slides01.tex
changeset 1 b606c9439fa6
parent 0 3a5e09a2ae54
child 2 6e7da958ba8c
--- a/slides01.tex	Tue Sep 25 21:01:23 2012 +0100
+++ b/slides01.tex	Wed Sep 26 02:08:55 2012 +0100
@@ -71,7 +71,7 @@
 	showstringspaces=false}
 
 % beamer stuff 
-\renewcommand{\slidecaption}{APP 01, King's College London, 25.~September 2012}
+\renewcommand{\slidecaption}{AFL 01, King's College London, 26.~September 2012}
 
 
 \begin{document}
@@ -81,12 +81,15 @@
 \begin{frame}<1>[t]
 \frametitle{%
   \begin{tabular}{@ {}c@ {}}
-  \LARGE Access Control and \\[-3mm] 
-  \LARGE Privacy Policies (1)\\[-6mm] 
+  \\[-3mm]
+  \LARGE Automata and \\[-2mm] 
+  \LARGE Formal Languages (1)\\[-3mm] 
   \end{tabular}}
 
   \begin{center}
-  %\includegraphics[scale=1.3]{pics/barrier.jpg}
+  \includegraphics[scale=0.3]{pics/ante1.jpg}\hspace{5mm}
+  \includegraphics[scale=0.31]{pics/ante2.jpg}\\
+  \footnotesize\textcolor{gray}{Antikythera automaton, 100 BC (Archimedes?)}
   \end{center}
 
 \normalsize
@@ -104,183 +107,46 @@
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \mode<presentation>{
-\begin{frame}
-
-\begin{center}
-%\includegraphics[scale=2.1]{pics/barrier.jpg}
-\end{center}
-
-\end{frame}}
- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%     
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
 \begin{frame}[c]
-\frametitle{\begin{tabular}{@ {}c@ {}}Security Engineers\end{tabular}}
-
-According to Bruce Schneier, {\bf security engineers} require
-a particular {\bf mindset}:\bigskip
-
-\begin{tikzpicture}
-\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm] 
-{\normalsize\color{darkgray}
-\begin{minipage}{10cm}\raggedright\small
-``Security engineers --- at least the good ones --- see the world dif$\!$ferently. 
-They can't walk into a store without noticing how they might shoplift. They can't 
-use a computer without wondering about the security vulnerabilities. They can't 
-vote without trying to figure out how to vote twice. They just can't help it.''
-\end{minipage}};
-\end{tikzpicture}
-
-\begin{flushright}
-%\includegraphics[scale=0.0087]{pics/schneierbook1.jpg}\;
-%\includegraphics[scale=0.0087]{pics/schneierbook2.jpg}\;
-%\includegraphics[scale=0.85]{pics/schneier.png}
-\end{flushright}
-
-
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%     
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{@ {}c@ {}}Chip-and-PIN\end{tabular}}
-
-\begin{center}
-%\includegraphics[scale=0.3]{pics/creditcard1.jpg}\;
-%\includegraphics[scale=0.3]{pics/creditcard2.jpg}
-\end{center}
 
-\begin{itemize}
-\item Chip-and-PIN was introduced in the UK in 2004
-\item before that customers had to sign a receipt\medskip
-\item Is Chip-and-PIN a more secure system?
-\end{itemize}
-
-\begin{flushright}
-\small\textcolor{gray}{(Some other countries still use the old method.)}
-\end{flushright}
-
-
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{@ {}c@ {}}Yes \ldots\end{tabular}}
-
-\begin{tikzpicture}
-\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm] 
-{\normalsize\color{darkgray}
-\begin{minipage}{10cm}\raggedright\small
-``Chip-and-PIN is so effective in this country [UK] that fraudsters are starting to move their activities overseas,'' 
-said Emile Abu-Shakra, spokesman for Lloyds TSB (in the Guardian, 2006).
-\end{minipage}};
-\end{tikzpicture}\bigskip
-
-
-\begin{itemize}
-\item mag-stripe cards cannot be cloned anymore
-\item stolen or cloned cards need to be used abroad 
-\item fraud on lost, stolen and counterfeit credit cards was down \pounds{}60m (24\%) on 2004's figure
-\end{itemize}
-
-
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{c}But let's see \ldots\end{tabular}}
-
-
-\begin{textblock}{1}(3,4)
+\begin{textblock}{1}(2,5)
 \begin{tabular}{c}
-%\includegraphics[scale=0.3]{pics/bank.png}\\[-2mm]
-\small Bank
+\includegraphics[scale=0.15]{pics/servers.png}\\[-2mm]
+\small Server
 \end{tabular}
 \end{textblock}
 
