| author | Christian Urban <christian dot urban at kcl dot ac dot uk> |
| Tue, 23 Sep 2014 01:58:14 +0100 | |
| changeset 165 | 6f84ad98cf49 |
| parent 164 | 08a6e035223e |
| child 167 | d8657ff8cca1 |
| permissions | -rw-r--r-- |
|
93
82ac034dcc9d
brought order into the repository
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
90
diff
changeset
|
1 |
\documentclass[dvipsnames,14pt,t, xelatex]{beamer}
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
2 |
\usepackage{../slides}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
3 |
\usepackage{../graphics}
|
|
157
3a8fff66d62b
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
4 |
\usepackage{../langs}
|
| 0 | 5 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
6 |
\setmonofont[Scale=.88]{Consolas}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
7 |
\newfontfamily{\consolas}{Consolas}
|
| 0 | 8 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
9 |
\hfuzz=220pt |
| 0 | 10 |
|
11 |
% beamer stuff |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
12 |
\renewcommand{\slidecaption}{APP 01, King's College London}
|
| 0 | 13 |
|
|
162
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
14 |
\lstset{language=Scala,
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
15 |
style=mystyle, |
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
16 |
numbersep=0pt, |
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
17 |
numbers=none, |
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
18 |
xleftmargin=0mm} |
| 0 | 19 |
|
20 |
\begin{document}
|
|
21 |
||
| 9 | 22 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
23 |
\begin{frame}
|
| 0 | 24 |
\frametitle{%
|
| 1 | 25 |
\begin{tabular}{@ {}c@ {}}
|
26 |
\LARGE Access Control and \\[-3mm] |
|
27 |
\LARGE Privacy Policies (1)\\[-6mm] |
|
28 |
\end{tabular}}
|
|
29 |
||
30 |
\begin{center}
|
|
31 |
\includegraphics[scale=1.3]{pics/barrier.jpg}
|
|
32 |
\end{center}
|
|
33 |
||
|
157
3a8fff66d62b
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
34 |
\normalsize |
| 1 | 35 |
\begin{center}
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
36 |
\begin{tabular}{ll}
|
| 1 | 37 |
Email: & christian.urban at kcl.ac.uk\\ |
|
93
82ac034dcc9d
brought order into the repository
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
90
diff
changeset
|
38 |
Office: & S1.27 (1st floor Strand Building)\\ |
|
159
77cf0362b87a
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
157
diff
changeset
|
39 |
Slides: & KEATS |
| 1 | 40 |
\end{tabular}
|
41 |
\end{center}
|
|
|
157
3a8fff66d62b
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
42 |
\end{frame}
|
|
162
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
43 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 0 | 44 |
|
| 8 | 45 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
46 |
\begin{frame}
|
|
47 |
||
48 |
\begin{center}
|
|
49 |
\includegraphics[scale=2.1]{pics/barrier.jpg}
|
|
50 |
\end{center}
|
|
51 |
||
|
157
3a8fff66d62b
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
52 |
\end{frame}
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
53 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 1 | 54 |
|
55 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
|
95
e24f6c12839e
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
94
diff
changeset
|
56 |
\begin{frame}
|
|
e24f6c12839e
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
94
diff
changeset
|
57 |
|
|
e24f6c12839e
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
94
diff
changeset
|
58 |
\begin{center}
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
59 |
\begin{tikzpicture}[scale=1.3]
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
60 |
%\draw[very thick, scale=1] (0, 0) grid (6, -4); |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
61 |
\draw (0,0) node (X) {\includegraphics[scale=0.1]{pics/rman.png}};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
62 |
\draw (6,0) node (Y) {\includegraphics[scale=0.1]{pics/gman.png}};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
63 |
\node[below] at (X.south) {Alice};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
64 |
\node[below] at (Y.south) {Bob};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
65 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
66 |
\draw[red,<->,line width = 3mm] (X) -- (Y); |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
67 |
\node [inner sep=5pt,label=above:{\begin{tabular}{c}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
68 |
secure/private\\ |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
69 |
communication |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
70 |
\end{tabular}}]
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
71 |
at ($ (X)!.5!(Y) $) {};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
72 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
73 |
\draw (1.0,-1.5) node {\includegraphics[scale=0.05]{pics/nsa.png}};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
74 |
\draw (2.4,-1.5) node {\includegraphics[scale=0.3]{pics/gchq.jpg}};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
75 |
\draw (1.7,-2.3) node {\huge\ldots};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
76 |
\draw (4.2,-1.5) node {\includegraphics[scale=0.05]{pics/apple.png}};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
77 |
\draw (5.4,-1.7) node {\includegraphics[scale=0.15]{pics/google.png}};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
78 |
\draw (5.0,-2.3) node {\huge\ldots};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
79 |
\end{tikzpicture}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
80 |
\end{center}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
81 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
82 |
\begin{center}
|
|
95
e24f6c12839e
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
94
diff
changeset
|
83 |
\includegraphics[scale=0.1]{pics/snowden.jpg}
|
|
157
3a8fff66d62b
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
84 |
\end{center}
|
|
96
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
85 |
|
|
157
3a8fff66d62b
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
86 |
\end{frame}
|
|
3a8fff66d62b
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
87 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
96
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
88 |
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
89 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
90 |
\begin{frame}
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
91 |
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
92 |
\begin{center}
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
93 |
\includegraphics[scale=0.45]{pics/lavabit-email.jpg}
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
94 |
\end{center}
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
95 |
\small{}\mbox{}\hfill{}
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
96 |
Lavabit email service closed down on 8 August 2013. \\ |
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
97 |
\mbox{}\hfill{}\url{www.goo.gl/bgSrVp}
|
|
96
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
98 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
99 |
\end{frame}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
100 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
96
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
101 |
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
102 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
103 |
\begin{frame}
|
|
159
77cf0362b87a
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
157
diff
changeset
|
104 |
\frametitle{Also Bad Guys}
|
|
96
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
105 |
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
106 |
\begin{textblock}{1}(4,2.5)
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
107 |
\begin{tikzpicture}[scale=1.3]
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
108 |
\draw (0,0) node (X) {\includegraphics[scale=0.1]{pics/rman.png}};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
109 |
\draw (4,0) node (Y) {\includegraphics[scale=0.1]{pics/gman.png}};
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
110 |
\draw[red, <->, line width = 2mm] (X) -- (Y); |
|
96
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
111 |
\end{tikzpicture}
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
112 |
\end{textblock}
|
|
96
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
113 |
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
114 |
\begin{textblock}{1}(1,6)
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
115 |
\begin{bubble}[11cm]
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
116 |
\footnotesize |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
117 |
Annonymous Hacker operating a 10k bonnet using the ZeuS |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
118 |
hacking tool wrote:\medskip\\ ``FYI I do not cash out the bank |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
119 |
accounts or credit cards, I just sell the information (I know, |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
120 |
its just as bad...), there isn't even a law against |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
121 |
such in most countries, dealing with stolen information is |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
122 |
