| author | Christian Urban <christian dot urban at kcl dot ac dot uk> |
| Mon, 22 Sep 2014 22:16:17 +0100 | |
| changeset 162 | 5031e7778fdb |
| parent 160 | 4cbd6ca025e6 |
| child 164 | 08a6e035223e |
| permissions | -rw-r--r-- |
|
93
82ac034dcc9d
brought order into the repository
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
90
diff
changeset
|
1 |
\documentclass[dvipsnames,14pt,t, xelatex]{beamer}
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
2 |
\usepackage{../slides}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
3 |
\usepackage{../graphics}
|
|
157
3a8fff66d62b
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
4 |
\usepackage{../langs}
|
| 0 | 5 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
6 |
\setmonofont[Scale=.88]{Consolas}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
7 |
\newfontfamily{\consolas}{Consolas}
|
| 0 | 8 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
9 |
\hfuzz=220pt |
| 0 | 10 |
|
11 |
% beamer stuff |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
12 |
\renewcommand{\slidecaption}{APP 01, King's College London}
|
| 0 | 13 |
|
|
162
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
14 |
\lstset{language=Scala,
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
15 |
style=mystyle, |
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
16 |
numbersep=0pt, |
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
17 |
numbers=none, |
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
18 |
xleftmargin=0mm} |
| 0 | 19 |
|
20 |
\begin{document}
|
|
21 |
||
| 9 | 22 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
23 |
\begin{frame}
|
| 0 | 24 |
\frametitle{%
|
| 1 | 25 |
\begin{tabular}{@ {}c@ {}}
|
26 |
\LARGE Access Control and \\[-3mm] |
|
27 |
\LARGE Privacy Policies (1)\\[-6mm] |
|
28 |
\end{tabular}}
|
|
29 |
||
30 |
\begin{center}
|
|
31 |
\includegraphics[scale=1.3]{pics/barrier.jpg}
|
|
32 |
\end{center}
|
|
33 |
||
|
157
3a8fff66d62b
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
34 |
\normalsize |
| 1 | 35 |
\begin{center}
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
36 |
\begin{tabular}{ll}
|
| 1 | 37 |
Email: & christian.urban at kcl.ac.uk\\ |
|
93
82ac034dcc9d
brought order into the repository
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
90
diff
changeset
|
38 |
Office: & S1.27 (1st floor Strand Building)\\ |
|
159
77cf0362b87a
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
157
diff
changeset
|
39 |
Slides: & KEATS |
| 1 | 40 |
\end{tabular}
|
41 |
\end{center}
|
|
|
157
3a8fff66d62b
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
42 |
\end{frame}
|
|
162
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
43 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 0 | 44 |
|
| 8 | 45 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
46 |
\begin{frame}
|
|
47 |
||
48 |
\begin{center}
|
|
49 |
\includegraphics[scale=2.1]{pics/barrier.jpg}
|
|
50 |
\end{center}
|
|
51 |
||
|
157
3a8fff66d62b
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
52 |
\end{frame}
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
53 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 1 | 54 |
|
55 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
|
95
e24f6c12839e
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
94
diff
changeset
|
56 |
\begin{frame}
|
|
e24f6c12839e
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
94
diff
changeset
|
57 |
|
|
e24f6c12839e
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
94
diff
changeset
|
58 |
\begin{center}
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
59 |
\begin{tikzpicture}[scale=1.3]
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
60 |
%\draw[very thick, scale=1] (0, 0) grid (6, -4); |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
61 |
\draw (0,0) node (X) {\includegraphics[scale=0.1]{pics/rman.png}};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
62 |
\draw (6,0) node (Y) {\includegraphics[scale=0.1]{pics/gman.png}};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
63 |
\node[below] at (X.south) {Alice};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
64 |
\node[below] at (Y.south) {Bob};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
65 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
66 |
\draw[red,<->,line width = 3mm] (X) -- (Y); |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
67 |
\node [inner sep=5pt,label=above:{\begin{tabular}{c}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
68 |
secure/private\\ |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
69 |
communication |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
70 |
\end{tabular}}]
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
71 |
at ($ (X)!.5!(Y) $) {};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
72 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
73 |
\draw (1.0,-1.5) node {\includegraphics[scale=0.05]{pics/nsa.png}};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
74 |
\draw (2.4,-1.5) node {\includegraphics[scale=0.3]{pics/gchq.jpg}};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
75 |
\draw (1.7,-2.3) node {\huge\ldots};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
76 |
\draw (4.2,-1.5) node {\includegraphics[scale=0.05]{pics/apple.png}};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
77 |
\draw (5.4,-1.7) node {\includegraphics[scale=0.15]{pics/google.png}};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
78 |
\draw (5.0,-2.3) node {\huge\ldots};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
79 |
\end{tikzpicture}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
80 |
\end{center}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
81 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
82 |
\begin{center}
|
|
95
e24f6c12839e
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
94
diff
changeset
|
83 |
\includegraphics[scale=0.1]{pics/snowden.jpg}
|
|
157
3a8fff66d62b
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
84 |
\end{center}
|
|
96
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
85 |
|
|
157
3a8fff66d62b
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
86 |
\end{frame}
|
|
3a8fff66d62b
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
87 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
96
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
88 |
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
89 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
90 |
\begin{frame}
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
91 |
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
92 |
\begin{center}
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
93 |
\includegraphics[scale=0.45]{pics/lavabit-email.jpg}
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
94 |
\end{center}
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
95 |
\small{}\mbox{}\hfill{}
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
96 |
Lavabit email service closed down on 8 August 2013. \\ |
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
97 |
\mbox{}\hfill{}\url{www.goo.gl/bgSrVp}
|
|
96
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
98 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
99 |
\end{frame}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
100 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
96
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
101 |
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
102 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
103 |
\begin{frame}
|
|
159
77cf0362b87a
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
157
diff
changeset
|
104 |
\frametitle{Also Bad Guys}
|
|
96
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
105 |
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
106 |
\begin{textblock}{1}(4,2.5)
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
107 |
\begin{tikzpicture}[scale=1.3]
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
108 |
\draw (0,0) node (X) {\includegraphics[scale=0.1]{pics/rman.png}};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
109 |
\draw (4,0) node (Y) {\includegraphics[scale=0.1]{pics/gman.png}};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
110 |
\draw[red, <->, line width = 2mm] (X) -- (Y); |
|
96
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
111 |
\end{tikzpicture}
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
112 |
\end{textblock}
|
|
96
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
113 |
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
114 |
\begin{textblock}{1}(1,6)
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
115 |
\begin{bubble}[11cm]
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
116 |
\footnotesize |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
117 |
Annonymous Hacker operating a 10k bonnet using the ZeuS |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
118 |
hacking tool wrote:\medskip\\ ``FYI I do not cash out the bank |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
119 |
accounts or credit cards, I just sell the information (I know, |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
120 |
its just as bad...), there isn't even a law against |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
121 |
such in most countries, dealing with stolen information is |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
122 |
most of the time a legally greyzone (I was just as surprised |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
123 |
when I looked it up), I'm not talking about 3rd world |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
124 |
countries, but about European like Spain (The Mariposa botnet |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
125 |
owner never got charged, because a botnet isn't illegal, only |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
126 |
abusing CC information is, but that did other guys).''\\ |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
127 |
\hfill{}\url{www.goo.gl/UWluh0}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
128 |
\end{bubble}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
129 |
\end{textblock}
|
|
96
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
130 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
131 |