-\begin{textblock}{1}(7,4.5)
-\begin{tabular}{c}
-%\includegraphics[scale=3]{pics/store.png}\\[-2mm]
-\end{tabular}
-\end{textblock}
-
-\begin{textblock}{1}(4.5,9.9)
-\begin{tabular}{c}
-%\includegraphics[scale=0.16]{pics/rman.png}\\[-1mm]
-\small costumer / you
-\end{tabular}
-\end{textblock}  
-
-\only<2->{
-\begin{textblock}{1}(4.5,7.5)
-  \begin{tikzpicture}[scale=1.3]
-  \draw[white] (0,0) node (X) {};
-  \draw[white] (1,-1) node (Y) {};
-  \draw[red, ->, line width = 2mm] (X) -- (Y);
-  \node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
-  \end{tikzpicture}
-\end{textblock}}
-
-\only<3->{
-\begin{textblock}{1}(6.8,7.5)
-  \begin{tikzpicture}[scale=1.3]
-  \draw[white] (0,0) node (X) {};
-  \draw[white] (1,1) node (Y) {};
-  \draw[red, ->, line width = 2mm] (X) -- (Y);
-  \node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
+\begin{textblock}{1}(5.6,4)
+  \begin{tikzpicture}[scale=1.1]
+  \draw[white] (0,1) node (X) {};
+  \draw[white] (2,1) node (Y) {};
+   \draw[white] (0,0) node (X1) {};
+  \draw[white] (2,0) node (Y1) {};
+   \draw[white] (0,-1) node (X2) {};
+  \draw[white] (2,-1) node (Y2) {};
+  \draw[red, <-, line width = 2mm] (X) -- (Y);
+  \node [inner sep=5pt,label=above:\textcolor{black}{GET request}] at ($ (X)!.5!(Y) $) {};
+  \draw[red, ->, line width = 2mm] (X1) -- (Y1);
+  \node [inner sep=5pt,label=above:\textcolor{black}{webpage}] at ($ (X1)!.5!(Y1) $) {};
+  \draw[red, <-, line width = 2mm] (X2) -- (Y2);
+  \node [inner sep=7pt,label=above:\textcolor{black}{POST data}] at ($ (X2)!.5!(Y2) $) {};
   \end{tikzpicture}
 \end{textblock}
 
-\begin{textblock}{1}(4.8,5.9)
-  \begin{tikzpicture}[scale=1.3]
-  \draw[white] (0,0) node (X) {};
-  \draw[white] (1.4,0) node (Y) {};
-  \draw[red, <->, line width = 2mm] (X) -- (Y);
-  \node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
-  \end{tikzpicture}
-\end{textblock}}
 
-\only<4->{  
-\begin{textblock}{1}(12,6.5)
+\begin{textblock}{1}(9,5.5)
 \begin{tabular}{c}
-%\includegraphics[scale=0.8]{pics/factory.png}\\[-1mm]
-\small card\\[-2mm]\small terminal\\[-2mm] \small producer
+\includegraphics[scale=0.15]{pics/laptop.png}\\[-2mm]
+\small Browser
 \end{tabular}
 \end{textblock}
   
-\begin{textblock}{1}(10,7)
-  \begin{tikzpicture}[scale=1.6]
-  \draw[white] (0,0) node (X) {};
-  \draw[white] (-1,0.6) node (Y) {};
-  \draw[red, ->, line width = 2mm] (X) -- (Y);
-  \node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
-  \end{tikzpicture}
-\end{textblock}}  
-  
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{c}Chip-and-PIN\end{tabular}}
-
-
+\only<2>{  
+\begin{textblock}{10}(2,13.5)
 \begin{itemize}
-\item A ``tamperesitant'' terminal playing Tetris on 
-\textcolor{blue}{\href{http://www.youtube.com/watch?v=wWTzkD9M0sU}{youtube}}.\\
-\textcolor{lightgray}{\footnotesize(\url{http://www.youtube.com/watch?v=wWTzkD9M0sU})}
+\item programming languages, compilers
 \end{itemize}
- 
-  
-%\includegraphics[scale=0.2]{pics/tetris.jpg}
+\end{textblock}}
   
   
 \end{frame}}
@@ -289,62 +155,93 @@
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \mode<presentation>{
 \begin{frame}[c]
-\frametitle{\begin{tabular}{c}Chip-and-PIN\end{tabular}}
+
+transforming strings into structured data\\[10mm]
 
