# HG changeset patch # User Christian Urban # Date 1475617380 -3600 # Node ID da4896f201b56897301d1d640e87a9a319a619a3 # Parent ddf7315450c9432b283f3c5d78231c26aa579f21 updated diff -r ddf7315450c9 -r da4896f201b5 data.sty --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/data.sty Tue Oct 04 22:43:00 2016 +0100 @@ -0,0 +1,54 @@ +\begin{filecontents}{bufferoverflows.data} +Year Matches Total Percentage +1997 1 252 0.40 +1998 1 246 0.41 +1999 4 894 0.45 +2000 1 1020 0.10 +2001 8 1677 0.48 +2002 42 2156 1.95 +2003 56 1527 3.67 +2004 27 2451 1.10 +2005 69 4931 1.40 +2006 141 6608 2.13 +2007 436 6514 6.69 +2008 564 5632 10.01 +2009 564 5732 9.84 +2010 536 4639 11.55 +2011 662 4150 15.95 +2012 725 5288 13.71 +2013 759 5186 14.64 +2014 636 6675 9.53 +2015 988 6488 15.23 +2016 951 4916 19.34 +\end{filecontents} + +\begin{filecontents}{bitcoinestimate.data} +2009 0.000 +2010 12.500 +2011 25.000 +2012 37.500 +2013 50.000 +2014 56.250 +2015 62.500 +2016 68.750 +2017 75.000 +2018 78.125 +2019 81.250 +2020 84.375 +2021 87.500 +2022 89.063 +2023 90.625 +2024 92.188 +2025 93.750 +\end{filecontents} + +\begin{filecontents}{bitcoinactual.data} +2009.00 0.000 +2010.33 12.500 +2011.00 25.000 +2011.91 37.500 +2012.83 50.000 +2013.75 56.250 +2014.58 62.500 +2015.50 68.750 +\end{filecontents} diff -r ddf7315450c9 -r da4896f201b5 handouts/ho03.pdf Binary file handouts/ho03.pdf has changed diff -r ddf7315450c9 -r da4896f201b5 handouts/ho03.tex --- a/handouts/ho03.tex Tue Oct 04 17:10:01 2016 +0100 +++ b/handouts/ho03.tex Tue Oct 04 22:43:00 2016 +0100 @@ -68,7 +68,7 @@ \begin{quote}\it ``Since 2008, vulnerability has left apps and hardware open to remote - hijacking. Researchers have discovered a potentially catastrophic flaw in + hijacking: Researchers have discovered a potentially catastrophic flaw in one of the Internet's core building blocks that leaves hundreds or thousands of apps and hardware devices vulnerable to attacks that can take complete control over them. The vulnerability was introduced in 2008 in diff -r ddf7315450c9 -r da4896f201b5 handouts/ho07.tex --- a/handouts/ho07.tex Tue Oct 04 17:10:01 2016 +0100 +++ b/handouts/ho07.tex Tue Oct 04 22:43:00 2016 +0100 @@ -5,6 +5,7 @@ \begin{document} \fnote{\copyright{} Christian Urban, 2014, 2015} +%https://www.theguardian.com/technology/2016/oct/04/yahoo-secret-email-program-nsa-fbi %https://nakedsecurity.sophos.com/2015/11/12/california-collects-owns-and-sells-infants-dna-samples/ %http://randomwalker.info/teaching/fall-2012-privacy-technologies/? %https://josephhall.org/papers/NYU-MCC-1303-S2012_privacy_syllabus.pdf diff -r ddf7315450c9 -r da4896f201b5 progs/C0.c --- a/progs/C0.c Tue Oct 04 17:10:01 2016 +0100 +++ b/progs/C0.c Tue Oct 04 22:43:00 2016 +0100 @@ -13,6 +13,6 @@ int main (int argc, char **argv) { - foo("my string is too long !!!!! "); + foo("my string is too long !!!!!"); return 0; } diff -r ddf7315450c9 -r da4896f201b5 progs/README --- a/progs/README Tue Oct 04 17:10:01 2016 +0100 +++ b/progs/README Tue Oct 04 22:43:00 2016 +0100 @@ -19,6 +19,7 @@ emacs -nw ...file.... (is also an alias) + gcc -O file file.c C0.c ==== diff -r ddf7315450c9 -r da4896f201b5 slides/slides03.pdf Binary file slides/slides03.pdf has changed diff -r ddf7315450c9 -r da4896f201b5 slides/slides03.tex --- a/slides/slides03.tex Tue Oct 04 17:10:01 2016 +0100 +++ b/slides/slides03.tex Tue Oct 04 22:43:00 2016 +0100 @@ -2,6 +2,7 @@ \usepackage{../slides} \usepackage{../graphics} \usepackage{../langs} +\usepackage{../data} \setmonofont[Scale=.88]{Consolas} \newfontfamily{\consolas}{Consolas} @@ -58,6 +59,46 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \begin{frame}[c] +\frametitle{\begin{tabular}{@{}c@{}}According to\\ US Vulnerability