diff -r 3822d91a4639 -r c4008b31df8e slides/slides03.tex --- a/slides/slides03.tex Tue Oct 08 13:01:59 2013 +0100 +++ b/slides/slides03.tex Wed Oct 09 15:51:03 2013 +0100 @@ -417,6 +417,18 @@ \end{frame}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[c] + +\begin{center} +\includegraphics[scale=0.45]{pics/trainwreck.jpg}\\ +one general defence mechanism is\\\alert{\bf defence in depth} +\end{center} + + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% @@ -526,17 +538,17 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -\mode{ -\begin{frame}[c] - -\small -A programmer might be careful, but still introduce vulnerabilities:\bigskip - -{\lstset{language=Java}\fontsize{8}{10}\selectfont% -\texttt{\lstinputlisting{../progs/C2a.c}}} - - -\end{frame}} +%\mode{ +%\begin{frame}[c] +% +%\small +%A programmer might be careful, but still introduce vulnerabilities:\bigskip +% +%{\lstset{language=Java}\footnotesize +%\texttt{\lstinputlisting{../progs/C2a.c}}} +% +% +%\end{frame}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% @@ -582,7 +594,7 @@ \small \texttt{string} is nowhere used:\bigskip -{\lstset{language=Java}\fontsize{8}{10}\selectfont% +{\lstset{language=Java}\footnotesize \texttt{\lstinputlisting{../progs/C4.c}}}\bigskip this vulnerability can be used to read out the stack @@ -593,10 +605,11 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode{ \begin{frame}[c] -\frametitle{\begin{tabular}{c}Protections against\\ BO Attacks\end{tabular}} +\frametitle{\begin{tabular}{c}Protections against\\ Buffer Overflow Attacks\end{tabular}} \begin{itemize} \item use safe library functions +\item stack caneries \item ensure stack data is not executable (can be defeated) \item address space randomisation (makes one-size-fits-all more difficult) \item choice of programming language (one of the selling points of Java)