+{\LARGE\bf Lexing}\medskip\\
+\hspace{5mm}(recognising ``words'')\\[6mm]
 
-\begin{itemize}
-\item in 2006, Shell petrol stations stopped accepting Chip-and-PIN after \pounds{}1m had been stolen from customer accounts\smallskip 
-\item in 2008, hundreds of card readers for use in Britain, Ireland, the Netherlands, Denmark, and Belgium had been 
-expertly tampered with shortly after manufacture so that details and PINs of credit cards were sent during the 9 months 
-before over mobile phone networks to criminals in Lahore, Pakistan
-\end{itemize}
-  
+{\LARGE\bf Parsing}\medskip\\
+\hspace{5mm}(recognising ``sentences'')
+
 \end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%     
+
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \mode<presentation>{
 \begin{frame}[c]
-\frametitle{\begin{tabular}{c}Chip-and-PIN is Broken\end{tabular}}
 
-\begin{flushright}
-%\includegraphics[scale=0.01]{pics/andersonbook1.jpg}\;
-%\includegraphics[scale=1.5]{pics/anderson.jpg}
-\end{flushright}
+The subject is quite old:
 
 \begin{itemize}
-\item man-in-the-middle attacks by the group around Ross Anderson\medskip
+\item Turing Machines, 1936
+\item first compiler for COBOL, 1957 (Grace Hopper)
+\item but surprisingly research papers are still published now
 \end{itemize}
 
-\begin{center}
-\mbox{}\hspace{-20mm}%\includegraphics[scale=0.5]{pics/chip-attack.png}
-\end{center}
+\begin{flushright}
+\includegraphics[scale=0.3]{pics/hopper.jpg}\\
+\footnotesize\textcolor{gray}{Grace Hopper}
+\end{flushright}
+
+{\footnotesize\textcolor{gray}{(she made it to David Letterman's Tonight Show, \url{http://www.youtube.com/watch?v=aZOxtURhfEU})}}
 
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%     
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{\begin{tabular}{c}This Course\end{tabular}}
 
-\begin{textblock}{1}(11.5,13.7)
-\begin{tabular}{l}
-\footnotesize on BBC Newsnight\\[-2mm] 
-\footnotesize in 2010 or \textcolor{blue}{\href{http://www.youtube.com/watch?v=JPAX32lgkrw}{youtube}}
-\end{tabular}
-\end{textblock}
-  
+\begin{itemize}
+\item regular expression / regular expression matching
+\item a bit of sets (of strings)
+\item automata
+\item the Myhill-Nerode theorem
+\item parsing
+\item grammars
+\item a small interpreter / webbrowser
+\end{itemize}
+
 \end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{\begin{tabular}{c}This Course\end{tabular}}
+
+\begin{itemize}
+\item the ultimate goal is to implement a small web-browser (really small)\bigskip
+\end{itemize}
+
+Let's start with:
+
+\begin{itemize}
+\item a web-crawler
+\item an email harvester
+\item a web-scraper
+\end{itemize}
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \mode<presentation>{
 \begin{frame}[c]
-\frametitle{\begin{tabular}{@ {}c@ {}}Chip-and-PIN is Really Broken\end{tabular}}
+\frametitle{\begin{tabular}{c}Scala\end{tabular}}
+
+\footnotesize a simple function for reading webpages
 
-\begin{flushright}
-%\includegraphics[scale=0.01]{pics/andersonbook1.jpg}\;
-%\includegraphics[scale=1.5]{pics/anderson.jpg}
-\end{flushright}
+{\lstset{language=Scala}\fontsize{8}{10}\selectfont
+\texttt{\lstinputlisting{app0.scala}}}\pause\bigskip
 
-\begin{itemize}
-\item same group successfully attacked this year card readers and ATM machines
-\item the problem: several types of ATMs generate poor random numbers, which are used as nonces
-\end{itemize}
+\footnotesize
+{\lstset{language=Scala}\fontsize{8}{10}\selectfont
+\texttt{\lstinputlisting{app1.scala}}}
+
 
 \end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
@@ -352,170 +249,8 @@
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \mode<presentation>{
 \begin{frame}[c]
-\frametitle{\begin{tabular}{c}The Problem \ldots\end{tabular}}
 