\end{frame}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
132 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
96
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
133 |
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
134 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
135 |
\begin{frame}
|
|
162
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
136 |
\frametitle{This is a Misconception!}
|
|
96
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
137 |
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
138 |
\begin{center}
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
139 |
\includegraphics[scale=0.55]{pics/cryptographic-small.png}
|
|
95
e24f6c12839e
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
94
diff
changeset
|
140 |
\end{center}
|
|
e24f6c12839e
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
94
diff
changeset
|
141 |
|
|
162
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
142 |
\centering |
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
143 |
\begin{bubble}[9cm]
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
144 |
\small |
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
145 |
There is some consensus that the NSA can probably not |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
146 |
brute-force magically better than the ``public''. |
|
162
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
147 |
\end{bubble}
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
148 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
149 |
\end{frame}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
150 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
151 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
152 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
153 |
\begin{frame}[c]
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
154 |
The content of this course is very much inspired by the work of |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
155 |
three people:\bigskip |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
156 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
157 |
\small |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
158 |
\begin{center}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
159 |
\begin{tabular}{ccc}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
160 |
\includegraphics[scale=1.4]{pics/schneier.png} &
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
161 |
\includegraphics[scale=0.103]{pics/ross.jpg} &
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
162 |
\includegraphics[scale=0.2]{pics/halderman.jpg} \\
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
163 |
Bruce Schneier & Ross Anderson & Alex Halderman\\ |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
164 |
\tiny\url{en.wikipedia.org/wiki/Bruce_Schneier} &
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
165 |
\tiny\url{www.cl.cam.ac.uk/~rja14} &
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
166 |
\tiny\url{jhalderm.com}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
167 |
\end{tabular}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
168 |
\end{center}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
169 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
170 |
\end{frame}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
171 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
95
e24f6c12839e
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
94
diff
changeset
|
172 |
|
|
e24f6c12839e
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
94
diff
changeset
|
173 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 1 | 174 |
\begin{frame}[c]
|
175 |
||
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
176 |
\alert{\bf Security engineers} require a particular \alert{\bf mindset}:
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
177 |
\bigskip\medskip |
| 1 | 178 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
179 |
\begin{overlayarea}{\textwidth}{5cm}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
180 |
\small |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
181 |
\only<1>{\begin{bubble}[10cm]
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
182 |
``Security engineers --- at least the good ones --- see |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
183 |
the world differently. They can't walk into a store without |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
184 |
noticing how they might shoplift. They can't use a computer |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
185 |
without wondering about the security vulnerabilities. They |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
186 |
can't vote without trying to figure out how to vote twice. |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
187 |
They just can't help it.''\\ |
|
95
e24f6c12839e
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
94
diff
changeset
|
188 |
\hfill{}---Bruce Schneier
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
189 |
\end{bubble}}%
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
190 |
\only<2>{\begin{bubble}[10.5cm]
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
191 |
``Security engineering\ldots requires you to think |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
192 |
differently. You need to figure out not how something works, |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
193 |
but how something can be made to not work. You have to imagine |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
194 |
an intelligent and malicious adversary inside your system |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
195 |
\ldots, constantly trying new ways to |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
196 |
subvert it. You have to consider all the ways your system can |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
197 |
fail, most of them having nothing to do with the design |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
198 |
itself. You have to look at everything backwards, upside down, |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
199 |
and sideways. You have to think like an alien.''\hfill{}---Bruce Schneier
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
200 |
\end{bubble}}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
201 |
\end{overlayarea}
|
| 1 | 202 |
|
203 |
\begin{flushright}
|
|
204 |
\includegraphics[scale=0.0087]{pics/schneierbook1.jpg}\;
|
|
205 |
\includegraphics[scale=0.0087]{pics/schneierbook2.jpg}\;
|
|
|
97
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
96
diff
changeset
|
206 |
\includegraphics[scale=0.23]{pics/schneierbook3.jpg}\;
|
| 1 | 207 |
\includegraphics[scale=0.85]{pics/schneier.png}
|
208 |
\end{flushright}
|
|
209 |
||
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
210 |
\end{frame}
|
| 1 | 211 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
212 |
||
| 4 | 213 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
214 |
\begin{frame}[c]
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
215 |
\frametitle{Breaking Things}
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
216 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
217 |
For example: |
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
218 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
219 |
\begin{center}
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
220 |
\begin{bubble}[10cm]\small
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
221 |
Prof.~V.~Nasty gives the following final exam question (closed books, |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
222 |
closed notes):\bigskip |
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
223 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
224 |
\noindent |
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
225 |
\begin{tabular}{@ {}l}
|
|
102
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
226 |
Write the first 100 digits of $\pi$:\\ |
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
227 |
3.\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_ |
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
228 |
\end{tabular}
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
229 |
\end{bubble}
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
230 |
\end{center}
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
231 |
|
|
102
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
232 |
How can you cheat in this exam and how can you defend against such cheating? |
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
233 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
234 |
\end{frame}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
235 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
236 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
237 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
238 |
\begin{frame}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
239 |
\frametitle{\textcolor{red}{Warning}}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
240 |
\small |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
241 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
242 |
\begin{itemize}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
243 |
\item<1-> I will be teaching techniques that can be used to |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
244 |
compromise security and privacy. |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
245 |
\end{itemize}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
246 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
247 |
\onslide<2->{
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
248 |
\begin{itemize}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
249 |
\item Don’t be evil! |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
250 |
\only<3>{\item Using those techniques in the real world may
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
251 |
violate the law or King’s rules, and it may be unethical.} |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
252 |
\only<3>{\item Under some circumstances, even probing for weaknesses of a
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
253 |
system may result in severe penalties, up to and including |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
254 |
