slides/slides01.tex
changeset 102 8f2c3329c9b8
parent 101 b37223b88ebd
child 104 729b86eae005
--- a/slides/slides01.tex	Mon Sep 23 23:58:21 2013 +0100
+++ b/slides/slides01.tex	Tue Sep 24 11:56:00 2013 +0100
@@ -213,7 +213,7 @@
 \includegraphics[scale=0.6]{pics/cryptographic-small.png}
 \end{center}
 
-The NSA can probably not brute force magically better than the ``public''.
+The NSA can probably not brute-force magically better than the ``public''.
 \end{frame}}
  %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%     
 
@@ -229,7 +229,7 @@
 \draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm] 
 {\normalsize\color{darkgray}
 \begin{minipage}{10cm}\raggedright\small
-``Security engineers --- at least the good ones --- see the world dif$\!$ferently. 
+``Security engineers --- at least the good ones --- see the world differently. 
 They can't walk into a store without noticing how they might shoplift. They can't 
 use a computer without wondering about the security vulnerabilities. They can't 
 vote without trying to figure out how to vote twice. They just can't help it.''\\
@@ -264,14 +264,14 @@
 
 \noindent
 \begin{tabular}{@ {}l}
-Write the first 100 digits of pi:\\
+Write the first 100 digits of $\pi$:\\
 3.\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_\,\_
 \end{tabular}
 \end{minipage}};
 \end{tikzpicture}
 \end{center}
 
-How do you ``break'' this and how to defend against it?
+How can you cheat in this exam and how can you defend against such cheating?
 
 \end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
@@ -575,8 +575,8 @@
 \draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm] 
 {\normalsize\color{darkgray}
 \begin{minipage}{11cm}\raggedright\footnotesize
-``The Annonymous Hacker from earlier:\medskip\\
-Try to use `Verified-By-Visa' and `Mastercard-Securecode' as rarely as possible. If only your CVV2 code is getting sniffed, you are not liable for any damage, because the code is physically printed and could have been stolen while you payed with your card at a store. Same applies if someone cloned your CC reading the magnetic stripe or sniffing RFID. Only losing your VBV or MCSC password can cause serious trouble.''\\
+The Annonymous Hacker from earlier:\medskip\\
+``Try to use `Verified-By-Visa' and `Mastercard-Securecode' as rarely as possible. If only your CVV2 code is getting sniffed, you are not liable for any damage, because the code is physically printed and could have been stolen while you payed with your card at a store. Same applies if someone cloned your CC reading the magnetic stripe or sniffing RFID. Only losing your VBV or MCSC password can cause serious trouble.''\\
 \hfill{}\textcolor{blue}{\url{goo.gl/UWluh0}}
 \end{minipage}};
 \end{tikzpicture}
@@ -975,8 +975,8 @@
 \item SHA-1 is a cryptographic hash function\\
 (MD5, SHA-256, SHA-512, \ldots) 
 \item message $\rightarrow$ digest
-\item attack exists $2^{80} \rightarrow 2^{61}$ \bigskip\pause
-\item but dictionary attacks are very ef$\!$fective for extracting passwords (later)
+\item attacks exist: $2^{80} \rightarrow 2^{61}$ \bigskip\pause
+\item but dictionary attacks are much more effective for extracting passwords (later)
 \end{itemize}  
   
 \end{frame}}
@@ -1298,39 +1298,10 @@
 \end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{\begin{tabular}{c}Take-Home Points\end{tabular}}
-
-\begin{itemize}
-\item Never store passwords in plain text.\medskip
-\item Always salt your hashes!\medskip
-\item Use an existing algorithm; do not write your own!
-\end{itemize}
-
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \mode<presentation>{
 \begin{frame}[c]
-\frametitle{\begin{tabular}{c}The Security Mindset\end{tabular}}
-
-\begin{itemize}
-\item How things can go wrong?
-\item Think outside the box.
-\end{itemize}\bigskip
-
-The difference between being criminal is to only \alert{\bf think} about how things can go 
-wrong, or be very careful with attacks.
-  
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-\frametitle{Satan's Computer}
+\frametitle{This Course is about  Satan's Computer}
 
 Ross Anderson and Roger Needham wrote:\bigskip
 
@@ -1362,6 +1333,20 @@
 \end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{\begin{tabular}{c}Take-Home Points\end{tabular}}
+
+\begin{itemize}
+\item Never store passwords in plain text.\medskip
+\item Always salt your hashes!\medskip
+\item Use an existing crypto algorithm; do not write your own!\medskip
+\item Make the party responsible for losses, who is in the position to improve things.
+\end{itemize}
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
 
 \end{document}