 
-\begin{textblock}{1}(3,4)
-\begin{tabular}{c}
-%\includegraphics[scale=0.3]{pics/bank.png}\\[-2mm]
-\small Bank
-\end{tabular}
-\end{textblock}
-
-\begin{textblock}{1}(7,4.5)
-\begin{tabular}{c}
-%\includegraphics[scale=3]{pics/store.png}\\[-2mm]
-\end{tabular}
-\end{textblock}
-
-\begin{textblock}{1}(12,6.5)
-\begin{tabular}{c}
-%\includegraphics[scale=0.8]{pics/factory.png}\\[-1mm]
-\small terminal\\[-2mm] \small producer
-\end{tabular}
-\end{textblock}
-
-\begin{textblock}{1}(4.5,9.9)
-\begin{tabular}{c}
-%\includegraphics[scale=0.13]{pics/rman.png}\\[-1mm]
-\small costumer / you
-\end{tabular}
-\end{textblock}  
-  
-\begin{textblock}{1}(4.5,7.5)
-  \begin{tikzpicture}[scale=1.3]
-  \draw[white] (0,0) node (X) {};
-  \draw[white] (1,-1) node (Y) {};
-  \draw[gray, ->, line width = 2mm] (X) -- (Y);
-  \node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
-  \end{tikzpicture}
-\end{textblock}
-
-\begin{textblock}{1}(6.8,7.5)
-  \begin{tikzpicture}[scale=1.3]
-  \draw[white] (0,0) node (X) {};
-  \draw[white] (1,1) node (Y) {};
-  \draw[gray, ->, line width = 2mm] (X) -- (Y);
-  \node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
-  \end{tikzpicture}
-\end{textblock}
-
-\begin{textblock}{1}(4.8,5.9)
-  \begin{tikzpicture}[scale=1.3]
-  \draw[white] (0,0) node (X) {};
-  \draw[white] (1.4,0) node (Y) {};
-  \draw[gray, <->, line width = 2mm] (X) -- (Y);
-  \node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
-  \end{tikzpicture}
-\end{textblock}
-
-\begin{textblock}{1}(10,7)
-  \begin{tikzpicture}[scale=1.6]
-  \draw[white] (0,0) node (X) {};
-  \draw[white] (-1,0.6) node (Y) {};
-  \draw[gray, ->, line width = 2mm] (X) -- (Y);
-  \node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
-  \end{tikzpicture}
-\end{textblock}  
-  
-\begin{textblock}{14}(1,13.5)
-\begin{itemize}
-\item the burden of proof for fraud and financial liability was shifted to the costumer
-\end {itemize} 
-\end{textblock}
-  
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{c}Being Screwed Again\end{tabular}}
-
-
-\begin{flushright}
-%\includegraphics[scale=0.3]{pics/rbssecure.jpg}
-\end{flushright}
-
-\begin{itemize}
-\item {\bf Responsibility}\\
-``You understand that you are financially responsible for all uses of RBS Secure.''\\
-\textcolor{lightgray}{\footnotesize\url{https://www.rbssecure.co.uk/rbs/tdsecure/terms_of_use.jsp}}
-\end{itemize}
-  
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{c}Web Applications\end{tabular}}
-
-
-\begin{textblock}{1}(2,5)
-\begin{tabular}{c}
-%\includegraphics[scale=0.15]{pics/servers.png}\\[-2mm]
-\small Servers from\\[-2mm] 
-\small Dot.com Inc.
-\end{tabular}
-\end{textblock}
-
-\begin{textblock}{1}(5.6,6)
-  \begin{tikzpicture}[scale=2.5]
-  \draw[white] (0,0) node (X) {};
-  \draw[white] (1,0) node (Y) {};
-  \only<2>{\draw[red, <-, line width = 2mm] (X) -- (Y);
-  \node [inner sep=5pt,label=above:\textcolor{black}{GET request}] at ($ (X)!.5!(Y) $) {};}
-  \only<3>{\draw[red, ->, line width = 2mm] (X) -- (Y);
-  \node [inner sep=5pt,label=above:\textcolor{black}{webpage}] at ($ (X)!.5!(Y) $) {};}
-  \only<4>{\draw[red, <-, line width = 2mm] (X) -- (Y);
-  \node [inner sep=7pt,label=above:\textcolor{black}{POST data}] at ($ (X)!.5!(Y) $) {};}
-  \end{tikzpicture}
-\end{textblock}
-
-
-\begin{textblock}{1}(9,5.5)
-\begin{tabular}{c}
-%\includegraphics[scale=0.15]{pics/laptop.png}\\[-2mm]
-\small Client(s)
-\end{tabular}
-\end{textblock}
-  
-\begin{textblock}{13}(1,13)  
-\begin{itemize}
-\item What are pitfalls and best practices?
-\end{itemize}  
-\end{textblock}
-  
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{c}Scala + Play\end{tabular}}
-
-\footnotesize a simple response from the server:
-
-%{\lstset{language=Scala}\fontsize{8}{10}\selectfont
-%\texttt{\lstinputlisting{app0.scala}}}\bigskip
-
-\footnotesize
-alternative response:\\
-
-{\lstset{language=Scala}\fontsize{8}{10}\selectfont
-\texttt{\lstinline{Ok("<H1>Hello world!</H1>").as(HTML)}}}
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-
-%{\lstset{language=Scala}\fontsize{8}{10}\selectfont
-%\texttt{\lstinputlisting{app1.scala}}}
-
   
