:20
ah, short learning check. So the question for you is which components for where hasn't been manipulated so far or hasn't been noted to have been manipulated so far. So the question of the possible answers that this question are graphic card is a memory or is it hard drive,
08:37
and the correct answer is, a few have been listening. What I have been saying in past one minute
08:43
is the graphics card. So this is what so far hasn't been manipulated doesn't mean it won't be in the future.
08:52
So in this video have learned about Richard, the important components of PC and what are the security of screens will with some of them.
09:01
In next lesson, I will be talking about next important part of the PC architecture, which is unified by us.

Up Next

Intermediate PC Security

The Intermediate PC Security course will teach students about endpoint protection. Students will learn fundamental information about PC Security and common attack vectors.

Instructed By

Instructor Profile Image
Milan Cetic
IT Security Consultant
Instructor