expulsion, fines and jail time.} |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
255 |
\only<3>{\item Acting lawfully and ethically is \underline{your} responsibility.}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
256 |
\only<4>{\item Ethics requires you to
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
257 |
refrain from doing harm.} |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
258 |
\only<4>{\item \underline{Always} respect privacy and rights of
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
259 |
others.} |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
260 |
\only<4>{\item Do not tamper with any of King's systems.}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
261 |
\only<5>{\item If you try
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
262 |
out a technique, always make doubly sure you are working in a |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
263 |
safe environment so that you cannot cause any harm, not even |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
264 |
accidentally.} |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
265 |
\only<5>{\item Don't be evil. Be an \underline{ethical} hacker.}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
266 |
\end{itemize}}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
267 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
268 |
\end{frame}
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
269 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
270 |
|
|
162
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
271 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
272 |
\begin{frame}[c]
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
273 |
\frametitle{Secure Systems}
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
274 |
|
|
162
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
275 |
For a secure system, four requirements need to come |
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
276 |
together: |
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
277 |
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
278 |
\begin{itemize}
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
279 |
\item {\bf Policy}\\
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
280 |
{\small What is supposed to be achieved?}
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
281 |
\item {\bf Mechanism}\\
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
282 |
{\small Cypher, access controls, tamper resistance}
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
283 |
\item {\bf Assurance}\\
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
284 |
{\small The amount of reliance you can put on the mechanism.}
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
285 |
\item {\bf Incentive}\\
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
286 |
{\small The motive that the people guarding and maintaining the
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
287 |
system have to do their job properly, and also the motive |
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
288 |
that the attackers have to try to defeat your policy.} |
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
289 |
\end{itemize}
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
290 |
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
291 |
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
292 |
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
293 |
\end{frame}
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
294 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
295 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
296 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
297 |
\begin{frame}[c]
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
298 |
\frametitle{Chip-and-PIN}
|
| 4 | 299 |
|
300 |
\begin{center}
|
|
301 |
\includegraphics[scale=0.3]{pics/creditcard1.jpg}\;
|
|
302 |
\includegraphics[scale=0.3]{pics/creditcard2.jpg}
|
|
303 |
\end{center}
|
|
304 |
||
305 |
\begin{itemize}
|
|
306 |
\item Chip-and-PIN was introduced in the UK in 2004 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
307 |
\item before that customers had to sign a receipt\bigskip |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
308 |
\item \bf Is Chip-and-PIN a more secure system? |
| 4 | 309 |
\end{itemize}
|
310 |
||
311 |
\begin{flushright}
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
312 |
\small\textcolor{gray}{(some other countries still use the old method)}
|
| 4 | 313 |
\end{flushright}
|
314 |
||
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
315 |
\end{frame}
|
| 4 | 316 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
317 |
||
| 0 | 318 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
319 |
\begin{frame}[c]
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
320 |
\frametitle{Yes \ldots}
|
| 1 | 321 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
322 |
\begin{bubble}[10cm]
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
323 |
\small ``Chip-and-PIN is so effective in this country [UK] |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
324 |
that fraudsters are starting to move their activities |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
325 |
overseas,''\smallskip\\ |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
326 |
\hfill{}said some spokesman for Lloyds TSB\\
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
327 |
\hfill(in The Guardian, 2006) |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
328 |
\end{bubble}\bigskip
|
| 1 | 329 |
|
| 0 | 330 |
|
| 1 | 331 |
\begin{itemize}
|
332 |
\item mag-stripe cards cannot be cloned anymore |
|
333 |
\item stolen or cloned cards need to be used abroad |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
334 |
\item fraud on lost, stolen and counterfeit credit |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
335 |
cards was down \pounds{60m} (24\%) on 2004's figure
|
| 1 | 336 |
\end{itemize}
|
337 |
||
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
338 |
\end{frame}
|
| 1 | 339 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
340 |
||
341 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
342 |
\begin{frame}[c]
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
343 |
\frametitle{But let's see}
|
| 1 | 344 |
|
345 |
||
346 |
\begin{textblock}{1}(3,4)
|
|
347 |
\begin{tabular}{c}
|
|
348 |
\includegraphics[scale=0.3]{pics/bank.png}\\[-2mm]
|
|
349 |
\small Bank |
|
| 0 | 350 |
\end{tabular}
|
351 |
\end{textblock}
|
|
| 1 | 352 |
|
353 |
\begin{textblock}{1}(7,4.5)
|
|
354 |
\begin{tabular}{c}
|
|
355 |
\includegraphics[scale=3]{pics/store.png}\\[-2mm]
|
|
356 |
\end{tabular}
|
|
357 |
\end{textblock}
|
|
358 |
||
359 |
\begin{textblock}{1}(4.5,9.9)
|
|
360 |
\begin{tabular}{c}
|
|
361 |
\includegraphics[scale=0.16]{pics/rman.png}\\[-1mm]
|
|
|
162
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
362 |
\small custumer / you |
| 1 | 363 |
\end{tabular}
|
364 |
\end{textblock}
|
|
| 8 | 365 |
|
366 |
\only<2->{
|
|
367 |
\begin{textblock}{1}(4.5,7.5)
|
|
368 |
\begin{tikzpicture}[scale=1.3]
|
|
369 |
\draw[white] (0,0) node (X) {};
|
|
370 |
\draw[white] (1,-1) node (Y) {};
|
|
371 |
\draw[red, ->, line width = 2mm] (X) -- (Y); |
|
372 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
373 |
\end{tikzpicture}
|
|
374 |
\end{textblock}}
|
|
375 |
||
376 |
\only<3->{
|
|
377 |
\begin{textblock}{1}(6.8,7.5)
|
|
378 |
\begin{tikzpicture}[scale=1.3]
|
|
379 |
\draw[white] (0,0) node (X) {};
|
|
380 |
\draw[white] (1,1) node (Y) {};
|
|
381 |
\draw[red, ->, line width = 2mm] (X) -- (Y); |
|
382 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
383 |
\end{tikzpicture}
|
|
384 |
\end{textblock}
|
|
385 |
||
386 |
\begin{textblock}{1}(4.8,5.9)
|
|
387 |
\begin{tikzpicture}[scale=1.3]
|
|
388 |
\draw[white] (0,0) node (X) {};
|
|
389 |
\draw[white] (1.4,0) node (Y) {};
|
|
390 |
\draw[red, <->, line width = 2mm] (X) -- (Y); |
|
391 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
392 |
\end{tikzpicture}
|
|
393 |
\end{textblock}}
|
|
394 |
||
395 |
\only<4->{
|
|
396 |
\begin{textblock}{1}(12,6.5)
|
|
397 |
\begin{tabular}{c}
|
|
398 |
\includegraphics[scale=0.8]{pics/factory.png}\\[-1mm]
|
|
399 |
\small card\\[-2mm]\small terminal\\[-2mm] \small producer |
|
400 |
\end{tabular}
|
|
401 |
\end{textblock}
|
|
402 |
||
403 |
\begin{textblock}{1}(10,7)
|
|
404 |
\begin{tikzpicture}[scale=1.6]
|
|
405 |
\draw[white] (0,0) node (X) {};
|
|
406 |
\draw[white] (-1,0.6) node (Y) {};
|
|
407 |
\draw[red, ->, line width = 2mm] (X) -- (Y); |
|
408 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
409 |
\end{tikzpicture}
|
|
410 |
\end{textblock}}
|
|
| 0 | 411 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
412 |
\end{frame}
|
| 0 | 413 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
414 |
||
415 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
416 |
\begin{frame}[c]
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
417 |
\frametitle{Chip-and-PIN}
|
| 0 | 418 |
|
| 1 | 419 |
\begin{itemize}
|
| 5 | 420 |
\item A ``tamperesitant'' terminal playing Tetris on |
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
421 |
\href{http://www.youtube.com/watch?v=wWTzkD9M0sU}{youtube}.\smallskip\\
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
422 |
\footnotesize(\url{http://www.youtube.com/watch?v=wWTzkD9M0sU})
|
| 1 | 423 |
\end{itemize}
|
424 |
||
425 |
\includegraphics[scale=0.2]{pics/tetris.jpg}
|
|
426 |
||
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
427 |
\end{frame}
|
| 1 | 428 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 0 | 429 |
|
430 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
431 |
\begin{frame}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
432 |
\frametitle{Chip-and-PIN}
|
| 0 | 433 |
|
434 |
\begin{itemize}
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
435 |
\item in 2006, Shell petrol stations stopped accepting Chip-and-PIN after |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
436 |
\pounds{1M} had been stolen from customer accounts\smallskip
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
437 |
\item in 2008, hundreds of card readers for use in Britain, Ireland, |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
438 |