most of the time a legally greyzone (I was just as surprised |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
123 |
when I looked it up), I'm not talking about 3rd world |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
124 |
countries, but about European like Spain (The Mariposa botnet |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
125 |
owner never got charged, because a botnet isn't illegal, only |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
126 |
abusing CC information is, but that did other guys).''\\ |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
127 |
\hfill{}\url{www.goo.gl/UWluh0}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
128 |
\end{bubble}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
129 |
\end{textblock}
|
|
96
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
130 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
131 |
\end{frame}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
132 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
96
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
133 |
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
134 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
135 |
\begin{frame}
|
|
162
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
136 |
\frametitle{This is a Misconception!}
|
|
96
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
137 |
|
|
e1e314c1bb61
new
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
95
diff
changeset
|
138 |
\begin{center}
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
139 |
\includegraphics[scale=0.55]{pics/cryptographic-small.png}
|
|
95
e24f6c12839e
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
94
diff
changeset
|
140 |
\end{center}
|
|
e24f6c12839e
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
94
diff
changeset
|
141 |
|
|
162
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
142 |
\centering |
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
143 |
\begin{bubble}[9cm]
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
144 |
\small |
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
145 |
There is some consensus that the NSA can probably not |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
146 |
brute-force magically better than the ``public''. |
|
162
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
147 |
\end{bubble}
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
148 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
149 |
\end{frame}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
150 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
151 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
152 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
153 |
\begin{frame}[c]
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
154 |
The content of this course is very much inspired by the work of |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
155 |
three people:\bigskip |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
156 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
157 |
\small |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
158 |
\begin{center}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
159 |
\begin{tabular}{ccc}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
160 |
\includegraphics[scale=1.4]{pics/schneier.png} &
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
161 |
\includegraphics[scale=0.103]{pics/ross.jpg} &
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
162 |
\includegraphics[scale=0.2]{pics/halderman.jpg} \\
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
163 |
Bruce Schneier & Ross Anderson & Alex Halderman\\ |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
164 |
\tiny\url{en.wikipedia.org/wiki/Bruce_Schneier} &
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
165 |
\tiny\url{www.cl.cam.ac.uk/~rja14} &
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
166 |
\tiny\url{jhalderm.com}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
167 |
\end{tabular}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
168 |
\end{center}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
169 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
170 |
\end{frame}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
171 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
95
e24f6c12839e
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
94
diff
changeset
|
172 |
|
|
e24f6c12839e
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
94
diff
changeset
|
173 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 1 | 174 |
\begin{frame}[c]
|
175 |
||
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
176 |
\alert{\bf Security engineers} require a particular \alert{\bf mindset}:
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
177 |
\bigskip\medskip |
| 1 | 178 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
179 |
\begin{overlayarea}{\textwidth}{5cm}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
180 |
\small |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
181 |
\only<1>{\begin{bubble}[10cm]
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
182 |
``Security engineers --- at least the good ones --- see |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
183 |
the world differently. They can't walk into a store without |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
184 |
noticing how they might shoplift. They can't use a computer |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
185 |
without wondering about the security vulnerabilities. They |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
186 |
can't vote without trying to figure out how to vote twice. |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
187 |
They just can't help it.''\\ |
|
95
e24f6c12839e
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
94
diff
changeset
|
188 |
\hfill{}---Bruce Schneier
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
189 |
\end{bubble}}%
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
190 |
\only<2>{\begin{bubble}[10.5cm]
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
191 |
``Security engineering\ldots requires you to think |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
192 |
differently. You need to figure out not how something works, |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
193 |
but how something can be made to not work. You have to imagine |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
194 |
an intelligent and malicious adversary inside your system |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
195 |
\ldots, constantly trying new ways to |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
196 |
subvert it. You have to consider all the ways your system can |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
197 |
fail, most of them having nothing to do with the design |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
198 |
itself. You have to look at everything backwards, upside down, |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
199 |
and sideways. You have to think like an alien.''\hfill{}---Bruce Schneier
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
200 |
\end{bubble}}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
201 |
\end{overlayarea}
|
| 1 | 202 |
|
203 |
\begin{flushright}
|
|
204 |
\includegraphics[scale=0.0087]{pics/schneierbook1.jpg}\;
|
|
205 |
\includegraphics[scale=0.0087]{pics/schneierbook2.jpg}\;
|
|
|
97
efcac3016613
added hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
96
diff
changeset
|
206 |
\includegraphics[scale=0.23]{pics/schneierbook3.jpg}\;
|
| 1 | 207 |
\includegraphics[scale=0.85]{pics/schneier.png}
|
208 |
\end{flushright}
|
|
209 |
||
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
210 |
\end{frame}
|
| 1 | 211 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
212 |
||
| 4 | 213 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
214 |
\begin{frame}[c]
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
215 |
\frametitle{Breaking Things}
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
216 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
217 |
For example: |
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
218 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
219 |
\begin{center}
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
220 |
\begin{bubble}[10cm]\small
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
221 |
Prof.~V.~Nasty gives the following final exam question (closed books, |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
222 |
closed notes):\bigskip |
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
223 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
224 |
\noindent |
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
225 |
\begin{tabular}{@ {}l}
|
|
102
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
226 |
Write the first 100 digits of $\pi$:\\ |
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
227 |
3.\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_ |
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
228 |
\end{tabular}
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
229 |
\end{bubble}
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
230 |
\end{center}
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
231 |
|
|
102
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
232 |
How can you cheat in this exam and how can you defend against such cheating? |
