diff -r 47e06cb75837 -r 0b9a16ddd625 handouts/ho03.tex
--- a/handouts/ho03.tex	Thu Nov 06 12:32:05 2014 +0000
+++ b/handouts/ho03.tex	Thu Nov 06 17:41:55 2014 +0000
@@ -487,13 +487,15 @@
 amount of time. If we now use an address that lets us jump to
 any address in the grey area we are done. The target machine
 will execute these \pcode{NOP} operations until it reaches the
-shellcode. A moment of thought should convince you that this
-trick can hugely improve our odds of finding the right
-address---depending on the size of the buffer, it might only
-take a few tries to get the shellcode to run. And then we are
-in. The code for such an attack is shown in Figure~\ref{C3}.
-It is directly taken from the original paper about ``Smashing
-the Stack for Fun and Profit'' (see pointer given at the end).
+shellcode. That is why this NOP-part is often called
+\emph{NOP-sledge}. A moment of thought should convince you
+that this trick can hugely improve our odds of finding the
+right address---depending on the size of the buffer, it might
+only take a few tries to get the shellcode to run. And then we
+are in. The code for such an attack is shown in
+Figure~\ref{C3}. It is directly taken from the original paper
+about ``Smashing the Stack for Fun and Profit'' (see pointer
+given at the end).
 
 \begin{figure}[p]
 \lstinputlisting[language=C]{../progs/C3.c}