the Netherlands, Denmark, and Belgium had been expertly tampered with |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
439 |
shortly after manufacture so that details and PINs of credit cards |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
440 |
were sent during the 9 months before over mobile phone networks |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
441 |
to criminals in Lahore, Pakistan |
| 0 | 442 |
\end{itemize}
|
443 |
||
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
444 |
\end{frame}
|
| 0 | 445 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
446 |
||
447 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
448 |
\begin{frame}[c]
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
449 |
\frametitle{Chip-and-PIN is Broken}
|
| 0 | 450 |
|
| 1 | 451 |
\begin{flushright}
|
452 |
\includegraphics[scale=0.01]{pics/andersonbook1.jpg}\;
|
|
453 |
\includegraphics[scale=1.5]{pics/anderson.jpg}
|
|
454 |
\end{flushright}
|
|
| 0 | 455 |
|
456 |
\begin{itemize}
|
|
| 5 | 457 |
\item man-in-the-middle attacks by the group around Ross Anderson\medskip |
| 0 | 458 |
\end{itemize}
|
459 |
||
| 1 | 460 |
\begin{center}
|
| 5 | 461 |
\mbox{}\hspace{-20mm}\includegraphics[scale=0.5]{pics/chip-attack.png}
|
| 1 | 462 |
\end{center}
|
| 5 | 463 |
|
464 |
\begin{textblock}{1}(11.5,13.7)
|
|
465 |
\begin{tabular}{l}
|
|
466 |
\footnotesize on BBC Newsnight\\[-2mm] |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
467 |
\footnotesize in 2010 or |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
468 |
\href{http://www.youtube.com/watch?v=JPAX32lgkrw}{youtube}
|
| 5 | 469 |
\end{tabular}
|
470 |
\end{textblock}
|
|
| 0 | 471 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
472 |
\end{frame}
|
| 0 | 473 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
474 |
||
475 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
476 |
\begin{frame}[c]
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
477 |
\frametitle{\Large Chip-and-PIN is Really Broken}
|
| 0 | 478 |
|
| 1 | 479 |
\begin{flushright}
|
480 |
\includegraphics[scale=0.01]{pics/andersonbook1.jpg}\;
|
|
481 |
\includegraphics[scale=1.5]{pics/anderson.jpg}
|
|
482 |
\end{flushright}
|
|
| 0 | 483 |
|
484 |
\begin{itemize}
|
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
485 |
\item same group successfully attacked in 2012 card readers and ATM machines |
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
486 |
\item the problem: several types of ATMs generate poor random numbers, |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
487 |
which are used as nonces |
| 0 | 488 |
\end{itemize}
|
| 1 | 489 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
490 |
\end{frame}
|
| 0 | 491 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
492 |
||
493 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
494 |
\begin{frame}[c]
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
495 |
\frametitle{The Real Problem \ldots}
|
| 0 | 496 |
|
| 1 | 497 |
\begin{textblock}{1}(3,4)
|
498 |
\begin{tabular}{c}
|
|
499 |
\includegraphics[scale=0.3]{pics/bank.png}\\[-2mm]
|
|
500 |
\small Bank |
|
501 |
\end{tabular}
|
|
502 |
\end{textblock}
|
|
503 |
||
504 |
\begin{textblock}{1}(7,4.5)
|
|
505 |
\begin{tabular}{c}
|
|
506 |
\includegraphics[scale=3]{pics/store.png}\\[-2mm]
|
|
507 |
\end{tabular}
|
|
508 |
\end{textblock}
|
|
| 0 | 509 |
|
| 1 | 510 |
\begin{textblock}{1}(12,6.5)
|
511 |
\begin{tabular}{c}
|
|
512 |
\includegraphics[scale=0.8]{pics/factory.png}\\[-1mm]
|
|
513 |
\small terminal\\[-2mm] \small producer |
|
514 |
\end{tabular}
|
|
| 0 | 515 |
\end{textblock}
|
| 1 | 516 |
|
517 |
\begin{textblock}{1}(4.5,9.9)
|
|
518 |
\begin{tabular}{c}
|
|
519 |
\includegraphics[scale=0.13]{pics/rman.png}\\[-1mm]
|
|
520 |
\small costumer / you |
|
521 |
\end{tabular}
|
|
522 |
\end{textblock}
|
|
| 0 | 523 |
|
| 8 | 524 |
\begin{textblock}{1}(4.5,7.5)
|
525 |
\begin{tikzpicture}[scale=1.3]
|
|
526 |
\draw[white] (0,0) node (X) {};
|
|
527 |
\draw[white] (1,-1) node (Y) {};
|
|
528 |
\draw[gray, ->, line width = 2mm] (X) -- (Y); |
|
529 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
530 |
\end{tikzpicture}
|
|
531 |
\end{textblock}
|
|
532 |
||
533 |
\begin{textblock}{1}(6.8,7.5)
|
|
534 |
\begin{tikzpicture}[scale=1.3]
|
|
535 |
\draw[white] (0,0) node (X) {};
|
|
536 |
\draw[white] (1,1) node (Y) {};
|
|
537 |
\draw[gray, ->, line width = 2mm] (X) -- (Y); |
|
538 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
539 |
\end{tikzpicture}
|
|
540 |
\end{textblock}
|
|
541 |
||
542 |
\begin{textblock}{1}(4.8,5.9)
|
|
543 |
\begin{tikzpicture}[scale=1.3]
|
|
544 |
\draw[white] (0,0) node (X) {};
|
|
545 |
\draw[white] (1.4,0) node (Y) {};
|
|
546 |
\draw[gray, <->, line width = 2mm] (X) -- (Y); |
|
547 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
548 |
\end{tikzpicture}
|
|
549 |
\end{textblock}
|
|
550 |
||
551 |
\begin{textblock}{1}(10,7)
|
|
552 |
\begin{tikzpicture}[scale=1.6]
|
|
553 |
\draw[white] (0,0) node (X) {};
|
|
554 |
\draw[white] (-1,0.6) node (Y) {};
|
|
555 |
\draw[gray, ->, line width = 2mm] (X) -- (Y); |
|
556 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
557 |
\end{tikzpicture}
|
|
558 |
\end{textblock}
|
|
559 |
||
| 1 | 560 |
\begin{textblock}{14}(1,13.5)
|
561 |
\begin{itemize}
|
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
562 |
\item the burden of proof for fraud and financial liability was shifted to the costumer (until approx.~2009/10) |
| 1 | 563 |
\end {itemize}
|
| 0 | 564 |
\end{textblock}
|
565 |
||
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
566 |
\end{frame}
|
| 0 | 567 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
568 |
||
569 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
570 |
\begin{frame}[c]
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
571 |
\frametitle{The Bad Guy Again}
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
572 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
573 |
\begin{bubble}[10cm]
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
574 |
\footnotesize |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
575 |
The anonymous hacker from earlier:\medskip\\ ``Try to use |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
576 |
`Verified-By-Visa' and `Mastercard-Securecode' as rarely as |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
577 |
possible. If only your CVV2 code is getting sniffed, you are |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
578 |
not liable for any damage, because the code is physically |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
579 |
printed and could have been stolen while you payed with your |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
580 |
card at a store. Same applies if someone cloned your CC |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
581 |
reading the magnetic stripe or sniffing RFID. Only losing your |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
582 |
VBV or MCSC password can cause serious trouble.''\\ |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
583 |
\hfill{}\url{goo.gl/UWluh0}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
584 |
\end{bubble}
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
585 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
586 |
\end{frame}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
587 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
588 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
589 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
590 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
591 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 0 | 592 |
\begin{frame}[c]
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
593 |
\frametitle{Being Screwed Again}
|
| 0 | 594 |
|
| 1 | 595 |
\begin{flushright}
|
596 |
\includegraphics[scale=0.3]{pics/rbssecure.jpg}
|
|
597 |
\end{flushright}
|
|
598 |
||
| 0 | 599 |
\begin{itemize}
|
| 1 | 600 |
\item {\bf Responsibility}\\
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
601 |
``You understand that you are financially responsible for all uses |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
602 |
of RBS Secure.''\medskip\\ |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
603 |
\footnotesize\url{https://www.rbssecure.co.uk/rbs/tdsecure/terms_of_use.jsp}
|
| 0 | 604 |
\end{itemize}
|
605 |
||
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
606 |
\end{frame}
|
| 0 | 607 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
608 |
||
| 2 | 609 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
610 |
\begin{frame}[c]
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
611 |
\frametitle{Web Applications}
|
| 2 | 612 |
|
613 |
\begin{textblock}{1}(2,5)
|
|
614 |
\begin{tabular}{c}
|
|
615 |
\includegraphics[scale=0.15]{pics/servers.png}\\[-2mm]
|
|
616 |
\small Servers from\\[-2mm] |
|
617 |
\small Dot.com Inc. |
|
618 |
\end{tabular}
|
|
619 |
\end{textblock}
|
|
620 |
||
| 6 | 621 |
\begin{textblock}{1}(5.6,6)
|
622 |
\begin{tikzpicture}[scale=2.5]
|
|
623 |
\draw[white] (0,0) node (X) {};
|
|
624 |
\draw[white] (1,0) node (Y) {};
|
|
| 8 | 625 |
\only<2>{\draw[red, <-, line width = 2mm] (X) -- (Y);
|
| 6 | 626 |
\node [inner sep=5pt,label=above:\textcolor{black}{GET request}] at ($ (X)!.5!(Y) $) {};}
|
| 8 | 627 |
\only<3>{\draw[red, ->, line width = 2mm] (X) -- (Y);
|
| 6 | 628 |
\node [inner sep=5pt,label=above:\textcolor{black}{webpage}] at ($ (X)!.5!(Y) $) {};}
|
| 8 | 629 |
\only<4>{\draw[red, <-, line width = 2mm] (X) -- (Y);
|
| 6 | 630 |
\node [inner sep=7pt,label=above:\textcolor{black}{POST data}] at ($ (X)!.5!(Y) $) {};}
|
631 |
\end{tikzpicture}
|
|
632 |
\end{textblock}
|
|
633 |
||
634 |
||
| 2 | 635 |
\begin{textblock}{1}(9,5.5)
|
636 |
\begin{tabular}{c}
|
|
637 |
\includegraphics[scale=0.15]{pics/laptop.png}\\[-2mm]
|
|
| 8 | 638 |
\small Client(s) |
| 2 | 639 |
\end{tabular}
|
640 |
\end{textblock}
|
|
641 |
||
642 |
\begin{textblock}{13}(1,13)
|
|
643 |
\begin{itemize}
|
|
644 |
\item What are pitfalls and best practices? |
|
645 |
\end{itemize}
|
|
646 |
\end{textblock}
|
|
647 |
||
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
648 |
\end{frame}
|
| 2 | 649 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
650 |
||
| 5 | 651 |
|
652 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