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
233 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
234 |
\end{frame}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
235 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
236 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
237 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
238 |
\begin{frame}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
239 |
\frametitle{\textcolor{red}{Warning}}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
240 |
\small |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
241 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
242 |
\begin{itemize}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
243 |
\item<1-> I will be teaching techniques that can be used to |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
244 |
compromise security and privacy. |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
245 |
\end{itemize}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
246 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
247 |
\onslide<2->{
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
248 |
\begin{itemize}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
249 |
\item Don’t be evil! |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
250 |
\only<3>{\item Using those techniques in the real world may
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
251 |
violate the law or King’s rules, and it may be unethical.} |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
252 |
\only<3>{\item Under some circumstances, even probing for weaknesses of a
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
253 |
system may result in severe penalties, up to and including |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
254 |
expulsion, fines and jail time.} |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
255 |
\only<3>{\item Acting lawfully and ethically is \underline{your} responsibility.}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
256 |
\only<4>{\item Ethics requires you to
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
257 |
refrain from doing harm.} |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
258 |
\only<4>{\item \underline{Always} respect privacy and rights of
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
259 |
others.} |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
260 |
\only<4>{\item Do not tamper with any of King's systems.}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
261 |
\only<5>{\item If you try
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
262 |
out a technique, always make doubly sure you are working in a |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
263 |
safe environment so that you cannot cause any harm, not even |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
264 |
accidentally.} |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
265 |
\only<5>{\item Don't be evil. Be an \underline{ethical} hacker.}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
266 |
\end{itemize}}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
267 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
268 |
\end{frame}
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
269 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
270 |
|
|
162
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
271 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
272 |
\begin{frame}[c]
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
273 |
\frametitle{Secure Systems}
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
274 |
|
|
162
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
275 |
For a secure system, four requirements need to come |
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
276 |
together: |
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
277 |
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
278 |
\begin{itemize}
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
279 |
\item {\bf Policy}\\
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
280 |
{\small What is supposed to be achieved?}
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
281 |
\item {\bf Mechanism}\\
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
282 |
{\small Cypher, access controls, tamper resistance}
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
283 |
\item {\bf Assurance}\\
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
284 |
{\small The amount of reliance you can put on the mechanism.}
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
285 |
\item {\bf Incentive}\\
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
286 |
{\small The motive that the people guarding and maintaining the
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
287 |
system have to do their job properly, and also the motive |
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
288 |
that the attackers have to try to defeat your policy.} |
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
289 |
\end{itemize}
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
290 |
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
291 |
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
292 |
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
293 |
\end{frame}
|
|
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
294 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
295 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
296 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
297 |
\begin{frame}[c]
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
298 |
\frametitle{Chip-and-PIN}
|
| 4 | 299 |
|
300 |
\begin{center}
|
|
301 |
\includegraphics[scale=0.3]{pics/creditcard1.jpg}\;
|
|
302 |
\includegraphics[scale=0.3]{pics/creditcard2.jpg}
|
|
303 |
\end{center}
|
|
304 |
||
305 |
\begin{itemize}
|
|
306 |
\item Chip-and-PIN was introduced in the UK in 2004 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
307 |
\item before that customers had to sign a receipt\bigskip |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
308 |
\item \bf Is Chip-and-PIN a more secure system? |
| 4 | 309 |
\end{itemize}
|
310 |
||
311 |
\begin{flushright}
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
312 |
\small\textcolor{gray}{(some other countries still use the old method)}
|
| 4 | 313 |
\end{flushright}
|
314 |
||
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
315 |
\end{frame}
|
| 4 | 316 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
317 |
||
| 0 | 318 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
319 |
\begin{frame}[c]
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
320 |
\frametitle{Yes \ldots}
|
| 1 | 321 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
322 |
\begin{bubble}[10cm]
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
323 |
\small ``Chip-and-PIN is so effective in this country [UK] |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
324 |
that fraudsters are starting to move their activities |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
325 |
overseas,''\smallskip\\ |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
326 |
\hfill{}said some spokesman for Lloyds TSB\\
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
327 |
\hfill(in The Guardian, 2006) |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
328 |
\end{bubble}\bigskip
|
| 1 | 329 |
|
| 0 | 330 |
|
| 1 | 331 |
\begin{itemize}
|
332 |
\item mag-stripe cards cannot be cloned anymore |
|
333 |
\item stolen or cloned cards need to be used abroad |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
334 |
\item fraud on lost, stolen and counterfeit credit |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
335 |
cards was down \pounds{60m} (24\%) on 2004's figure
|
| 1 | 336 |
\end{itemize}
|
337 |
||
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
338 |
\end{frame}
|
| 1 | 339 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
340 |
||
341 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
342 |
\begin{frame}[c]
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
343 |
\frametitle{But let's see}
|
| 1 | 344 |
|
345 |
||
346 |
\begin{textblock}{1}(3,4)
|
|
347 |
\begin{tabular}{c}
|
|
348 |
\includegraphics[scale=0.3]{pics/bank.png}\\[-2mm]
|
|
349 |
\small Bank |
|
| 0 | 350 |
\end{tabular}
|
351 |
\end{textblock}
|
|
| 1 | 352 |
|
353 |
\begin{textblock}{1}(7,4.5)
|
|
354 |
\begin{tabular}{c}
|
|
355 |
\includegraphics[scale=3]{pics/store.png}\\[-2mm]
|
|
356 |
\end{tabular}
|
|
357 |
\end{textblock}
|
|
358 |
||
359 |
\begin{textblock}{1}(4.5,9.9)
|
|
360 |
\begin{tabular}{c}
|
|
361 |
\includegraphics[scale=0.16]{pics/rman.png}\\[-1mm]
|
|
|
162
5031e7778fdb
new version
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
160
diff
changeset
|
362 |
\small custumer / you |
| 1 | 363 |
\end{tabular}
|
364 |
\end{textblock}
|
|
| 8 | 365 |
|
366 |
\only<2->{
|
|
367 |
\begin{textblock}{1}(4.5,7.5)
|
|
368 |
\begin{tikzpicture}[scale=1.3]
|
|
369 |
\draw[white] (0,0) node (X) {};
|
|
370 |
\draw[white] (1,-1) node (Y) {};
|
|
371 |
\draw[red, ->, line width = 2mm] (X) -- (Y); |
|
372 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
373 |
\end{tikzpicture}
|
|
374 |
\end{textblock}}
|
|
375 |
||
376 |
\only<3->{
|
|
377 |
\begin{textblock}{1}(6.8,7.5)
|
|
378 |
\begin{tikzpicture}[scale=1.3]
|
|
379 |
\draw[white] (0,0) node (X) {};
|
|
380 |