 \end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
@@ -704,296 +439,23 @@
 \end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-
-\begin{center}
-%\includegraphics[scale=1.8]{pics/barrier.jpg}
-\end{center}
-
-\begin{itemize}
-\item data integrity needs to be ensured
-\end{itemize}
-
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%     
-
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\mbox{}\\[-7mm]
-
-%{\lstset{language=Scala}\fontsize{8}{10}\selectfont
-%\texttt{\lstinputlisting{app3.scala}}}
-
-\small
-\begin{itemize}
-\item the counter/hash pair is intended to prevent tampering
-\end{itemize}  
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{c}SHA-1\end{tabular}}
-  
-\begin{itemize}
-\item SHA-1 is a cryptographic hash function\\
-(MD5, SHA-256, SHA-512, \ldots) 
-\item message $\rightarrow$ digest
-\item no known attack exists, except brute force\bigskip\pause
-\item but dictionary attacks are very ef$\!$fective for extracting passwords (later)
-\end{itemize}  
-  
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\mbox{}\\[-9mm]
-
-%{\lstset{language=Scala}\fontsize{8}{10}\selectfont
-%\texttt{\lstinputlisting{app4.scala}}}
-
-\begin{textblock}{1}(9,1)
-  \begin{tikzpicture}[scale=1.3]
-  \draw[white] (0,0) node (X) {};
-  \draw[white] (3,0) node (Y) {};
-  \draw[red, <-, line width = 2mm] (X) -- (Y);
-  \node [inner sep=5pt,label=above:\textcolor{black}{\small should be random}] at ($ (X)!.5!(Y) $) {};
-  \end{tikzpicture}
-\end{textblock}
-
-\begin{textblock}{1}(6.6,4.9)
-  \begin{tikzpicture}[scale=1.3]
-  \draw[white] (0,0) node (X) {};
-  \draw[white] (1,-1) node (Y) {};
-  \draw[red, <-, line width = 2mm] (X) -- (Y);
-  \node [inner sep=5pt,label=above:{}] at ($ (X)!.5!(Y) $) {};
-  \end{tikzpicture}
-\end{textblock}
-
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{c}Unix Passwords\end{tabular}}
-
-\begin{itemize}
-\item passwords are \alert{\bf not} stored in clear text
-\item instead \texttt{/etc/shadow} contains
-\end{itemize}
-
-{\small
-\texttt{name:\$1\$QIGCa\$/ruJs8AvmrknzKTzM2TYE.:other\_info}
-}
-
-\begin{itemize}
-\item \texttt{\$} is separator
-\item \texttt{1} is MD5 (actually SHA-512 is used nowadays, \texttt{6})
-\item \texttt{QIGCa} is salt
-\item \texttt{ruJs8AvmrknzKTzM2TYE} $\rightarrow$ password + salt
-\end{itemize}
-
-\textcolor{gray}{\small
-(\texttt{openssl passwd -1 -salt QIGCa pippo})
-}
-% Unix password
-% http://ubuntuforums.org/showthread.php?p=5318038
-
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{c}Password Blunders\end{tabular}}
-
-
-\begin{itemize}
-\item in late 2009, when an SQL injection attack against online games 
-service RockYou.com exposed 32 million \alert{plaintext} passwords
-
-\item  1.3 million Gawker credentials exposed in December 2010 containing 
-unsalted(?) \alert{MD5} hashes
-
-\item June 6th, 2012, 6 million unsalted SHA-1 passwords were leaked from linkedIn
-% linkedIn password
-% http://erratasec.blogspot.co.uk/2012/06/confirmed-linkedin-6mil-password-dump.html
-\end{itemize}\medskip
-
-\small
-Web user maintains 25 separate accounts but uses just 6.5 passwords
-
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-%For instance, SHA512crypt, which is included in Mac OS X and most Unix-based operating systems, passes text through 5,000 iterations, a %hurdle that would have limited Gosney to slightly less than 2,600 guesses per second. The Bcrypt algorithm is even more computationally %expensive, in large part because it subjects text to multiple iterations of the Blowfish cipher that was deliberately modified to increase the %time required to generate a hash. PBKDF2, a function built into Microsoft's .Net software developer framework, offers similar benefits.
-
-
-% rainbow tables
-% http://en.wikipedia.org/wiki/Rainbow_table
-
 