653 |
\begin{frame}[c]
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
654 |
\frametitle{Why Scala?}
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
655 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
656 |
\begin{textblock}{6}(1,3)
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
657 |
\begin{tabular}{l}
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
658 |
\mbox{}\hspace{-1mm}\includegraphics[scale=0.36]{pics/twitter.png}\\[-1mm]
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
659 |
\includegraphics[scale=0.30]{pics/linked.png}\\
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
660 |
\includegraphics[scale=0.30]{pics/guardian.jpg}\\[-3mm]
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
661 |
\mbox{}\hspace{-2mm}\includegraphics[scale=0.38]{pics/morgan.png}\\[-3mm]
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
662 |
\includegraphics[scale=0.30]{pics/suisse.png}\\
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
663 |
\includegraphics[scale=0.20]{pics/edf.png}\\[-1mm]
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
664 |
\includegraphics[scale=0.08]{pics/novell.png}\\[-1mm]
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
665 |
\includegraphics[scale=0.30]{pics/foursquare.png}\\
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
666 |
\includegraphics[scale=0.30]{pics/hsbc.png}\\
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
667 |
{\large\bf ...}
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
668 |
\end{tabular}
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
669 |
\end{textblock}
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
670 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
671 |
\only<2->{
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
672 |
\begin{textblock}{6}(6,3)
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
673 |
\includegraphics[scale=0.35]{pics/jobgraph.png}\\
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
674 |
\end{textblock}}
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
675 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
676 |
\only<3->{
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
677 |
\begin{textblock}{6}(7.3,9.2)
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
678 |
\begin{tabular}{l}
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
679 |
\footnotesize 2013: 1$\%$\\[-2mm] |
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
680 |
\footnotesize 2014: 3$\%$\\[-2mm] |
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
681 |
\footnotesize 2015: 9$\%$\\[-2mm] |
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
682 |
\footnotesize 2016: 27$\%$\\[-2mm] |
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
683 |
\footnotesize 2017: 81$\%$\\[-2mm] |
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
684 |
\footnotesize 2018: 243$\%$ \raisebox{-1mm}{\includegraphics[scale=0.02]{pics/smiley.jpg}}
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
685 |
\end{tabular}
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
686 |
\end{textblock}}
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
687 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
688 |
\only<3->{
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
689 |
\begin{textblock}{6}(6,9.5)
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
690 |
\footnotesize 5 yrs $\begin{cases}\mbox{}\\[1.4cm]\end{cases}$
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
691 |
\end{textblock}}
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
692 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
693 |
\only<4->{
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
694 |
\begin{textblock}{11}(5,14.1)
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
695 |
\textcolor{gray}{
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
696 |
\footnotesize {\bf in London today:} 1 Scala job for every 30 Java jobs;\\[-2mm]
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
697 |
Scala programmers seem to get up to 20\% better salary} |
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
698 |
\end{textblock}}
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
699 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
700 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
701 |
\only<5->{
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
702 |
\begin{textblock}{1}(3,6)
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
703 |
\begin{bubble}[8.5cm]
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
704 |
\normalsize |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
705 |
Scala is a functional and object-oriented programming |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
706 |
language; compiles to the JVM; does not need null-pointer |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
707 |
exceptions; a course on Coursera\\ |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
708 |
\mbox{}\hfill\url{http://www.scala-lang.org}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
709 |
\end{bubble}
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
710 |
\end{textblock}}
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
711 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
712 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
713 |
\end{frame}
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
714 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
715 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
716 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
717 |
\begin{frame}[c]
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
718 |
\frametitle{Scala + Play}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
719 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
720 |
A simple response from the server: |
| 5 | 721 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
722 |
\small |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
723 |
\lstinputlisting{../progs/app0.scala}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
724 |
\medskip |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
725 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
726 |
\small |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
727 |
alternative response:\smallskip\\ |
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
728 |
|
| 6 | 729 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
730 |
\lstinline{Ok("<H1>Hello world!</H1>").as(HTML)}
|
| 5 | 731 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
732 |
\end{frame}
|
| 5 | 733 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
734 |
||
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
735 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
736 |
|
| 5 | 737 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
738 |
\mode<presentation>{
|
|
739 |
\begin{frame}[c]
|
|
740 |
||
741 |
{\lstset{language=Scala}\fontsize{8}{10}\selectfont
|
|
|
93
82ac034dcc9d
brought order into the repository
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
90
diff
changeset
|
742 |
\texttt{\lstinputlisting{../progs/app1.scala}}}
|
| 5 | 743 |
|
744 |
||
745 |
\end{frame}}
|
|
746 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
747 |
||
| 6 | 748 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
749 |
\mode<presentation>{
|
|
750 |
\begin{frame}[c]
|
|
751 |
\frametitle{\begin{tabular}{c}Cookies\end{tabular}}
|
|
752 |
||
753 |
||
754 |
\begin{textblock}{1}(1.5,5)
|
|
755 |
\begin{tabular}{c}
|
|
756 |
\includegraphics[scale=0.15]{pics/servers.png}\\[-2mm]
|
|
757 |
\small Servers from\\[-2mm] |
|
758 |
\small Dot.com Inc. |
|
759 |
\end{tabular}
|
|
760 |
\end{textblock}
|
|
761 |
||
762 |
\begin{textblock}{1}(5.6,5.6)
|
|
763 |
\begin{tikzpicture}[scale=2.5]
|
|
764 |
\draw[white] (0,0) node (X) {};
|
|
765 |
\draw[white] (1,0) node (Y) {};
|
|
766 |
\draw[white] (0.05,-0.3) node (X1) {};
|
|
767 |
\draw[white] (0.95,-0.3) node (Y1) {};
|
|
768 |
\only<1-2>{\draw[red, <-, line width = 2mm] (X) -- (Y);
|
|
769 |
\node [inner sep=5pt,label=above:\textcolor{black}{GET request}] at ($ (X)!.5!(Y) $) {};}
|
|
| 8 | 770 |
\only<1>{\draw[white, <-, line width = 1mm] (X1) -- (Y1);
|
771 |
\node [inner sep=2pt,label=below:\textcolor{white}{read a cookie}] at ($ (X1)!.5!(Y1) $) {};}
|
|
| 6 | 772 |
\only<2>{\draw[red, <-, line width = 1mm] (X1) -- (Y1);
|
773 |
\node [inner sep=2pt,label=below:\textcolor{black}{read a cookie}] at ($ (X1)!.5!(Y1) $) {};}
|
|
774 |
\only<3->{\draw[red, ->, line width = 2mm] (X) -- (Y);
|
|
775 |
\node [inner sep=5pt,label=above:\textcolor{black}{webpage}] at ($ (X)!.5!(Y) $) {};}
|
|
776 |
\only<3->{\draw[red, ->, line width = 1mm] (X1) -- (Y1);
|
|
777 |
\node [inner sep=2pt,label=below:\textcolor{black}{write a cookie}] at ($ (X1)!.5!(Y1) $) {};}
|
|
778 |
\end{tikzpicture}
|
|
779 |
\end{textblock}
|
|
780 |
||
781 |
||
782 |
\begin{textblock}{1}(9.5,5.5)
|
|
783 |
\begin{tabular}{c}
|
|
784 |
\includegraphics[scale=0.15]{pics/laptop.png}\\[-2mm]
|
|
785 |
\small Client |
|
786 |
\end{tabular}
|
|
787 |
\end{textblock}
|
|
788 |
||
789 |
\only<4->{
|
|
790 |
\begin{textblock}{13}(1,11)
|
|
791 |
\small\begin{itemize}
|
|
792 |
\item cookies: max 4KB data\\[-2mm] |
|
793 |
\item cookie theft, cross-site scripting attacks\\[-2mm] |
|
794 |
\item session cookies, persistent cookies, HttpOnly cookies, third-party cookies, zombie cookies |
|
795 |
\end{itemize}
|
|
796 |
\end{textblock}}
|
|
797 |
||
798 |
\only<5>{
|
|
799 |
\begin{textblock}{11}(1,3)
|
|
800 |
\begin{tikzpicture}
|
|
801 |
\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm] |
|
802 |
{\normalsize\color{darkgray}
|
|
803 |
\begin{minipage}{10cm}\raggedright\small
|
|
804 |
{\bf EU Privacy Directive about Cookies:}\smallskip\\
|
|
805 |
``In May 2011, a European Union law was passed stating that websites that leave non-essential cookies on visitors' devices have to alert the visitor and get acceptance from them. This law applies to both individuals and businesses based in the EU regardless of the nationality of their website's visitors or the location of their web host. It is not enough to simply update a website's terms and conditions or privacy policy. The deadline to comply with the new EU cookie law was 26th May 2012 and failure to do so could mean a fine of up to \pounds{}500,000.''
