Mercurial Mercurial > hg > sen-material / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
slides/slides02.tex
changeset 465 76f9457b8f51
parent 415 56bc53ba7c5b
child 466 ddf7315450c9 
--- a/slides/slides02.tex	Fri Sep 30 19:55:35 2016 +0100
+++ b/slides/slides02.tex	Tue Oct 04 13:44:05 2016 +0100
@@ -116,125 +116,15 @@
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[t]
-\frametitle{How to Salt?}
-
-\begin{center}\tt\small
-\begin{tabular}{lcl}
-1salt & $\Rightarrow$ & 8189effef4d4f7411f4153b13ff72546dd682c69\\
-2salt & $\Rightarrow$ & 1528375d5ceb7d71597053e6877cc570067a738f\\
-3salt & $\Rightarrow$ & d646e213d4f87e3971d9dd6d9f435840eb6a1c06\\
-4salt & $\Rightarrow$ & 5b9e85269e4461de0238a6bf463ed3f25778cbba\\
-\end{tabular}
-\end{center}
+\begin{frame}[c]
+\frametitle{Exam and Homework}
 
 \begin{itemize}
-\item in Unix systems: \texttt{hash(salt + password)}, or even
-\texttt{hash$^{\texttt{1500}}$(salt + password)}\smallskip\pause
-\item Bruce Schneier in cases messages are long: \\
-instead of \texttt{m $\mapsto$ hash(m)},\\ use \texttt{m $\mapsto$ hash(hash(m) + m)}
+\item reminder\ldots KEATS
 \end{itemize}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  
-
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{\Large\begin{tabular}{c}User-Tracking Without Cookies\end{tabular}}
-
-Can you track a user {\bf without}:
-
-\begin{itemize}
-\item Cookies
-\item JavaScript
-\item LocalStorage/SessionStorage/GlobalStorage
-\item Flash, Java or other plugins
-\item Your IP address or user agent string
-\item Any methods employed by Panopticlick\\
-\mbox{}\hfill $\rightarrow$ \textcolor{blue}{\url{https://panopticlick.eff.org/}}
-\end{itemize}
-
-Even when you disabled cookies entirely, have JavaScript turned off and use a VPN 
-service, and also \ldots
 
 \end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}
-\frametitle{Verizon}
-\mbox{}\\[-23mm]\mbox{} 
-
-\begin{center}
-\includegraphics[scale=0.21]{../pics/verizon.png}
-\end{center}
-\vfill\footnotesize
-\url{http://webpolicy.org/2014/10/24/how-verizons-advertising-header-works}
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 
-
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[c]
-\frametitle{Web-Protocol}
-
-\only<1->{
-\begin{textblock}{1}(2,2)
-  \begin{tikzpicture}[scale=1.3]
-  \draw[white] (0,0) node (X) {\includegraphics[scale=0.12]{../pics/firefox.jpg}};
-  \end{tikzpicture}
-\end{textblock}}
-
-\only<1->{
-\begin{textblock}{1}(11,2)
-  \begin{tikzpicture}[scale=1.3]
-  \draw[white] (0,0) node (X) {\includegraphics[scale=0.15]{../pics/servers.png}};
-  \end{tikzpicture}
-\end{textblock}}
-
-\only<1->{
-\begin{textblock}{1}(5,2.5)
-  \begin{tikzpicture}[scale=1.3]
-  \draw[white] (0,0) node (X) {};
-  \draw[white] (3,0) node (Y) {};
-  \draw[red, ->, line width = 2mm] (X) -- (Y);
-  \node [inner sep=5pt,label=above:\textcolor{black}{\small GET static.jpg}] at ($ (X)!.5!(Y) $) {};
-  \end{tikzpicture}
-\end{textblock}}
-
-\only<2->{
-\begin{textblock}{1}(5,6)
-  \begin{tikzpicture}[scale=1.3]
-  \draw[white] (0,0) node (X) {};
-  \draw[white] (3,0) node (Y) {};
-  \draw[red, <-, line width = 2mm] (X) -- (Y);
-  \node [inner sep=5pt,label=below:\textcolor{black}{\small ETag: 7b33de1}] at ($ (X)!.5!(Y) $) {};
-   \node [inner sep=5pt,label=above:{\includegraphics[scale=0.15]{../pics/tvtestscreen.jpg}}] at ($ (X)!.5!(Y) $) {};
-  \end{tikzpicture}
-\end{textblock}}
-
-\only<3->{
-\begin{textblock}{1}(4.2,11)
-  \begin{tikzpicture}[scale=1.3]
-  \draw[white] (0,0) node (X) {};
-  \draw[white] (3,0) node (Y) {};
-  \draw[red, ->, line width = 2mm] (X) -- (Y);
-  \node [inner sep=5pt,label=above:\textcolor{black}{\small GET static.jpg ETag: 7b33de1}] at ($ (X)!.5!(Y) $) {};
-  \end{tikzpicture}
-\end{textblock}}
-
-\only<4->{
-\begin{textblock}{1}(4.2,13.9)
-  \begin{tikzpicture}[scale=1.3]
-  \draw[white] (0,0) node (X) {};
-  \draw[white] (3,0) node (Y) {};
-  \draw[red, <-, line width = 2mm] (X) -- (Y);
-  \node [inner sep=5pt,label=below:\textcolor{black}{\small HTTP/1.1 304 (Not Modified)}] at ($ (X)!.5!(Y) $) {};
-  \end{tikzpicture}
-\end{textblock}}
-
-\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
@@ -253,9 +143,11 @@
 \begin{frame}[c]
 \frametitle{E-Voting}
 