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \mode<presentation>{
 \begin{frame}[c]
-\frametitle{\begin{tabular}{c}Brute Forcing Passwords\end{tabular}}
+\frametitle{\begin{tabular}{c}Exam\end{tabular}}
 
 \begin{itemize}
-\item How fast can hackers crack SHA-1 passwords? \pause
-
-\item The answer is 2 billion attempts per second\\ 
-using a Radeon HD 7970
-\end{itemize}
-
-\begin{center}
-\begin{tabular}{@ {\hspace{-12mm}}rl}
-password length & time\smallskip\\\hline
-5 letters & 5 secs\\
-6 letters & 500 secs\\
-7 letters & 13 hours\\
-8 letters & 57 days\\
-9 letters & 15 years\\
-\end{tabular}
-\end{center}
-
-\small
-5 letters $\approx$ 100$^5$ $=$ 10 billion combinations\\ 
-(1 letter - upper case, lower case, digits, symbols $\approx$ 100)
-
-\only<2->{
-\begin{textblock}{1}(12,5)
-\begin{tabular}{c}
-%\includegraphics[scale=0.3]{pics/radeon.jpg}\\[-6mm]
-\footnotesize graphics card\\[-1mm]
-\footnotesize ca.~\pounds{}300
-\end{tabular}
-\end{textblock}}
-
-
-
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{c}Passwords\end{tabular}}
-
-How to recover from a breakin?\pause\medskip
-
-\begin{itemize}
-\item Do not send passwords in plain text.
-\item Security questions are tricky to get right.
-\item QQ (Chinese Skype) authenticates you via contacts.
-\end{itemize}
-
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{c}This Course\end{tabular}}
-
-\begin{itemize}
-\item break-ins (buffer overflows)
-\item access control\\ (role based, data security / data integrity)
-\item protocols\\
-(specification)
-\item access control logic
-\item privacy
-\begin{quote}
-Scott McNealy: \\``You have zero privacy anyway. Get over it.''
-\end{quote}
-\end{itemize}
-
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{c}Books + Homework\end{tabular}}
-
-\begin{itemize}
-\item there is no single book I am following
-\begin{center}
-%\includegraphics[scale=0.012]{pics/andersonbook1.jpg}
-%\includegraphics[scale=0.23]{pics/accesscontrolbook.jpg}
-\end{center}\medskip\pause
-
-\item The question ``Is this relevant for the exams'' is not appreciated!\medskip\\
+\item The question ``Is this relevant for the exams?'' is not appreciated!\bigskip\\
 
 Whatever is in the homework sheets (and is not marked optional) is relevant for the
-exam. No code needs to be written.
+exam.\\ No code needs to be written.
 \end{itemize}
 
 \end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{c}Take-Home Points\end{tabular}}
-
-\begin{itemize}
-\item Never store passwords in plain text.\medskip
-\item Always salt your hashes!\medskip
-\item Use an existing algorithm; do not write your own!
-\end{itemize}
-
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{c}Thinking as a Defender\end{tabular}}
-
-\begin{itemize}
-\item What are you trying to protect?
-\item What properties are you trying to enforce?\medskip
-
-\item Who are the attackers? Capabilities? Motivations?
-\item What kind of attack are we trying to protect?
-\item Who can fix any vulnerabilities?\medskip
-
-\item What are the weaknesses of the system?
-\item What will successful attacks cost us?
-\item How likely are the attacks?
-\end{itemize}
-
-\small
-\textcolor{gray}{Security almost always is {\bf not} free!}
-
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{c}The Security Mindset\end{tabular}}
-
-\begin{itemize}
-\item How things can go wrong.
-\item Think outside the box.
-\end{itemize}\bigskip
-
-The difference between being criminal is to only \alert{\bf think} about how things can go wrong.
-  
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%