|
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
806 |
\hfill\small\textcolor{gray}{$\rightarrow$BBC News}, \textcolor{blue}{\url{goo.gl/RI4qhh}}
|
| 6 | 807 |
\end{minipage}};
|
808 |
\end{tikzpicture}
|
|
809 |
\end{textblock}}
|
|
810 |
||
811 |
\end{frame}}
|
|
812 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
813 |
||
814 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
815 |
\mode<presentation>{
|
|
| 9 | 816 |
\begin{frame}[t]
|
817 |
\begin{itemize}
|
|
818 |
\item While cookies are per web-page, this can be easily circumvented. |
|
819 |
\end{itemize}
|
|
820 |
||
821 |
\begin{textblock}{1}(1.5,4.5)
|
|
822 |
\begin{tabular}{c}
|
|
823 |
\includegraphics[scale=0.07]{pics/servers.png}\\[-2mm]
|
|
824 |
\small Pet Store\\[-2mm] |
|
825 |
\small Dot.com\\[-2mm] |
|
826 |
\end{tabular}
|
|
827 |
\end{textblock}
|
|
828 |
||
829 |
\begin{textblock}{1}(1.5,8)
|
|
830 |
\begin{tabular}{c}
|
|
831 |
\includegraphics[scale=0.07]{pics/servers.png}\\[-2mm]
|
|
832 |
\small Dating.com |
|
833 |
\end{tabular}
|
|
834 |
\end{textblock}
|
|
835 |
||
836 |
\begin{textblock}{1}(10.5,7.5)
|
|
837 |
\begin{tabular}{c}
|
|
838 |
\includegraphics[scale=0.07]{pics/servers.png}\\[-2mm]
|
|
839 |
\small Evil-Ad-No\\[-2mm] |
|
840 |
\small Privacy.com |
|
841 |
\end{tabular}
|
|
842 |
\end{textblock}
|
|
843 |
||
844 |
\begin{textblock}{1}(6,10.5)
|
|
845 |
\begin{tabular}{c}
|
|
846 |
\includegraphics[scale=0.16]{pics/rman.png}\\[-1mm]
|
|
847 |
\small you |
|
848 |
\end{tabular}
|
|
849 |
\end{textblock}
|
|
850 |
||
851 |
\begin{textblock}{1}(4,5)
|
|
852 |
\begin{tikzpicture}[scale=1]
|
|
853 |
\draw[white] (0,0.5) node (X) {};
|
|
854 |
\draw[white] (5.7,-1) node (Y) {};
|
|
855 |
\draw[red, ->, line width = 0.5mm] (X) -- (Y); |
|
856 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
857 |
\end{tikzpicture}
|
|
858 |
\end{textblock}
|
|
859 |
||
860 |
\begin{textblock}{1}(4,7.9)
|
|
861 |
\begin{tikzpicture}[scale=1]
|
|
862 |
\draw[white] (0,0) node (X) {};
|
|
863 |
\draw[white] (5.7,0) node (Y) {};
|
|
864 |
\draw[red, ->, line width = 0.5mm] (X) -- (Y); |
|
865 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
866 |
\end{tikzpicture}
|
|
867 |
\end{textblock}
|
|
868 |
||
869 |
\begin{textblock}{1}(3.3,9.3)
|
|
870 |
\begin{tikzpicture}[scale=1.2]
|
|
871 |
\draw[white] (0,0) node (X) {};
|
|
872 |
\draw[white] (1.5,-1) node (Y) {};
|
|
873 |
\draw[red, <->, line width = 2mm] (X) -- (Y); |
|
874 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
875 |
\draw[white] (0.9,0.3) node (X1) {};
|
|
876 |
\draw[white] (1.9,-1) node (Y1) {};
|
|
877 |
\draw[red, <->, line width = 2mm] (X1) -- (Y1); |
|
878 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X1)!.5!(Y1) $) {};
|
|
879 |
\end{tikzpicture}
|
|
880 |
\end{textblock}
|
|
881 |
||
882 |
\begin{textblock}{1}(8.6,10.1)
|
|
883 |
\begin{tikzpicture}[scale=0.9]
|
|
884 |
\draw[white] (0,0) node (X) {};
|
|
885 |
\draw[white] (-2,-1) node (Y) {};
|
|
886 |
\draw[red, <->, line width = 0.5mm] (X) -- (Y); |
|
887 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
888 |
\end{tikzpicture}
|
|
889 |
\end{textblock}
|
|
890 |
||
891 |
||
892 |
||
893 |
\end{frame}}
|
|
894 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
895 |
||
896 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
897 |
\mode<presentation>{
|
|
| 6 | 898 |
\begin{frame}[c]
|
899 |
\frametitle{\begin{tabular}{c}My First Webapp\end{tabular}}
|
|
900 |
||
901 |
{\bf GET request:}\smallskip
|
|
902 |
\begin{enumerate}
|
|
| 8 | 903 |
\item read the cookie from client |
| 6 | 904 |
\item if none is present, set \texttt{visits} to \textcolor{blue}{$0$}
|
| 8 | 905 |
\item if cookie is present, extract \texttt{visits} counter
|
| 6 | 906 |
\item if \texttt{visits} is greater or equal \textcolor{blue}{$10$}, \\
|
| 8 | 907 |
print a valued customer message\\ |
908 |
otherwise just a normal message |
|
| 6 | 909 |
\item increase \texttt{visits} by \textcolor{blue}{$1$} and store new cookie with client
|
910 |
\end{enumerate}
|
|
911 |
||
912 |
||
913 |
\end{frame}}
|
|
914 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
915 |
||
916 |
||
917 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
918 |
\mode<presentation>{
|
|
919 |
\begin{frame}[c]
|
|
920 |
\mbox{}\\[-9mm]
|
|
921 |
||
922 |
{\lstset{language=Scala}\fontsize{8}{10}\selectfont
|
|
|
93
82ac034dcc9d
brought order into the repository
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
90
diff
changeset
|
923 |
\texttt{\lstinputlisting{../progs/app2.scala}}}
|
| 6 | 924 |
|
| 7 | 925 |
\footnotesize |
926 |
\begin{itemize}
|
|
927 |
\item cookie value encoded as hash |
|
928 |
\end{itemize}
|
|
929 |
\end{frame}}
|
|
930 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
931 |
||
932 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
933 |
\mode<presentation>{
|
|
934 |
\begin{frame}[c]
|
|
935 |
||
| 8 | 936 |
\begin{center}
|
937 |
\includegraphics[scale=1.8]{pics/barrier.jpg}
|
|
938 |
\end{center}
|
|
939 |
||
940 |
\begin{itemize}
|
|
941 |
\item data integrity needs to be ensured |
|
942 |
\end{itemize}
|
|
| 7 | 943 |
|
944 |
\end{frame}}
|
|
| 8 | 945 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 7 | 946 |
|
947 |
||
948 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
949 |
\mode<presentation>{
|
|
950 |
\begin{frame}[c]
|
|
| 8 | 951 |
\mbox{}\\[-7mm]
|
| 7 | 952 |
|
953 |
{\lstset{language=Scala}\fontsize{8}{10}\selectfont
|
|
|
93
82ac034dcc9d
brought order into the repository
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
90
diff
changeset
|
954 |
\texttt{\lstinputlisting{../progs/app3.scala}}}
|
| 7 | 955 |
|
| 8 | 956 |
\small |
957 |
\begin{itemize}
|
|
958 |
\item the counter/hash pair is intended to prevent tampering |
|
959 |
\end{itemize}
|
|
| 6 | 960 |
\end{frame}}
|
961 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
962 |
||
| 9 | 963 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 7 | 964 |
\mode<presentation>{
|
965 |
\begin{frame}[c]
|
|
966 |
\frametitle{\begin{tabular}{c}SHA-1\end{tabular}}
|
|
967 |
||
968 |
\begin{itemize}
|
|
| 8 | 969 |
\item SHA-1 is a cryptographic hash function\\ |
970 |
(MD5, SHA-256, SHA-512, \ldots) |
|
971 |
\item message $\rightarrow$ digest |
|
|
102
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
972 |
\item attacks exist: $2^{80} \rightarrow 2^{61}$ \bigskip\pause
|
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
973 |
\item but dictionary attacks are much more effective for extracting passwords (later) |
| 7 | 974 |
\end{itemize}
|
975 |
||
976 |
\end{frame}}
|
|
| 9 | 977 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
978 |
||
| 7 | 979 |
|
980 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
981 |
\mode<presentation>{
|
|
982 |
\begin{frame}[c]
|
|
983 |
\mbox{}\\[-9mm]
|
|
984 |
||
985 |
{\lstset{language=Scala}\fontsize{8}{10}\selectfont
|
|
|
93
82ac034dcc9d
brought order into the repository
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
90
diff
changeset
|
986 |
\texttt{\lstinputlisting{../progs/app4.scala}}}
|
| 7 | 987 |
|
| 8 | 988 |
\begin{textblock}{1}(9,1)
|
989 |
\begin{tikzpicture}[scale=1.3]
|
|
990 |
\draw[white] (0,0) node (X) {};
|
|
991 |
\draw[white] (3,0) node (Y) {};
|
|
992 |
\draw[red, <-, line width = 2mm] (X) -- (Y); |
|
993 |
\node [inner sep=5pt,label=above:\textcolor{black}{\small should be random}] at ($ (X)!.5!(Y) $) {};
|
|
994 |
\end{tikzpicture}
|
|
995 |
\end{textblock}
|
|
996 |
||
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
997 |
\begin{textblock}{1}(6.6,5.1)
|
| 8 | 998 |
\begin{tikzpicture}[scale=1.3]
|
999 |
\draw[white] (0,0) node (X) {};
|
|
1000 |
\draw[white] (1,-1) node (Y) {};
|
|
1001 |
\draw[red, <-, line width = 2mm] (X) -- (Y); |
|
1002 |
\node [inner sep=5pt,label=above:{}] at ($ (X)!.5!(Y) $) {};
|
|
1003 |
\end{tikzpicture}
|
|
1004 |
\end{textblock}
|
|
1005 |
||
| 7 | 1006 |
\end{frame}}
|
1007 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1008 |
||
| 6 | 1009 |
|
| 9 | 1010 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 7 | 1011 |
\mode<presentation>{
|
1012 |
\begin{frame}[c]
|
|
1013 |
\frametitle{\begin{tabular}{c}Unix Passwords\end{tabular}}
|
|
| 6 | 1014 |
|
| 8 | 1015 |
\begin{itemize}
|
|
99
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1016 |
\item passwords must \alert{\bf not} be stored in clear text
|
| 9 | 1017 |
\item instead \texttt{/etc/shadow} contains
|
| 8 | 1018 |
\end{itemize}
|
| 9 | 1019 |
|
1020 |
{\small
|
|
1021 |
\texttt{name:\$1\$QIGCa\$/ruJs8AvmrknzKTzM2TYE.:other\_info}
|
|
1022 |
} |
|
1023 |
||
1024 |
\begin{itemize}
|
|
1025 |
\item \texttt{\$} is separator
|
|
1026 |
\item \texttt{1} is MD5 (actually SHA-512 is used nowadays, \texttt{6})
|
|
1027 |
\item \texttt{QIGCa} is salt
|
|
1028 |
\item \texttt{ruJs8AvmrknzKTzM2TYE} $\rightarrow$ password + salt
|
|
1029 |
\end{itemize}
|
|
1030 |
||
1031 |
\textcolor{gray}{\small
|
|
1032 |
(\texttt{openssl passwd -1 -salt QIGCa pippo})
|
|
1033 |
} |
|
| 7 | 1034 |
% Unix password |
1035 |
% http://ubuntuforums.org/showthread.php?p=5318038 |
|
1036 |
||
1037 |
\end{frame}}
|
|