-\begin{bubble}[9cm]
+\begin{bubble}[10cm]
 ``Any electronic voting system should provide at least the same
-security, privacy and transparency as the system it replaces.''
+  security, privacy and transparency as the system it replaces.''\medskip\\
+  
+  \small\hfill ---Australian Voting Commission
 \end{bubble}
 
 \end{frame}
@@ -421,9 +313,9 @@
 \mbox{}\\[-12mm]
 \begin{itemize}
 \item US used mechanical machines since the 30s, later punch cards,
-  now DREs and optical scan voting machines
+  until recently DREs and optical scan voting machines
 
-\item Estonia used in 2007 the Internet for national elections
+\item Estonia used in 2007, 2011 and 2015 the Internet for national elections
   \textcolor{gray}{(there were earlier pilot studies in other
     countries)}
 
@@ -444,7 +336,7 @@
 \frametitle{E-Voting in Estonia}
 
 \begin{itemize}
-\item worlds first general election that used internet voting (2007)
+\item worlds first general election that used internet voting (2007, 2011, 2015)
 \item builds on the Estonian ID card (a smartcard like CC)
 \item Internet voting can be used before the election (votes can be changed an
 unlimited amount of times, last vote is tabulated, you can even change your
@@ -677,7 +569,7 @@
 
 \begin{itemize}
 \item acquired a machine from an anonymous source\medskip
-\item they try to keep secret the source code running the machine\medskip\pause
+\item they try to keep secret the source code running on the machine\medskip\pause
 
 \item first reversed-engineered the machine (extremely tedious)
 \item could completely reboot the machine and even install a virus that infects other Diebold machines
@@ -753,7 +645,7 @@
 \item keep a paper trail and design your system to keep this secure\medskip
 \item make the software open source (avoid security-by-obscurity)\medskip
 \item have a simple design in order to minimise the attack surface
-\end{itemize}\pause
+\end{itemize}\pause\bigskip
 
