VOLUME 51

   ISSUE 51

22 October  2015

Have you ever seen Ctrl+Alt+Del, also known as the "three-finger salute" required at login on certain Windows systems before the password can be typed in? From a user experience point of view, it's a bad idea as it's adding an extra step in getting access.

But do you know there is security behind it?

Let me describe how it helps users to secure their system. Actually this combination is called a secure attention key (SAK) or secure attention sequence (SAS). The operating system kernel, which works directly with the hardware, is able to identify whether the secure attention key has been pressed. When this event is identified, the kernel begins the trusted login processing. The secure attention key is designed to make suspicious login attempts impossible, as the kernel will suspend any program, including those masquerading as the computer's login criteria, before starting a trustworthy login operation. On systems that are configured to use an SAK, users must always be suspicious of login prompts that are shown on display without having pressed this key combination.

Secure Attention Key for windows is Ctrl+Alt+Del and for Linux is Ctrl+Alt+Pause.

There is a history of this combination. The soft reboot function via keyboard was firstly designed by David Bradley. Bradley, as the chief engineer of the IBM PC project and engineer of the machine's ROM-BIOS, had originally used Ctrl+Alt+Esc, but thought it was too easy to bump the left side of the keyboard and reboot the computer suspiciously. Based on his own account, Hallerman, who was the chief programmer of the project, therefore introduced switching the key combination to Ctrl+Alt+Del as a safety concern, a combination is not possible to press using one hand on the original IBM PC keyboard.

The method was originally conceived only as an Easter egg for internal use and not aim at to be used by end users, as it triggered the reboot without warning or further authorization�it was developed to be used by users creating programs or documentation, so that they could reboot their computers without shutdown. Bill Gates (former Microsoft CEO) described it as "just something we were using in development and it wouldn't be available elsewhere". The feature, anyhow, was documented in IBM's technical reference documentation to the original PC and thereby opened to the general public.

Bradley is also known for his good-natured jab at Gates at the celebration of the 20th anniversary of IBM PC: "I may have invented it, but Bill made it famous"; he quickly added it was a reference to Windows NT logon procedures ("Press Ctrl + Alt + Delete to log on").

During a Q & A presentation on 21 September 2013, Gates introduced "it was a mistake", mentioning to the decision to use Ctrl+Alt+Del as the keyboard combination to log in to Windows. Gates stated he would have planned a single button to function the same tasks, but IBM did not let him to add the extra button into the keyboard.
That is the story behind Ctrl+Alt+Del login.
 

Anuruddha Hewawasam
 

 Anuruddha is an undergraduate of the University of Colombo School of Computing who is currently following Bachelor of Science in Computer Science, Currently he is working as Intern - Information Security Engineer at Sri Lanka CERT|CC

References

FACEBOOK WILL NOW WARN YOU IF GOVERNMENT TRIES TO HACK YOUR ACCOUNT

'...The company implemented this system because attacks from state-affiliated organizations �tend to be more advanced and dangerous than others,� Stamos said. Facebook won�t reveal how it distinguishes between security breaches that originate from the government versus those that come from other hackers.....'

'...The rationale for hiring criminal hackers is based on the thinking that "It takes a thief to catch a thief." But some in the security community -- including some hackers at the Black Hat conference this week -- say that it is no longer necessary.....'

GOOGLE GLASS COULD HELP AUTISTIC PEOPLE 'SEE' EMOTIONS

'....�OK, Glass: What are other people feeling?�

This is the thrust behind a new tool that helps kids on the autism spectrum understand other people�s emotions. The Autism Glass Project, as it�s called, uses Google Glass, machine learning, and artificial intelligence to recognize other people�s faces and give real-time feedback on their expressions, a challenge for many people on the autism spectrum....'

'....Known as the Turla cyber-espionage group (also known as Snake or Uroburos), the attackers are leveraging a technically easy method to hijack downstream bandwidth from various ISPs and packet-spoofing to obtain a much higher degree of anonymity than possibly any other conventional method such as renting a Virtual Private Server (VPS) or hacking a legitimate server, the Russian security firm said.......'

'...Olga Redmon is an attractive young professional whose resume includes experience in customer service and Microsoft Office. Her LinkedIn profile boasts 500+ connections and dozens of endorsements, all of which come from Midwestern professionals in the automotive industry. Olga�s profile picture depicts her in a tight black tank top and red lipstick....'