\draw[white] (1,1) node (Y) {};
|
|
381 |
\draw[red, ->, line width = 2mm] (X) -- (Y); |
|
382 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
383 |
\end{tikzpicture}
|
|
384 |
\end{textblock}
|
|
385 |
||
386 |
\begin{textblock}{1}(4.8,5.9)
|
|
387 |
\begin{tikzpicture}[scale=1.3]
|
|
388 |
\draw[white] (0,0) node (X) {};
|
|
389 |
\draw[white] (1.4,0) node (Y) {};
|
|
390 |
\draw[red, <->, line width = 2mm] (X) -- (Y); |
|
391 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
392 |
\end{tikzpicture}
|
|
393 |
\end{textblock}}
|
|
394 |
||
395 |
\only<4->{
|
|
396 |
\begin{textblock}{1}(12,6.5)
|
|
397 |
\begin{tabular}{c}
|
|
398 |
\includegraphics[scale=0.8]{pics/factory.png}\\[-1mm]
|
|
399 |
\small card\\[-2mm]\small terminal\\[-2mm] \small producer |
|
400 |
\end{tabular}
|
|
401 |
\end{textblock}
|
|
402 |
||
403 |
\begin{textblock}{1}(10,7)
|
|
404 |
\begin{tikzpicture}[scale=1.6]
|
|
405 |
\draw[white] (0,0) node (X) {};
|
|
406 |
\draw[white] (-1,0.6) node (Y) {};
|
|
407 |
\draw[red, ->, line width = 2mm] (X) -- (Y); |
|
408 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
409 |
\end{tikzpicture}
|
|
410 |
\end{textblock}}
|
|
| 0 | 411 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
412 |
\end{frame}
|
| 0 | 413 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
414 |
||
415 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
416 |
\begin{frame}[c]
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
417 |
\frametitle{Chip-and-PIN}
|
| 0 | 418 |
|
| 1 | 419 |
\begin{itemize}
|
| 5 | 420 |
\item A ``tamperesitant'' terminal playing Tetris on |
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
421 |
\href{http://www.youtube.com/watch?v=wWTzkD9M0sU}{youtube}.\smallskip\\
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
422 |
\footnotesize(\url{http://www.youtube.com/watch?v=wWTzkD9M0sU})
|
| 1 | 423 |
\end{itemize}
|
424 |
||
425 |
\includegraphics[scale=0.2]{pics/tetris.jpg}
|
|
426 |
||
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
427 |
\end{frame}
|
| 1 | 428 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 0 | 429 |
|
430 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
431 |
\begin{frame}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
432 |
\frametitle{Chip-and-PIN}
|
| 0 | 433 |
|
434 |
\begin{itemize}
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
435 |
\item in 2006, Shell petrol stations stopped accepting Chip-and-PIN after |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
436 |
\pounds{1M} had been stolen from customer accounts\smallskip
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
437 |
\item in 2008, hundreds of card readers for use in Britain, Ireland, |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
438 |
the Netherlands, Denmark, and Belgium had been expertly tampered with |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
439 |
shortly after manufacture so that details and PINs of credit cards |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
440 |
were sent during the 9 months before over mobile phone networks |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
441 |
to criminals in Lahore, Pakistan |
| 0 | 442 |
\end{itemize}
|
443 |
||
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
444 |
\end{frame}
|
| 0 | 445 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
446 |
||
447 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
448 |
\begin{frame}[c]
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
449 |
\frametitle{Chip-and-PIN is Broken}
|
| 0 | 450 |
|
| 1 | 451 |
\begin{flushright}
|
452 |
\includegraphics[scale=0.01]{pics/andersonbook1.jpg}\;
|
|
453 |
\includegraphics[scale=1.5]{pics/anderson.jpg}
|
|
454 |
\end{flushright}
|
|
| 0 | 455 |
|
456 |
\begin{itemize}
|
|
| 5 | 457 |
\item man-in-the-middle attacks by the group around Ross Anderson\medskip |
| 0 | 458 |
\end{itemize}
|
459 |
||
| 1 | 460 |
\begin{center}
|
| 5 | 461 |
\mbox{}\hspace{-20mm}\includegraphics[scale=0.5]{pics/chip-attack.png}
|
| 1 | 462 |
\end{center}
|
| 5 | 463 |
|
464 |
\begin{textblock}{1}(11.5,13.7)
|
|
465 |
\begin{tabular}{l}
|
|
466 |
\footnotesize on BBC Newsnight\\[-2mm] |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
467 |
\footnotesize in 2010 or |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
468 |
\href{http://www.youtube.com/watch?v=JPAX32lgkrw}{youtube}
|
| 5 | 469 |
\end{tabular}
|
470 |
\end{textblock}
|
|
| 0 | 471 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
472 |
\end{frame}
|
| 0 | 473 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
474 |
||
475 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
476 |
\begin{frame}[c]
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
477 |
\frametitle{\Large Chip-and-PIN is Really Broken}
|
| 0 | 478 |
|
| 1 | 479 |
\begin{flushright}
|
480 |
\includegraphics[scale=0.01]{pics/andersonbook1.jpg}\;
|
|
481 |
\includegraphics[scale=1.5]{pics/anderson.jpg}
|
|
482 |
\end{flushright}
|
|
| 0 | 483 |
|
484 |
\begin{itemize}
|
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
485 |
\item same group successfully attacked in 2012 card readers and ATM machines |
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
486 |
\item the problem: several types of ATMs generate poor random numbers, |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
487 |
which are used as nonces |
| 0 | 488 |
\end{itemize}
|
| 1 | 489 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
490 |
\end{frame}
|
| 0 | 491 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
492 |
||
493 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
494 |
\begin{frame}[c]
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
495 |
\frametitle{The Real Problem \ldots}
|
| 0 | 496 |
|
| 1 | 497 |
\begin{textblock}{1}(3,4)
|
498 |
\begin{tabular}{c}
|
|
499 |
\includegraphics[scale=0.3]{pics/bank.png}\\[-2mm]
|
|
500 |
\small Bank |
|
501 |
\end{tabular}
|
|
502 |
\end{textblock}
|
|
503 |
||
504 |
\begin{textblock}{1}(7,4.5)
|
|
505 |
\begin{tabular}{c}
|
|
506 |
\includegraphics[scale=3]{pics/store.png}\\[-2mm]
|
|
507 |
\end{tabular}
|
|
508 |
\end{textblock}
|
|
| 0 | 509 |
|
| 1 | 510 |
\begin{textblock}{1}(12,6.5)
|
511 |
\begin{tabular}{c}
|
|
512 |
\includegraphics[scale=0.8]{pics/factory.png}\\[-1mm]
|
|
513 |
\small terminal\\[-2mm] \small producer |
|
514 |
\end{tabular}
|
|
| 0 | 515 |
\end{textblock}
|
| 1 | 516 |
|
517 |
\begin{textblock}{1}(4.5,9.9)
|
|
518 |
\begin{tabular}{c}
|
|
519 |
\includegraphics[scale=0.13]{pics/rman.png}\\[-1mm]
|
|
520 |
\small costumer / you |
|
521 |
\end{tabular}
|
|
522 |
\end{textblock}
|
|
| 0 | 523 |
|
| 8 | 524 |
\begin{textblock}{1}(4.5,7.5)
|
525 |
\begin{tikzpicture}[scale=1.3]
|
|
526 |
\draw[white] (0,0) node (X) {};
|
|
527 |
\draw[white] (1,-1) node (Y) {};
|
|
528 |
\draw[gray, ->, line width = 2mm] (X) -- (Y); |
|
529 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
530 |
\end{tikzpicture}
|
|
531 |
\end{textblock}
|
|
532 |
||
533 |
\begin{textblock}{1}(6.8,7.5)
|
|
534 |
\begin{tikzpicture}[scale=1.3]
|
|
535 |
\draw[white] (0,0) node (X) {};
|
|
536 |
\draw[white] (1,1) node (Y) {};
|
|
537 |
\draw[gray, ->, line width = 2mm] (X) -- (Y); |
|
538 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
539 |
\end{tikzpicture}
|
|
540 |
\end{textblock}
|
|
541 |
||
542 |
\begin{textblock}{1}(4.8,5.9)
|
|
543 |
\begin{tikzpicture}[scale=1.3]
|
|
544 |
\draw[white] (0,0) node (X) {};
|
|
545 |
\draw[white] (1.4,0) node (Y) {};
|
|
546 |
\draw[gray, <->, line width = 2mm] (X) -- (Y); |
|
547 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
548 |
\end{tikzpicture}
|
|
549 |
\end{textblock}
|
|
550 |
||
551 |
\begin{textblock}{1}(10,7)
|
|
552 |
\begin{tikzpicture}[scale=1.6]
|
|
553 |
\draw[white] (0,0) node (X) {};
|
|
554 |
\draw[white] (-1,0.6) node (Y) {};
|
|
555 |
\draw[gray, ->, line width = 2mm] (X) -- (Y); |
|
556 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
557 |
\end{tikzpicture}
|
|
558 |
\end{textblock}
|
|
559 |
||
| 1 | 560 |
\begin{textblock}{14}(1,13.5)
|
561 |
\begin{itemize}
|
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
562 |
\item the burden of proof for fraud and financial liability was shifted to the costumer (until approx.~2009/10) |
| 1 | 563 |
\end {itemize}
|
| 0 | 564 |
\end{textblock}
|
565 |
||
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
566 |
\end{frame}
|
| 0 | 567 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
568 |
||
569 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
570 |
\begin{frame}[c]
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
571 |
\frametitle{The Bad Guy Again}
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
572 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
573 |
\begin{bubble}[10cm]
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
574 |
\footnotesize |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
575 |
The anonymous hacker from earlier:\medskip\\ ``Try to use |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
576 |
`Verified-By-Visa' and `Mastercard-Securecode' as rarely as |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
577 |
possible. If only your CVV2 code is getting sniffed, you are |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
578 |
not liable for any damage, because the code is physically |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
579 |
printed and could have been stolen while you payed with your |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