 But overall, in times of NSA/state sponsored cyber-crime, e-voting is
 too hard with current technology.
@@ -876,7 +768,7 @@
 \begin{column}<2>{.4\textwidth}
 \centering
 \includegraphics[scale=0.32]{../pics/trainwreck.jpg}\\
-next week
+next
 \end{column}
 \end{columns}
 \end{center}
@@ -884,6 +776,129 @@
 \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[t]
+\frametitle{How to Salt?}
+
+\begin{center}\tt\small
+\begin{tabular}{lcl}
+1salt & $\Rightarrow$ & 8189effef4d4f7411f4153b13ff72546dd682c69\\
+2salt & $\Rightarrow$ & 1528375d5ceb7d71597053e6877cc570067a738f\\
+3salt & $\Rightarrow$ & d646e213d4f87e3971d9dd6d9f435840eb6a1c06\\
+4salt & $\Rightarrow$ & 5b9e85269e4461de0238a6bf463ed3f25778cbba\\
+\end{tabular}
+\end{center}
+
+\begin{itemize}
+\item in Unix systems: \texttt{hash(salt + password)}, or even
+\texttt{hash$^{\texttt{1500}}$(salt + password)}\smallskip\pause
+\item Bruce Schneier in cases messages are long: \\
+instead of \texttt{m $\mapsto$ hash(m)},\\ use \texttt{m $\mapsto$ hash(hash(m) + m)}
+\end{itemize}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  
+
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{\Large\begin{tabular}{c}User-Tracking Without Cookies\end{tabular}}
+
+Can you track a user {\bf without}:
+
+\begin{itemize}
+\item Cookies
+\item JavaScript
+\item LocalStorage/SessionStorage/GlobalStorage
+\item Flash, Java or other plugins
+\item Your IP address or user agent string
+\item Any methods employed by Panopticlick\\
+\mbox{}\hfill $\rightarrow$ \textcolor{blue}{\url{https://panopticlick.eff.org/}}
+\end{itemize}
+
+Even when you disabled cookies entirely, have JavaScript turned off and use a VPN 
+service, and also \ldots
+
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}
+\frametitle{Verizon}
+\mbox{}\\[-23mm]\mbox{} 
+
+\begin{center}
+\includegraphics[scale=0.21]{../pics/verizon.png}
+\end{center}
+\vfill\footnotesize
+\url{http://webpolicy.org/2014/10/24/how-verizons-advertising-header-works}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 
+
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{Web-Protocol}
+
+\only<1->{
+\begin{textblock}{1}(2,2)
+  \begin{tikzpicture}[scale=1.3]
+  \draw[white] (0,0) node (X) {\includegraphics[scale=0.12]{../pics/firefox.jpg}};
+  \end{tikzpicture}
+\end{textblock}}
+
+\only<1->{
+\begin{textblock}{1}(11,2)
+  \begin{tikzpicture}[scale=1.3]
+  \draw[white] (0,0) node (X) {\includegraphics[scale=0.15]{../pics/servers.png}};
+  \end{tikzpicture}
+\end{textblock}}
+
+\only<1->{
+\begin{textblock}{1}(5,2.5)
+  \begin{tikzpicture}[scale=1.3]
+  \draw[white] (0,0) node (X) {};
+  \draw[white] (3,0) node (Y) {};
+  \draw[red, ->, line width = 2mm] (X) -- (Y);
+  \node [inner sep=5pt,label=above:\textcolor{black}{\small GET static.jpg}] at ($ (X)!.5!(Y) $) {};
+  \end{tikzpicture}
+\end{textblock}}
+
+\only<2->{
+\begin{textblock}{1}(5,6)
+  \begin{tikzpicture}[scale=1.3]
+  \draw[white] (0,0) node (X) {};
+  \draw[white] (3,0) node (Y) {};
+  \draw[red, <-, line width = 2mm] (X) -- (Y);
+  \node [inner sep=5pt,label=below:\textcolor{black}{\small ETag: 7b33de1}] at ($ (X)!.5!(Y) $) {};
+   \node [inner sep=5pt,label=above:{\includegraphics[scale=0.15]{../pics/tvtestscreen.jpg}}] at ($ (X)!.5!(Y) $) {};
+  \end{tikzpicture}
+\end{textblock}}
+
+\only<3->{
+\begin{textblock}{1}(4.2,11)
+  \begin{tikzpicture}[scale=1.3]
+  \draw[white] (0,0) node (X) {};
+  \draw[white] (3,0) node (Y) {};
+  \draw[red, ->, line width = 2mm] (X) -- (Y);
+  \node [inner sep=5pt,label=above:\textcolor{black}{\small GET static.jpg ETag: 7b33de1}] at ($ (X)!.5!(Y) $) {};
+  \end{tikzpicture}
+\end{textblock}}
+
+\only<4->{
+\begin{textblock}{1}(4.2,13.9)
+  \begin{tikzpicture}[scale=1.3]
+  \draw[white] (0,0) node (X) {};
+  \draw[white] (3,0) node (Y) {};
+  \draw[red, <-, line width = 2mm] (X) -- (Y);
+  \node [inner sep=5pt,label=below:\textcolor{black}{\small HTTP/1.1 304 (Not Modified)}] at ($ (X)!.5!(Y) $) {};
+  \end{tikzpicture}
+\end{textblock}}
+
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+
 \end{document}
 
 %%% Local Variables:
sen-material