32 \end{tabular} |
32 \end{tabular} |
33 \end{quote} |
33 \end{quote} |
34 |
34 |
35 \noindent |
35 \noindent |
36 Think of ways how you can cheat in this exam? How would you defend |
36 Think of ways how you can cheat in this exam? How would you defend |
37 against such cheats. |
37 against such cheats? |
38 |
38 |
39 \item Here is another puzzle where you can practice thinking |
39 \item Here is another puzzle where you can practice thinking |
40 like an attacker: Consider modern car keys. They |
40 like an attacker: Consider modern car keys. They |
41 wirelessly open and close the central locking system of |
41 wirelessly open and close the central locking system of |
42 the car. Whenever you lock the car, the car ``responds'' |
42 the car. Whenever you lock the car, the car ``responds'' |
51 \item And another one: A water company installed devices that |
51 \item And another one: A water company installed devices that |
52 transmit meter readings when their company car drives |
52 transmit meter readings when their company car drives |
53 by. How can this transmitted data be abused, if not |
53 by. How can this transmitted data be abused, if not |
54 properly encrypted? If you identified an abuse, then how |
54 properly encrypted? If you identified an abuse, then how |
55 would you encrypt the data so that such an abuse is |
55 would you encrypt the data so that such an abuse is |
56 prevented. Hint: Consider the fact that every person |
56 prevented? Hint: Consider the fact that every person |
57 uses approximately 120l of water every day. |
57 uses approximately 120l of water every day. |
58 |
|
59 %\item And another one: Nowadays everybody and their |
|
60 % grandmother seems to be scared about a bomb going off at |
|
61 % a big event, say a football game. To mitigate such a |
|
62 % threat, you order expensive metal detectors and hire a |
|
63 % security team that will staff these detectors at each |
|
64 % game. Think whether people are really safer at a |
|
65 % football game with metal detectors or not. Hint: People |
|
66 % certainly might *\emph{feel}* safer by going through |
|
67 % metal detectors, but the question is whether they |
|
68 % *\emph{are}* safer. Hint: Consider how people arrive at |
|
69 % such an event: within a relative short amount of time, |
|
70 % thousands, if not more, spectators will arrive at your |
|
71 % football game. |
|
72 |
|
73 %% CYA security - cover-your-ass |
|
74 % It's an attitude I've seen before: "Something must |
|
75 % be done. This is something. Therefore, we must do it." |
|
76 % Never mind if the something makes any sense or not. |
|
77 |
|
78 |
|
79 |
|
80 |
|
81 %\item Imagine there was recently a break in where computer criminals |
|
82 % stole a large password database containing |
|
83 |
58 |
84 \item Explain what hashes and salts are. Describe how they can be used |
59 \item Explain what hashes and salts are. Describe how they can be used |
85 for ensuring data integrity and storing password information. |
60 for ensuring data integrity and storing password information. |
86 |
61 |
87 \item What is the difference between a brute force attack and a |
62 \item What is the difference between a brute force attack and a |