| 9 | 1038 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 7 | 1039 |
|
|
99
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1040 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1041 |
\mode<presentation>{
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1042 |
\begin{frame}[c]
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1043 |
\frametitle{\begin{tabular}{@ {}c@ {}}Plain-Text Passwords\end{tabular}}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1044 |
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1045 |
\pause |
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1046 |
\small\textcolor{gray}{On 25 September 2012, a report on a data breach at IEEE:}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1047 |
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1048 |
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1049 |
\begin{itemize}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1050 |
\item IEEE is a standards organisation (not-for-profit) |
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1051 |
\item many standards in CS are by IEEE\medskip |
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1052 |
\item 100k plain-text passwords were recorded in logs |
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1053 |
\item the logs were openly accessible on their FTP server |
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1054 |
\end{itemize}\bigskip
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1055 |
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1056 |
\begin{flushright}\small
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1057 |
\textcolor{gray}{\url{http://ieeelog.com}}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1058 |
\end{flushright}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1059 |
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1060 |
\only<3->{
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1061 |
\begin{textblock}{11}(3,2)
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1062 |
\begin{tikzpicture}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1063 |
\draw (0,0) node[inner sep=2mm,fill=white, ultra thick, draw=red, rounded corners=2mm] |
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1064 |
{\normalsize\color{darkgray}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1065 |
\begin{minipage}{7.5cm}\raggedright\small
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1066 |
\includegraphics[scale=0.6]{pics/IEEElog.jpg}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1067 |
\end{minipage}};
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1068 |
\end{tikzpicture}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1069 |
\end{textblock}}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1070 |
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1071 |
\end{frame}}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1072 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1073 |
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1074 |
|
| 9 | 1075 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 7 | 1076 |
\mode<presentation>{
|
1077 |
\begin{frame}[c]
|
|
|
99
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1078 |
\frametitle{\begin{tabular}{c}Other Password Blunders\end{tabular}}
|
| 6 | 1079 |
|
| 9 | 1080 |
|
1081 |
\begin{itemize}
|
|
1082 |
\item in late 2009, when an SQL injection attack against online games |
|
1083 |
service RockYou.com exposed 32 million \alert{plaintext} passwords
|
|
| 8 | 1084 |
|
| 9 | 1085 |
\item 1.3 million Gawker credentials exposed in December 2010 containing |
1086 |
unsalted(?) \alert{MD5} hashes
|
|
1087 |
||
| 12 | 1088 |
\item June 6th, 2012, 6 million unsalted SHA-1 passwords were leaked from linkedIn |
| 3 | 1089 |
% linkedIn password |
1090 |
% http://erratasec.blogspot.co.uk/2012/06/confirmed-linkedin-6mil-password-dump.html |
|
| 9 | 1091 |
\end{itemize}\medskip
|
| 8 | 1092 |
|
| 9 | 1093 |
\small |
|
99
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1094 |
(web user maintains 25 separate accounts but uses just 6.5 passwords.) |
| 8 | 1095 |
|
| 7 | 1096 |
\end{frame}}
|
| 9 | 1097 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 7 | 1098 |
|
| 8 | 1099 |
%For instance, SHA512crypt, which is included in Mac OS X and most Unix-based operating systems, passes text through 5,000 iterations, a %hurdle that would have limited Gosney to slightly less than 2,600 guesses per second. The Bcrypt algorithm is even more computationally %expensive, in large part because it subjects text to multiple iterations of the Blowfish cipher that was deliberately modified to increase the %time required to generate a hash. PBKDF2, a function built into Microsoft's .Net software developer framework, offers similar benefits. |
1100 |
||
1101 |
||
| 3 | 1102 |
% rainbow tables |
1103 |
% http://en.wikipedia.org/wiki/Rainbow_table |
|
1104 |
||
| 7 | 1105 |
|
| 3 | 1106 |
|
| 9 | 1107 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 3 | 1108 |
\mode<presentation>{
|
1109 |
\begin{frame}[c]
|
|
1110 |
\frametitle{\begin{tabular}{c}Brute Forcing Passwords\end{tabular}}
|
|
1111 |
||
1112 |
\begin{itemize}
|
|
| 5 | 1113 |
\item How fast can hackers crack SHA-1 passwords? \pause |
| 3 | 1114 |
|
| 5 | 1115 |
\item The answer is 2 billion attempts per second\\ |
1116 |
using a Radeon HD 7970 |
|
| 3 | 1117 |
\end{itemize}
|
1118 |
||
1119 |
\begin{center}
|
|
| 5 | 1120 |
\begin{tabular}{@ {\hspace{-12mm}}rl}
|
| 3 | 1121 |
password length & time\smallskip\\\hline |
1122 |
5 letters & 5 secs\\ |
|
1123 |
6 letters & 500 secs\\ |
|
1124 |
7 letters & 13 hours\\ |
|
1125 |
8 letters & 57 days\\ |
|
1126 |
9 letters & 15 years\\ |
|
1127 |
\end{tabular}
|
|
1128 |
\end{center}
|
|
1129 |
||
1130 |
\small |
|
| 5 | 1131 |
5 letters $\approx$ 100$^5$ $=$ 10 billion combinations\\ |
1132 |
(1 letter - upper case, lower case, digits, symbols $\approx$ 100) |
|
1133 |
||
1134 |
\only<2->{
|
|
1135 |
\begin{textblock}{1}(12,5)
|
|
1136 |
\begin{tabular}{c}
|
|
1137 |
\includegraphics[scale=0.3]{pics/radeon.jpg}\\[-6mm]
|
|
1138 |
\footnotesize graphics card\\[-1mm] |
|
1139 |
\footnotesize ca.~\pounds{}300
|
|
1140 |
\end{tabular}
|
|
1141 |
\end{textblock}}
|
|
1142 |
||
1143 |
||
| 3 | 1144 |
|
1145 |
\end{frame}}
|
|
| 9 | 1146 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 3 | 1147 |
|
| 9 | 1148 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 4 | 1149 |
\mode<presentation>{
|
1150 |
\begin{frame}[c]
|
|
| 7 | 1151 |
\frametitle{\begin{tabular}{c}Passwords\end{tabular}}
|
| 4 | 1152 |
|
| 9 | 1153 |
How to recover from a breakin?\pause\medskip |
1154 |
||
| 4 | 1155 |
\begin{itemize}
|
| 9 | 1156 |
\item Do not send passwords in plain text. |
1157 |
\item Security questions are tricky to get right. |
|
1158 |
\item QQ (Chinese Skype) authenticates you via contacts. |
|
| 4 | 1159 |
\end{itemize}
|
1160 |
||
1161 |
\end{frame}}
|
|
| 9 | 1162 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 4 | 1163 |
|
| 9 | 1164 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 3 | 1165 |
\mode<presentation>{
|
1166 |
\begin{frame}[c]
|
|
| 7 | 1167 |
\frametitle{\begin{tabular}{c}This Course\end{tabular}}
|
| 3 | 1168 |
|
1169 |
\begin{itemize}
|
|
| 9 | 1170 |
\item break-ins (buffer overflows) |
1171 |
\item access control\\ (role based, data security / data integrity) |
|
|
101
b37223b88ebd
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
100
diff
changeset
|
1172 |
\item electronic voting |
|
b37223b88ebd
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
100
diff
changeset
|
1173 |
\item protocols (specification) |
| 7 | 1174 |
\item access control logic |
1175 |
\item privacy |
|
1176 |
\begin{quote}
|
|
1177 |
Scott McNealy: \\``You have zero privacy anyway. Get over it.'' |
|
1178 |
\end{quote}
|
|
|
101
b37223b88ebd
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
100
diff
changeset
|
1179 |
\item zero-knowledge proofs |
| 3 | 1180 |
\end{itemize}
|
1181 |
||
1182 |
\end{frame}}
|
|
| 9 | 1183 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 3 | 1184 |
|
| 9 | 1185 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 3 | 1186 |
\mode<presentation>{
|
1187 |
\begin{frame}[c]
|
|
|
100
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1188 |
\frametitle{\Large\begin{tabular}{c}User-Tracking Without Cookies\end{tabular}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1189 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1190 |
Can you track a user {\bf without}:
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1191 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1192 |
\begin{itemize}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1193 |
\item Cookies |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1194 |
\item Javascript |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1195 |
\item LocalStorage/SessionStorage/GlobalStorage |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1196 |
\item Flash, Java or other plugins |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1197 |
\item Your IP address or user agent string |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1198 |