580 |
card at a store. Same applies if someone cloned your CC |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
581 |
reading the magnetic stripe or sniffing RFID. Only losing your |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
582 |
VBV or MCSC password can cause serious trouble.''\\ |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
583 |
\hfill{}\url{goo.gl/UWluh0}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
584 |
\end{bubble}
|
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
585 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
586 |
\end{frame}
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
587 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
588 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
589 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
590 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
591 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 0 | 592 |
\begin{frame}[c]
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
593 |
\frametitle{Being Screwed Again}
|
| 0 | 594 |
|
| 1 | 595 |
\begin{flushright}
|
596 |
\includegraphics[scale=0.3]{pics/rbssecure.jpg}
|
|
597 |
\end{flushright}
|
|
598 |
||
| 0 | 599 |
\begin{itemize}
|
| 1 | 600 |
\item {\bf Responsibility}\\
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
601 |
``You understand that you are financially responsible for all uses |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
602 |
of RBS Secure.''\medskip\\ |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
603 |
\footnotesize\url{https://www.rbssecure.co.uk/rbs/tdsecure/terms_of_use.jsp}
|
| 0 | 604 |
\end{itemize}
|
605 |
||
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
606 |
\end{frame}
|
| 0 | 607 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
608 |
||
| 2 | 609 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
610 |
\begin{frame}[c]
|
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
611 |
\frametitle{Web Applications}
|
| 2 | 612 |
|
613 |
\begin{textblock}{1}(2,5)
|
|
614 |
\begin{tabular}{c}
|
|
615 |
\includegraphics[scale=0.15]{pics/servers.png}\\[-2mm]
|
|
616 |
\small Servers from\\[-2mm] |
|
617 |
\small Dot.com Inc. |
|
618 |
\end{tabular}
|
|
619 |
\end{textblock}
|
|
620 |
||
| 6 | 621 |
\begin{textblock}{1}(5.6,6)
|
622 |
\begin{tikzpicture}[scale=2.5]
|
|
623 |
\draw[white] (0,0) node (X) {};
|
|
624 |
\draw[white] (1,0) node (Y) {};
|
|
| 8 | 625 |
\only<2>{\draw[red, <-, line width = 2mm] (X) -- (Y);
|
| 6 | 626 |
\node [inner sep=5pt,label=above:\textcolor{black}{GET request}] at ($ (X)!.5!(Y) $) {};}
|
| 8 | 627 |
\only<3>{\draw[red, ->, line width = 2mm] (X) -- (Y);
|
| 6 | 628 |
\node [inner sep=5pt,label=above:\textcolor{black}{webpage}] at ($ (X)!.5!(Y) $) {};}
|
| 8 | 629 |
\only<4>{\draw[red, <-, line width = 2mm] (X) -- (Y);
|
| 6 | 630 |
\node [inner sep=7pt,label=above:\textcolor{black}{POST data}] at ($ (X)!.5!(Y) $) {};}
|
631 |
\end{tikzpicture}
|
|
632 |
\end{textblock}
|
|
633 |
||
634 |
||
| 2 | 635 |
\begin{textblock}{1}(9,5.5)
|
636 |
\begin{tabular}{c}
|
|
637 |
\includegraphics[scale=0.15]{pics/laptop.png}\\[-2mm]
|
|
| 8 | 638 |
\small Client(s) |
| 2 | 639 |
\end{tabular}
|
640 |
\end{textblock}
|
|
641 |
||
642 |
\begin{textblock}{13}(1,13)
|
|
643 |
\begin{itemize}
|
|
644 |
\item What are pitfalls and best practices? |
|
645 |
\end{itemize}
|
|
646 |
\end{textblock}
|
|
647 |
||
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
648 |
\end{frame}
|
| 2 | 649 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
650 |
||
| 5 | 651 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
652 |
\begin{frame}[c]
|
|
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
653 |
\frametitle{JavaScript + Node.js}
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
654 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
655 |
A simple response from the server: |
| 5 | 656 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
657 |
\small |
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
658 |
\lstinputlisting[language=JavaScript]{../progs/ap0.js}
|
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
659 |
\medskip\pause |
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
660 |
|
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
661 |
\small |
|
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
662 |
alternative response:\smallskip\\ |
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
663 |
|
| 6 | 664 |
|
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
665 |
\lstinline[language=JavaScript]{response.write('<H1>Hello World</H1>');}
|
| 5 | 666 |
|
|
160
4cbd6ca025e6
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
159
diff
changeset
|
667 |
\end{frame}
|
| 5 | 668 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
669 |
||
|
98
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
670 |
|
|
3d585e603927
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
671 |
|
| 5 | 672 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
673 |
\begin{frame}[c]
|
|
674 |
||
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
675 |
\footnotesize |
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
676 |
\lstinputlisting[language=JavaScript]{../progs/ap1.js}
|
| 5 | 677 |
|
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
678 |
\end{frame}
|
| 5 | 679 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
680 |
||
| 6 | 681 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
682 |
\begin{frame}[c]
|
|
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
683 |
\frametitle{Cookies}
|
| 6 | 684 |
|
685 |
\begin{textblock}{1}(1.5,5)
|
|
686 |
\begin{tabular}{c}
|
|
687 |
\includegraphics[scale=0.15]{pics/servers.png}\\[-2mm]
|
|
688 |
\small Servers from\\[-2mm] |
|
689 |
\small Dot.com Inc. |
|
690 |
\end{tabular}
|
|
691 |
\end{textblock}
|
|
692 |
||
693 |
\begin{textblock}{1}(5.6,5.6)
|
|
694 |
\begin{tikzpicture}[scale=2.5]
|
|
695 |
\draw[white] (0,0) node (X) {};
|
|
696 |
\draw[white] (1,0) node (Y) {};
|
|
697 |
\draw[white] (0.05,-0.3) node (X1) {};
|
|
698 |
\draw[white] (0.95,-0.3) node (Y1) {};
|
|
699 |
\only<1-2>{\draw[red, <-, line width = 2mm] (X) -- (Y);
|
|
700 |
\node [inner sep=5pt,label=above:\textcolor{black}{GET request}] at ($ (X)!.5!(Y) $) {};}
|
|
| 8 | 701 |
\only<1>{\draw[white, <-, line width = 1mm] (X1) -- (Y1);
|
702 |
\node [inner sep=2pt,label=below:\textcolor{white}{read a cookie}] at ($ (X1)!.5!(Y1) $) {};}
|
|
| 6 | 703 |
\only<2>{\draw[red, <-, line width = 1mm] (X1) -- (Y1);
|
704 |
\node [inner sep=2pt,label=below:\textcolor{black}{read a cookie}] at ($ (X1)!.5!(Y1) $) {};}
|
|
705 |
\only<3->{\draw[red, ->, line width = 2mm] (X) -- (Y);
|
|
706 |
\node [inner sep=5pt,label=above:\textcolor{black}{webpage}] at ($ (X)!.5!(Y) $) {};}
|
|
707 |
\only<3->{\draw[red, ->, line width = 1mm] (X1) -- (Y1);
|
|
708 |
\node [inner sep=2pt,label=below:\textcolor{black}{write a cookie}] at ($ (X1)!.5!(Y1) $) {};}
|
|
709 |
\end{tikzpicture}
|
|
710 |
\end{textblock}
|
|
711 |
||
712 |
||
713 |
\begin{textblock}{1}(9.5,5.5)
|
|
714 |
\begin{tabular}{c}
|
|
715 |
\includegraphics[scale=0.15]{pics/laptop.png}\\[-2mm]
|
|
716 |
\small Client |
|
717 |
\end{tabular}
|
|
718 |
\end{textblock}
|
|
719 |
||
720 |
\only<4->{
|
|
721 |
\begin{textblock}{13}(1,11)
|
|
722 |
\small\begin{itemize}
|
|
723 |
\item cookies: max 4KB data\\[-2mm] |
|
724 |
\item cookie theft, cross-site scripting attacks\\[-2mm] |
|
725 |
\item session cookies, persistent cookies, HttpOnly cookies, third-party cookies, zombie cookies |
|
726 |
\end{itemize}
|
|
727 |
\end{textblock}}
|
|
728 |
||
729 |
\only<5>{
|
|
730 |
\begin{textblock}{11}(1,3)
|
|
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
731 |
\begin{bubble}[10cm]\small
|
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
732 |
{\bf EU Privacy Directive about Cookies:}\smallskip\\ ``In May 2011, a
|
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
733 |
European Union law was passed stating that websites that leave |
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
734 |
non-essential cookies on visitors' devices have to alert the visitor |
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
735 |
and get acceptance from them. This law applies to both individuals and |
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
736 |
businesses based in the EU regardless of the nationality of their |
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
737 |
website's visitors or the location of their web host. It is not enough |
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
738 |
to simply update a website's terms and conditions or privacy |
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
739 |
policy. The deadline to comply with the new EU cookie law was 26th May |
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
740 |
2012 and failure to do so could mean a fine of up to |
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
741 |
\pounds{500,000}.'' \hfill\small\textcolor{gray}{$\rightarrow$BBC
|
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
742 |
News}, \textcolor{blue}{\url{goo.gl/RI4qhh}}
|
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
743 |
\end{bubble}
|
| 6 | 744 |
\end{textblock}}
|
745 |
||
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
746 |
\end{frame}
|
| 6 | 747 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
748 |
||
