7 \section*{Homework 1}

     7 \section*{Homework 2}

    10 \item {\bf (Optional)} If you want to have a look at the code presented in the lectures, install Scala available (for free) from

    10 \item Assume format string attacks allow you to read out the stack. What can you do

    11 \begin{center}

    11 	with this information? (Hint: Consider what is stored in the stack.)

    12 \url{http://www.scala-lang.org}

    13 \end{center}

    15 \noindent

    13 \item Assume you can crash a program remotely. Why is this a problem?

    16 The web-applications from the first lecture are written in Scala using the Play Framework available (also for free) from

    17 \begin{center}

    18 \url{http://www.playframework.org}

    19 \end{center}

    21 \item Practice thinking like an attacker. Assume the following situation:

    15 \item How can the choice of a programming language help with buffer overflow attacks?

    22 \begin{quote}\it

    16 (Hint: Why are C-programs prone to such attacks, but not Java programs.)

    23 Prof.~V.~Nasty gives the following final exam question (closed books, closed notes):\bigskip

    25 \noindent

    18 \item (Optional) How can a system that separates between \emph{users} and \emph{root} be of any help with buffer overflow attacks?

    26 \begin{tabular}{@ {}l}

    27 Write the first 100 digits of pi:\\

    28 3.\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_

    29 \end{tabular}

    30 \end{quote}

    31 

    32 \noindent

    33 Think of ways how you can cheat in this exam?

    34 

    35 \item Explain what hashes and salts are. Describe how they can be used for ensuring data integrity and

    36 storing password information.

    37 

    38 \item What are good uses of cookies (that is browser cookies)?

    39