# HG changeset patch # User Christian Urban # Date 1348536356 -3600 # Node ID bd2b16f826019b7b410fd564d34c4884d4369dd7 # Parent 4c40d4b2d01cf5f92c75c5c01f561c69e8ffb34b new slides diff -r 4c40d4b2d01c -r bd2b16f82601 app2.scala --- a/app2.scala Tue Sep 25 01:32:01 2012 +0100 +++ b/app2.scala Tue Sep 25 02:25:56 2012 +0100 @@ -1,7 +1,7 @@ object Application extends Controller { - def gt_cookie(c: Option[Cookie]) : Int = c match { - case Some(s) if (s.value.forall(_.isDigit)) => s.value.toInt + def gt_cookie(c: Option[Cookie]) : Int = c.map(_.value) match { + case Some(s) if (s.forall(_.isDigit)) => s.toInt case _ => 0 } diff -r 4c40d4b2d01c -r bd2b16f82601 slides01.pdf Binary file slides01.pdf has changed diff -r 4c40d4b2d01c -r bd2b16f82601 slides01.tex --- a/slides01.tex Tue Sep 25 01:32:01 2012 +0100 +++ b/slides01.tex Tue Sep 25 02:25:56 2012 +0100 @@ -528,21 +528,89 @@ {\lstset{language=Scala}\fontsize{8}{10}\selectfont \texttt{\lstinputlisting{app2.scala}}} +\footnotesize +\begin{itemize} +\item cookie value encoded as hash +\end{itemize} +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[c] + + \begin{center} + \includegraphics[scale=1.8]{pics/barrier.jpg} + \end{center} + +\end{frame}} + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[c] +\mbox{}\\[-9mm] + +{\lstset{language=Scala}\fontsize{8}{10}\selectfont +\texttt{\lstinputlisting{app3.scala}}} + \end{frame}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[c] +\frametitle{\begin{tabular}{c}SHA-1\end{tabular}} + +\begin{itemize} +\item SHA-1 is a cryptographic hash function +\item no known attack exists, except brute force\bigskip\pause +\item but dictionary attacks can be very effective for extracting passwords +\end{itemize} + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[c] +\mbox{}\\[-9mm] + +{\lstset{language=Scala}\fontsize{8}{10}\selectfont +\texttt{\lstinputlisting{app4.scala}}} + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[c] +\frametitle{\begin{tabular}{c}Unix Passwords\end{tabular}} +% Unix password +% http://ubuntuforums.org/showthread.php?p=5318038 + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[c] +\frametitle{\begin{tabular}{c}Password Blunders\end{tabular}} % linkedIn password % http://erratasec.blogspot.co.uk/2012/06/confirmed-linkedin-6mil-password-dump.html +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + % rainbow tables % http://en.wikipedia.org/wiki/Rainbow_table -% Unix password -% http://ubuntuforums.org/showthread.php?p=5318038 + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode{ @@ -588,30 +656,34 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode{ \begin{frame}[c] -\frametitle{\begin{tabular}{c}Privacy\end{tabular}} - +\frametitle{\begin{tabular}{c}Passwords\end{tabular}} \begin{itemize} -\item Scott McNealy: \\``You have zero privacy anyway. Get over it.'' +\item How do recover from a breakin? \end{itemize} \end{frame}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% - %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode{ \begin{frame}[c] -\frametitle{\begin{tabular}{c}Passwords\end{tabular}} +\frametitle{\begin{tabular}{c}This Course\end{tabular}} \begin{itemize} -\item How do recover from a break in? +\item breakins (buffer overflows) +\item access control (role based, data security / data integrity) +\item protocols +\item access control logic +\item privacy +\begin{quote} +Scott McNealy: \\``You have zero privacy anyway. Get over it.'' +\end{quote} \end{itemize} \end{frame}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% - %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode{ \begin{frame}[c]