749 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
| 9 | 750 |
\begin{frame}[t]
|
751 |
\begin{itemize}
|
|
752 |
\item While cookies are per web-page, this can be easily circumvented. |
|
753 |
\end{itemize}
|
|
754 |
||
755 |
\begin{textblock}{1}(1.5,4.5)
|
|
756 |
\begin{tabular}{c}
|
|
757 |
\includegraphics[scale=0.07]{pics/servers.png}\\[-2mm]
|
|
758 |
\small Pet Store\\[-2mm] |
|
759 |
\small Dot.com\\[-2mm] |
|
760 |
\end{tabular}
|
|
761 |
\end{textblock}
|
|
762 |
||
763 |
\begin{textblock}{1}(1.5,8)
|
|
764 |
\begin{tabular}{c}
|
|
765 |
\includegraphics[scale=0.07]{pics/servers.png}\\[-2mm]
|
|
766 |
\small Dating.com |
|
767 |
\end{tabular}
|
|
768 |
\end{textblock}
|
|
769 |
||
770 |
\begin{textblock}{1}(10.5,7.5)
|
|
771 |
\begin{tabular}{c}
|
|
772 |
\includegraphics[scale=0.07]{pics/servers.png}\\[-2mm]
|
|
773 |
\small Evil-Ad-No\\[-2mm] |
|
774 |
\small Privacy.com |
|
775 |
\end{tabular}
|
|
776 |
\end{textblock}
|
|
777 |
||
778 |
\begin{textblock}{1}(6,10.5)
|
|
779 |
\begin{tabular}{c}
|
|
780 |
\includegraphics[scale=0.16]{pics/rman.png}\\[-1mm]
|
|
781 |
\small you |
|
782 |
\end{tabular}
|
|
783 |
\end{textblock}
|
|
784 |
||
785 |
\begin{textblock}{1}(4,5)
|
|
786 |
\begin{tikzpicture}[scale=1]
|
|
787 |
\draw[white] (0,0.5) node (X) {};
|
|
788 |
\draw[white] (5.7,-1) node (Y) {};
|
|
789 |
\draw[red, ->, line width = 0.5mm] (X) -- (Y); |
|
790 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
791 |
\end{tikzpicture}
|
|
792 |
\end{textblock}
|
|
793 |
||
794 |
\begin{textblock}{1}(4,7.9)
|
|
795 |
\begin{tikzpicture}[scale=1]
|
|
796 |
\draw[white] (0,0) node (X) {};
|
|
797 |
\draw[white] (5.7,0) node (Y) {};
|
|
798 |
\draw[red, ->, line width = 0.5mm] (X) -- (Y); |
|
799 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
800 |
\end{tikzpicture}
|
|
801 |
\end{textblock}
|
|
802 |
||
803 |
\begin{textblock}{1}(3.3,9.3)
|
|
804 |
\begin{tikzpicture}[scale=1.2]
|
|
805 |
\draw[white] (0,0) node (X) {};
|
|
806 |
\draw[white] (1.5,-1) node (Y) {};
|
|
807 |
\draw[red, <->, line width = 2mm] (X) -- (Y); |
|
808 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
809 |
\draw[white] (0.9,0.3) node (X1) {};
|
|
810 |
\draw[white] (1.9,-1) node (Y1) {};
|
|
811 |
\draw[red, <->, line width = 2mm] (X1) -- (Y1); |
|
812 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X1)!.5!(Y1) $) {};
|
|
813 |
\end{tikzpicture}
|
|
814 |
\end{textblock}
|
|
815 |
||
816 |
\begin{textblock}{1}(8.6,10.1)
|
|
817 |
\begin{tikzpicture}[scale=0.9]
|
|
818 |
\draw[white] (0,0) node (X) {};
|
|
819 |
\draw[white] (-2,-1) node (Y) {};
|
|
820 |
\draw[red, <->, line width = 0.5mm] (X) -- (Y); |
|
821 |
\node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
|
|
822 |
\end{tikzpicture}
|
|
823 |
\end{textblock}
|
|
824 |
||
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
825 |
\end{frame}
|
| 9 | 826 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
827 |
||
828 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
| 6 | 829 |
\begin{frame}[c]
|
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
830 |
\frametitle{My First Real Webapp}
|
| 6 | 831 |
|
832 |
{\bf GET request:}\smallskip
|
|
833 |
\begin{enumerate}
|
|
| 8 | 834 |
\item read the cookie from client |
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
835 |
\item if none is present, set \texttt{counter} to \textcolor{blue}{zero}
|
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
836 |
\item if cookie is present, extract \texttt{counter}
|
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
837 |
\item if \texttt{counter} is greater or equal \textcolor{blue}{$5$}, \\
|
| 8 | 838 |
print a valued customer message\\ |
839 |
otherwise just a normal message |
|
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
840 |
\item increase \texttt{counter} by \textcolor{blue}{$1$} and store new cookie with client
|
| 6 | 841 |
\end{enumerate}
|
842 |
||
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
843 |
\end{frame}
|
| 6 | 844 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
845 |
||
846 |
||
847 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
848 |
\begin{frame}[c]
|
|
849 |
\mbox{}\\[-9mm]
|
|
850 |
||
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
851 |
\footnotesize |
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
852 |
\lstinputlisting[language=JavaScript]{../progs/ap2.js}
|
| 6 | 853 |
|
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
854 |
\end{frame}
|
| 7 | 855 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
856 |
||
857 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
858 |
\begin{frame}[c]
|
|
859 |
||
| 8 | 860 |
\begin{center}
|
861 |
\includegraphics[scale=1.8]{pics/barrier.jpg}
|
|
862 |
\end{center}
|
|
863 |
||
864 |
\begin{itemize}
|
|
865 |
\item data integrity needs to be ensured |
|
866 |
\end{itemize}
|
|
| 7 | 867 |
|
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
868 |
\end{frame}
|
| 8 | 869 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 7 | 870 |
|
871 |
||
872 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
873 |
\begin{frame}[c]
|
|
| 8 | 874 |
\mbox{}\\[-7mm]
|
| 7 | 875 |
|
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
876 |
\footnotesize |
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
877 |
\lstinputlisting[language=JavaScript]{../progs/ap3.js}
|
| 7 | 878 |
|
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
879 |
\end{frame}
|
| 6 | 880 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
881 |
||
| 9 | 882 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 7 | 883 |
\begin{frame}[c]
|
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
884 |
\frametitle{SHA-1}
|
| 7 | 885 |
|
886 |
\begin{itemize}
|
|
| 8 | 887 |
\item SHA-1 is a cryptographic hash function\\ |
888 |
(MD5, SHA-256, SHA-512, \ldots) |
|
889 |
\item message $\rightarrow$ digest |
|
|
102
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
890 |
\item attacks exist: $2^{80} \rightarrow 2^{61}$ \bigskip\pause
|
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
891 |
\item but dictionary attacks are much more effective for extracting passwords (later) |
| 7 | 892 |
\end{itemize}
|
893 |
||
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
894 |
\end{frame}
|
| 9 | 895 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
896 |
||
| 7 | 897 |
|
898 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
899 |
\begin{frame}[c]
|
|
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
900 |
\mbox{}\\[-2mm]
|
| 7 | 901 |
|
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
902 |
{\footnotesize\lstinputlisting[language=JavaScript]{../progs/ap4.js}}
|
| 7 | 903 |
|
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
904 |
\begin{textblock}{1}(9,0)
|
| 8 | 905 |
\begin{tikzpicture}[scale=1.3]
|
906 |
\draw[white] (0,0) node (X) {};
|
|
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
907 |
\draw[white] (3.5,0) node (Y) {};
|
| 8 | 908 |
\draw[red, <-, line width = 2mm] (X) -- (Y); |
909 |
\node [inner sep=5pt,label=above:\textcolor{black}{\small should be random}] at ($ (X)!.5!(Y) $) {};
|
|
910 |
\end{tikzpicture}
|
|
911 |
\end{textblock}
|
|
912 |
||
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
913 |
\begin{textblock}{1}(12.6,6.5)
|
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
914 |
\begin{tikzpicture}[scale=1.3]
|
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
915 |
\draw[white] (0,0) node (X) {};
|
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
916 |
\draw[white] (-1,-1) node (Y) {};
|
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
917 |
\draw[red, <-, line width = 2mm] (X) -- (Y); |
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
918 |
\node [inner sep=5pt,label=above:{}] at ($ (X)!.5!(Y) $) {};
|
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
919 |
\end{tikzpicture}
|
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
920 |
\end{textblock}
|
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
921 |
|
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
922 |
\begin{textblock}{1}(9.9,11.5)
|
| 8 | 923 |
\begin{tikzpicture}[scale=1.3]
|
924 |
\draw[white] (0,0) node (X) {};
|
|
925 |
\draw[white] (1,-1) node (Y) {};
|
|
926 |
\draw[red, <-, line width = 2mm] (X) -- (Y); |
|
927 |
\node [inner sep=5pt,label=above:{}] at ($ (X)!.5!(Y) $) {};
|
|
928 |
\end{tikzpicture}
|
|
929 |
\end{textblock}
|
|
930 |
||
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
931 |
\end{frame}
|
| 7 | 932 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
933 |
||
| 6 | 934 |
|
| 9 | 935 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 7 | 936 |
\mode<presentation>{
|
937 |
\begin{frame}[c]
|
|
938 |
\frametitle{\begin{tabular}{c}Unix Passwords\end{tabular}}
|
|
| 6 | 939 |
|
| 8 | 940 |
\begin{itemize}
|
|
99
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
941 |
\item passwords must \alert{\bf not} be stored in clear text
|
| 9 | 942 |
\item instead \texttt{/etc/shadow} contains
|
| 8 | 943 |
\end{itemize}
|
| 9 | 944 |
|
945 |
{\small
|
|
946 |
\texttt{name:\$1\$QIGCa\$/ruJs8AvmrknzKTzM2TYE.:other\_info}
|
|
947 |
} |
|
948 |
||
949 |
\begin{itemize}
|
|
950 |
\item \texttt{\$} is separator
|
|
951 |
\item \texttt{1} is MD5 (actually SHA-512 is used nowadays, \texttt{6})
|
|
952 |
\item \texttt{QIGCa} is salt
|
|
953 |
\item \texttt{ruJs8AvmrknzKTzM2TYE} $\rightarrow$ password + salt
|
|
954 |
\end{itemize}
|
|
955 |
||
956 |
