diff -r 76f9457b8f51 -r ddf7315450c9 hws/hw03.tex
--- a/hws/hw03.tex	Tue Oct 04 13:44:05 2016 +0100
+++ b/hws/hw03.tex	Tue Oct 04 17:10:01 2016 +0100
@@ -16,14 +16,17 @@
 \item Why is it crucial for a buffer overflow attack that the stack
   grows from higher addresses to lower ones?
 
-\item If the attacker uses a buffer overflow attack in order to
-inject code, why can this code not contain any zero bytes?
+\item What does it mean for the stack to be executable and why is this
+  important for a buffer overflow attack?
+  
+\item If the attacker uses a buffer overflow attack in order to inject
+  code, why can this code not contain any zero bytes?
 
 \item How does a stack canary help with preventing a buffer-overflow
   attack?
 
-\item Why does randomising the addresses from where programs 
-  are run help defending against buffer overflow attacks?
+\item Why does randomising the addresses from where programs are run
+  help defending against buffer overflow attacks?
 
 \item What is a format string attack?
   
@@ -37,9 +40,9 @@
   overflow attacks?  (Hint: Why are C-programs prone to such attacks,
   but not Java programs.)
   
-\item When filling the buffer that is attacked with a
-payload (starting a shell), what is the purpose of 
-padding the string at the beginning with NOP-instructions.
+\item When filling the buffer that is attacked with a payload
+  (starting a shell), what is the purpose of padding the string at the
+  beginning with NOP-instructions.
 
 \item \POSTSCRIPT
 \end{enumerate}