\item Any methods employed by Panopticlick\\ |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1199 |
\mbox{}\hfill $\rightarrow$ \textcolor{blue}{\url{https://panopticlick.eff.org/}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1200 |
\end{itemize}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1201 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1202 |
Even when you disabled cookies entirely, have Javascript turned off and use a VPN service.\\\pause |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1203 |
And numerous sites already use it. |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1204 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1205 |
\end{frame}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1206 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1207 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1208 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1209 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1210 |
\mode<presentation>{
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1211 |
\begin{frame}[c]
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1212 |
\frametitle{\begin{tabular}{c}Web-Protocol\end{tabular}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1213 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1214 |
\only<1->{
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1215 |
\begin{textblock}{1}(2,2)
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1216 |
\begin{tikzpicture}[scale=1.3]
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1217 |
\draw[white] (0,0) node (X) {\includegraphics[scale=0.12]{pics/firefox.jpg}};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1218 |
\end{tikzpicture}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1219 |
\end{textblock}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1220 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1221 |
\only<1->{
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1222 |
\begin{textblock}{1}(11,2)
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1223 |
\begin{tikzpicture}[scale=1.3]
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1224 |
\draw[white] (0,0) node (X) {\includegraphics[scale=0.15]{pics/servers.png}};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1225 |
\end{tikzpicture}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1226 |
\end{textblock}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1227 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1228 |
\only<1->{
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1229 |
\begin{textblock}{1}(5,2.5)
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1230 |
\begin{tikzpicture}[scale=1.3]
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1231 |
\draw[white] (0,0) node (X) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1232 |
\draw[white] (3,0) node (Y) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1233 |
\draw[red, ->, line width = 2mm] (X) -- (Y); |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1234 |
\node [inner sep=5pt,label=above:\textcolor{black}{\small GET static.jpg}] at ($ (X)!.5!(Y) $) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1235 |
\end{tikzpicture}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1236 |
\end{textblock}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1237 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1238 |
\only<2->{
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1239 |
\begin{textblock}{1}(5,6)
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1240 |
\begin{tikzpicture}[scale=1.3]
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1241 |
\draw[white] (0,0) node (X) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1242 |
\draw[white] (3,0) node (Y) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1243 |
\draw[red, <-, line width = 2mm] (X) -- (Y); |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1244 |
\node [inner sep=5pt,label=below:\textcolor{black}{\small ETag: 7b33de1}] at ($ (X)!.5!(Y) $) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1245 |
\node [inner sep=5pt,label=above:{\includegraphics[scale=0.15]{pics/tvtestscreen.jpg}}] at ($ (X)!.5!(Y) $) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1246 |
\end{tikzpicture}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1247 |
\end{textblock}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1248 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1249 |
\only<3->{
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1250 |
\begin{textblock}{1}(4.2,11)
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1251 |
\begin{tikzpicture}[scale=1.3]
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1252 |
\draw[white] (0,0) node (X) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1253 |
\draw[white] (3,0) node (Y) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1254 |
\draw[red, ->, line width = 2mm] (X) -- (Y); |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1255 |
\node [inner sep=5pt,label=above:\textcolor{black}{\small GET static.jpg ETag: 7b33de1}] at ($ (X)!.5!(Y) $) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1256 |
\end{tikzpicture}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1257 |
\end{textblock}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1258 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1259 |
\only<4->{
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1260 |
\begin{textblock}{1}(4.2,13.9)
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1261 |
\begin{tikzpicture}[scale=1.3]
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1262 |
\draw[white] (0,0) node (X) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1263 |
\draw[white] (3,0) node (Y) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1264 |
\draw[red, <-, line width = 2mm] (X) -- (Y); |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1265 |
\node [inner sep=5pt,label=below:\textcolor{black}{\small HTTP/1.1 304 (Not Modified)}] at ($ (X)!.5!(Y) $) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1266 |
\end{tikzpicture}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1267 |
\end{textblock}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1268 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1269 |
\end{frame}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1270 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1271 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1272 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1273 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1274 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1275 |
\mode<presentation>{
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1276 |
\begin{frame}[c]
|
| 9 | 1277 |
\frametitle{\begin{tabular}{c}Books + Homework\end{tabular}}
|
| 8 | 1278 |
|
| 9 | 1279 |
\begin{itemize}
|
|
100
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1280 |
\item There is no single book I am following |
| 9 | 1281 |
\begin{center}
|
1282 |
\includegraphics[scale=0.012]{pics/andersonbook1.jpg}
|
|
1283 |
\includegraphics[scale=0.23]{pics/accesscontrolbook.jpg}
|
|
1284 |
\end{center}\medskip\pause
|
|
1285 |
||
1286 |
\item The question ``Is this relevant for the exams'' is not appreciated!\medskip\\ |
|
1287 |
||
1288 |
Whatever is in the homework sheets (and is not marked optional) is relevant for the |
|
| 10 | 1289 |
exam. No code needs to be written. |
| 9 | 1290 |
\end{itemize}
|
| 8 | 1291 |
|
1292 |
\end{frame}}
|
|
1293 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1294 |
||
| 2 | 1295 |
|
|
102
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1296 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1297 |
\mode<presentation>{
|
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1298 |
\begin{frame}[c]
|
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1299 |
\frametitle{\begin{tabular}{c}Take-Home Points\end{tabular}}
|
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1300 |
|
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1301 |
\begin{itemize}
|
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1302 |
\item Never store passwords in plain text.\medskip |
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1303 |
\item Always salt your hashes!\medskip |
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1304 |
\item Use an existing crypto algorithm; do not write your own!\medskip |
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1305 |
\item Make the party responsible for losses, who is in the position to improve things. |
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1306 |
\end{itemize}
|
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1307 |
|
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1308 |
\end{frame}}
|
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1309 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 0 | 1310 |
|
1311 |
||
1312 |
\end{document}
|
|
1313 |
||
1314 |
%%% Local Variables: |
|
|
94
caf08b02fa32
added pictures
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
93
diff
changeset
|
1315 |
%%% mode: xelatex |
| 0 | 1316 |
%%% TeX-master: t |
1317 |
%%% End: |
|
1318 |