\textcolor{gray}{\small
|
|
957 |
(\texttt{openssl passwd -1 -salt QIGCa pippo})
|
|
958 |
} |
|
| 7 | 959 |
% Unix password |
960 |
% http://ubuntuforums.org/showthread.php?p=5318038 |
|
961 |
||
962 |
\end{frame}}
|
|
| 9 | 963 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 7 | 964 |
|
|
99
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
965 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
966 |
\mode<presentation>{
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
967 |
\begin{frame}[c]
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
968 |
\frametitle{\begin{tabular}{@ {}c@ {}}Plain-Text Passwords\end{tabular}}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
969 |
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
970 |
\pause |
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
971 |
\small\textcolor{gray}{On 25 September 2012, a report on a data breach at IEEE:}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
972 |
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
973 |
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
974 |
\begin{itemize}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
975 |
\item IEEE is a standards organisation (not-for-profit) |
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
976 |
\item many standards in CS are by IEEE\medskip |
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
977 |
\item 100k plain-text passwords were recorded in logs |
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
978 |
\item the logs were openly accessible on their FTP server |
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
979 |
\end{itemize}\bigskip
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
980 |
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
981 |
\begin{flushright}\small
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
982 |
\textcolor{gray}{\url{http://ieeelog.com}}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
983 |
\end{flushright}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
984 |
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
985 |
\only<3->{
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
986 |
\begin{textblock}{11}(3,2)
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
987 |
\begin{tikzpicture}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
988 |
\draw (0,0) node[inner sep=2mm,fill=white, ultra thick, draw=red, rounded corners=2mm] |
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
989 |
{\normalsize\color{darkgray}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
990 |
\begin{minipage}{7.5cm}\raggedright\small
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
991 |
\includegraphics[scale=0.6]{pics/IEEElog.jpg}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
992 |
\end{minipage}};
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
993 |
\end{tikzpicture}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
994 |
\end{textblock}}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
995 |
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
996 |
\end{frame}}
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
997 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
998 |
|
|
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
999 |
|
| 9 | 1000 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 7 | 1001 |
\mode<presentation>{
|
1002 |
\begin{frame}[c]
|
|
|
99
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1003 |
\frametitle{\begin{tabular}{c}Other Password Blunders\end{tabular}}
|
| 6 | 1004 |
|
| 9 | 1005 |
|
1006 |
\begin{itemize}
|
|
1007 |
\item in late 2009, when an SQL injection attack against online games |
|
1008 |
service RockYou.com exposed 32 million \alert{plaintext} passwords
|
|
| 8 | 1009 |
|
| 9 | 1010 |
\item 1.3 million Gawker credentials exposed in December 2010 containing |
1011 |
unsalted(?) \alert{MD5} hashes
|
|
1012 |
||
| 12 | 1013 |
\item June 6th, 2012, 6 million unsalted SHA-1 passwords were leaked from linkedIn |
| 3 | 1014 |
% linkedIn password |
1015 |
% http://erratasec.blogspot.co.uk/2012/06/confirmed-linkedin-6mil-password-dump.html |
|
| 9 | 1016 |
\end{itemize}\medskip
|
| 8 | 1017 |
|
| 9 | 1018 |
\small |
|
99
77125c0496e6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
98
diff
changeset
|
1019 |
(web user maintains 25 separate accounts but uses just 6.5 passwords.) |
| 8 | 1020 |
|
| 7 | 1021 |
\end{frame}}
|
| 9 | 1022 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 7 | 1023 |
|
| 8 | 1024 |
%For instance, SHA512crypt, which is included in Mac OS X and most Unix-based operating systems, passes text through 5,000 iterations, a %hurdle that would have limited Gosney to slightly less than 2,600 guesses per second. The Bcrypt algorithm is even more computationally %expensive, in large part because it subjects text to multiple iterations of the Blowfish cipher that was deliberately modified to increase the %time required to generate a hash. PBKDF2, a function built into Microsoft's .Net software developer framework, offers similar benefits. |
1025 |
||
1026 |
||
| 3 | 1027 |
% rainbow tables |
1028 |
% http://en.wikipedia.org/wiki/Rainbow_table |
|
1029 |
||
| 7 | 1030 |
|
| 3 | 1031 |
|
| 9 | 1032 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 3 | 1033 |
\begin{frame}[c]
|
1034 |
\frametitle{\begin{tabular}{c}Brute Forcing Passwords\end{tabular}}
|
|
1035 |
||
1036 |
\begin{itemize}
|
|
| 5 | 1037 |
\item How fast can hackers crack SHA-1 passwords? \pause |
| 3 | 1038 |
|
| 5 | 1039 |
\item The answer is 2 billion attempts per second\\ |
1040 |
using a Radeon HD 7970 |
|
| 3 | 1041 |
\end{itemize}
|
1042 |
||
1043 |
\begin{center}
|
|
| 5 | 1044 |
\begin{tabular}{@ {\hspace{-12mm}}rl}
|
| 3 | 1045 |
password length & time\smallskip\\\hline |
1046 |
5 letters & 5 secs\\ |
|
1047 |
6 letters & 500 secs\\ |
|
1048 |
7 letters & 13 hours\\ |
|
1049 |
8 letters & 57 days\\ |
|
1050 |
9 letters & 15 years\\ |
|
1051 |
\end{tabular}
|
|
1052 |
\end{center}
|
|
1053 |
||
1054 |
\small |
|
| 5 | 1055 |
5 letters $\approx$ 100$^5$ $=$ 10 billion combinations\\ |
1056 |
(1 letter - upper case, lower case, digits, symbols $\approx$ 100) |
|
1057 |
||
1058 |
\only<2->{
|
|
1059 |
\begin{textblock}{1}(12,5)
|
|
1060 |
\begin{tabular}{c}
|
|
1061 |
\includegraphics[scale=0.3]{pics/radeon.jpg}\\[-6mm]
|
|
1062 |
\footnotesize graphics card\\[-1mm] |
|
1063 |
\footnotesize ca.~\pounds{}300
|
|
1064 |
\end{tabular}
|
|
1065 |
\end{textblock}}
|
|
1066 |
||
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
1067 |
\end{frame}
|
| 9 | 1068 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 3 | 1069 |
|
| 9 | 1070 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 4 | 1071 |
\begin{frame}[c]
|
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
1072 |
\frametitle{Passwords}
|
| 4 | 1073 |
|
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
1074 |
How to recover from a break in?\pause\medskip |
| 9 | 1075 |
|
| 4 | 1076 |
\begin{itemize}
|
| 9 | 1077 |
\item Do not send passwords in plain text. |
1078 |
\item Security questions are tricky to get right. |
|
1079 |
\item QQ (Chinese Skype) authenticates you via contacts. |
|
| 4 | 1080 |
\end{itemize}
|
1081 |
||
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
1082 |
\end{frame}
|
| 9 | 1083 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 4 | 1084 |
|
| 9 | 1085 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 3 | 1086 |
\begin{frame}[c]
|
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
1087 |
\frametitle{This Course}
|
| 3 | 1088 |
|
1089 |
\begin{itemize}
|
|
| 9 | 1090 |
\item break-ins (buffer overflows) |
1091 |
\item access control\\ (role based, data security / data integrity) |
|
|
101
b37223b88ebd
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
100
diff
changeset
|
1092 |
\item electronic voting |
|
b37223b88ebd
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
100
diff
changeset
|
1093 |
\item protocols (specification) |
| 7 | 1094 |
\item access control logic |
1095 |
\item privacy |
|
1096 |
\begin{quote}
|
|
1097 |
Scott McNealy: \\``You have zero privacy anyway. Get over it.'' |
|
1098 |
\end{quote}
|
|
|
101
b37223b88ebd
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
100
diff
changeset
|
1099 |
\item zero-knowledge proofs |
| 3 | 1100 |
\end{itemize}
|
1101 |
||
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
1102 |
\end{frame}
|
| 9 | 1103 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 3 | 1104 |
|
| 9 | 1105 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 3 | 1106 |
\mode<presentation>{
|
1107 |
\begin{frame}[c]
|
|
|
100
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1108 |
\frametitle{\Large\begin{tabular}{c}User-Tracking Without Cookies\end{tabular}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1109 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1110 |
Can you track a user {\bf without}:
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1111 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1112 |
\begin{itemize}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1113 |
\item Cookies |
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
1114 |
\item JavaScript |
|
100
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1115 |
\item LocalStorage/SessionStorage/GlobalStorage |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1116 |
\item Flash, Java or other plugins |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1117 |
\item Your IP address or user agent string |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1118 |
\item Any methods employed by Panopticlick\\ |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1119 |
\mbox{}\hfill $\rightarrow$ \textcolor{blue}{\url{https://panopticlick.eff.org/}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1120 |
\end{itemize}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1121 |
|
|
164
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
1122 |
Even when you disabled cookies entirely, have JavaScript turned off and use a VPN service.\\\pause |
|
08a6e035223e
updated slides
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
162
diff
changeset
|
1123 |
And numerous sites use it. |
|
100
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1124 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1125 |
\end{frame}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1126 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1127 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1128 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1129 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1130 |
\mode<presentation>{
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1131 |
\begin{frame}[c]
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1132 |
\frametitle{\begin{tabular}{c}Web-Protocol\end{tabular}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1133 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1134 |
\only<1->{
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1135 |
\begin{textblock}{1}(2,2)
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1136 |
\begin{tikzpicture}[scale=1.3]
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1137 |
\draw[white] (0,0) node (X) {\includegraphics[scale=0.12]{pics/firefox.jpg}};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1138 |
\end{tikzpicture}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1139 |
\end{textblock}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1140 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1141 |
\only<1->{
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1142 |
\begin{textblock}{1}(11,2)
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1143 |
\begin{tikzpicture}[scale=1.3]
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1144 |
\draw[white] (0,0) node (X) {\includegraphics[scale=0.15]{pics/servers.png}};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1145 |
\end{tikzpicture}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1146 |
\end{textblock}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1147 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1148 |
\only<1->{
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1149 |
\begin{textblock}{1}(5,2.5)
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1150 |
\begin{tikzpicture}[scale=1.3]
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1151 |
\draw[white] (0,0) node (X) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1152 |
\draw[white] (3,0) node (Y) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1153 |
\draw[red, ->, line width = 2mm] (X) -- (Y); |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1154 |
\node [inner sep=5pt,label=above:\textcolor{black}{\small GET static.jpg}] at ($ (X)!.5!(Y) $) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1155 |
\end{tikzpicture}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1156 |
\end{textblock}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1157 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1158 |
\only<2->{
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1159 |
\begin{textblock}{1}(5,6)
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1160 |
\begin{tikzpicture}[scale=1.3]
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1161 |
\draw[white] (0,0) node (X) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1162 |
\draw[white] (3,0) node (Y) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1163 |
\draw[red, <-, line width = 2mm] (X) -- (Y); |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1164 |
\node [inner sep=5pt,label=below:\textcolor{black}{\small ETag: 7b33de1}] at ($ (X)!.5!(Y) $) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1165 |
\node [inner sep=5pt,label=above:{\includegraphics[scale=0.15]{pics/tvtestscreen.jpg}}] at ($ (X)!.5!(Y) $) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1166 |
\end{tikzpicture}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1167 |
\end{textblock}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1168 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1169 |
\only<3->{
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1170 |
\begin{textblock}{1}(4.2,11)
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1171 |
\begin{tikzpicture}[scale=1.3]
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1172 |
\draw[white] (0,0) node (X) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1173 |
\draw[white] (3,0) node (Y) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1174 |
\draw[red, ->, line width = 2mm] (X) -- (Y); |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1175 |
\node [inner sep=5pt,label=above:\textcolor{black}{\small GET static.jpg ETag: 7b33de1}] at ($ (X)!.5!(Y) $) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1176 |
\end{tikzpicture}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1177 |
\end{textblock}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1178 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1179 |
\only<4->{
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1180 |
\begin{textblock}{1}(4.2,13.9)
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1181 |
\begin{tikzpicture}[scale=1.3]
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1182 |
\draw[white] (0,0) node (X) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1183 |
\draw[white] (3,0) node (Y) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1184 |
\draw[red, <-, line width = 2mm] (X) -- (Y); |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1185 |
\node [inner sep=5pt,label=below:\textcolor{black}{\small HTTP/1.1 304 (Not Modified)}] at ($ (X)!.5!(Y) $) {};
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1186 |
\end{tikzpicture}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1187 |
\end{textblock}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1188 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1189 |
\end{frame}}
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1190 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1191 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1192 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1193 |
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1194 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1195 |
\mode<presentation>{
|
|
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1196 |
\begin{frame}[c]
|
| 9 | 1197 |
\frametitle{\begin{tabular}{c}Books + Homework\end{tabular}}
|
| 8 | 1198 |
|
| 9 | 1199 |
\begin{itemize}
|
|
100
62b66cb088f6
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
99
diff
changeset
|
1200 |
\item There is no single book I am following |
| 9 | 1201 |
\begin{center}
|
1202 |
\includegraphics[scale=0.012]{pics/andersonbook1.jpg}
|
|
1203 |
\includegraphics[scale=0.23]{pics/accesscontrolbook.jpg}
|
|
1204 |
\end{center}\medskip\pause
|
|
1205 |
||
1206 |
\item The question ``Is this relevant for the exams'' is not appreciated!\medskip\\ |
|
1207 |
||
1208 |
Whatever is in the homework sheets (and is not marked optional) is relevant for the |
|
| 10 | 1209 |
exam. No code needs to be written. |
| 9 | 1210 |
\end{itemize}
|
| 8 | 1211 |
|
1212 |
\end{frame}}
|
|
1213 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1214 |
||
| 2 | 1215 |
|
|
102
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1216 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1217 |
\mode<presentation>{
|
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1218 |
\begin{frame}[c]
|
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1219 |
\frametitle{\begin{tabular}{c}Take-Home Points\end{tabular}}
|
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1220 |
|
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1221 |
\begin{itemize}
|
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1222 |
\item Never store passwords in plain text.\medskip |
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1223 |
\item Always salt your hashes!\medskip |
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1224 |
\item Use an existing crypto algorithm; do not write your own!\medskip |
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1225 |
\item Make the party responsible for losses, who is in the position to improve things. |
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1226 |
\end{itemize}
|
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1227 |
|
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1228 |
\end{frame}}
|
|
8f2c3329c9b8
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
101
diff
changeset
|
1229 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
| 0 | 1230 |
|
1231 |
||
1232 |
\end{document}
|
|
1233 |
||
1234 |
%%% Local Variables: |
|
|
94
caf08b02fa32
added pictures
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
93
diff
changeset
|
1235 |
%%% mode: xelatex |
| 0 | 1236 |
%%% TeX-master: t |
1237 |
%%% End: |
|
1238 |