DB\end{tabular}} + +\begin{center} +\mbox{}\hspace{-8mm}\begin{tikzpicture} +\begin{axis}[ + xlabel={year}, + xlabel style={yshift=-1em}, + ylabel={\% of total attacks}, + ylabel style={yshift=-0em}, + enlargelimits=false, + xtick={1997,2000,2002,...,2016}, + xmin=1996.5, + xmax=2017, + ymax=23, + ytick={0,5,...,20}, + scaled ticks=false, + axis lines=left, + width=11.5cm, + height=5cm, + ybar, + x tick label style={text height=1ex,font=\footnotesize,/pgf/number format/1000 sep={}}, + nodes near coords= + {\footnotesize + $\pgfmathprintnumber[fixed,fixed zerofill,precision=1,use comma]{\pgfkeysvalueof{/data point/y}}$} + ] +\addplot + table [x=Year,y=Percentage] {bufferoverflows.data}; +\end{axis} +\end{tikzpicture} +\end{center} + + +from the US National Vulnerability Database\\ +\small\url{http://web.nvd.nist.gov/view/vuln/statistics} +\end{frame} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\begin{frame}[c] \frametitle{Smash the Stack for Fun\ldots} \begin{itemize} @@ -89,9 +130,9 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \begin{frame}[c] \frametitle{A Long Printed ``Twice''} -\mbox{}\\[-10mm] +\mbox{}\\[-6mm] -\footnotesize +\footnotesize \lstinputlisting[language=C,xleftmargin=4mm]{../progs/C0.c} \end{frame} @@ -100,7 +141,7 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \begin{frame}[c] \frametitle{Printing Out ``Zombies''} -\mbox{}\\[-10mm] +\mbox{}\\[-6mm] \footnotesize \lstinputlisting[language=C,xleftmargin=4mm]{../progs/C1.c} @@ -111,7 +152,7 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \begin{frame}[c] \frametitle{A ``Login'' Function (1)} -\mbox{}\\[-10mm] +\mbox{}\\[-6mm] \footnotesize \lstinputlisting[language=C,xleftmargin=4mm]{../progs/C2a.c} @@ -122,7 +163,7 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \begin{frame}[c] \frametitle{A ``Login'' Function (2)} -\mbox{}\\[-10mm] +\mbox{}\\[-6mm] \footnotesize \lstinputlisting[language=C,xleftmargin=-3mm]{../progs/C2b.c} @@ -381,7 +422,7 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \begin{frame}[c] \frametitle{Overflow.c} -\mbox{}\\[-10mm] +\mbox{}\\[-6mm] \small \lstinputlisting[language=C,xleftmargin=-4mm,numbers=none]{../progs/overflow.c} @@ -556,40 +597,40 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -\begin{frame}[c] -\frametitle{NIST Statistics about BOA} +%% \begin{frame}[c] +%% \frametitle{NIST Statistics about BOA} -\begin{center} -\begin{tikzpicture} -\begin{axis}[ - xlabel={year}, - ylabel={\% of total attacks}, - ylabel style={yshift=0em}, - enlargelimits=false, - xtick={1997,1999,2001,...,2015}, - xmin=1996.5, - xmax=2016, - ymax=21, - ytick={0,5,...,20}, - scaled ticks=false, - axis lines=left, - width=11cm, - height=5cm, - ybar, - nodes near coords= - {\footnotesize - $\pgfmathprintnumber[fixed,fixed zerofill,precision=1,use comma]{\pgfkeysvalueof{/data point/y}}$}, - x tick label style={font=\footnotesize,/pgf/number format/1000 sep={}}] -\addplot - table [x=Year,y=Percentage] {../handouts/bufferoverflows.data}; -\end{axis} -\end{tikzpicture} -\end{center} +%% \begin{center} +%% \begin{tikzpicture} +%% \begin{axis}[ +%% xlabel={year}, +%% ylabel={\% of total attacks}, +%% ylabel style={yshift=0em}, +%% enlargelimits=false, +%% xtick={1997,1999,2001,...,2015}, +%% xmin=1996.5, +%% xmax=2016, +%% ymax=21, +%% ytick={0,5,...,20}, +%% scaled ticks=false, +%% axis lines=left, +%% width=11cm, +%% height=5cm, +%% ybar, +%% nodes near coords= +%% {\footnotesize +%% $\pgfmathprintnumber[fixed,fixed zerofill,precision=1,use comma]{\pgfkeysvalueof{/data point/y}}$}, +%% x tick label style={font=\footnotesize,/pgf/number format/1000 sep={}}] +%% \addplot +%% table [x=Year,y=Percentage] {../handouts/bufferoverflows.data}; +%% \end{axis} +%% \end{tikzpicture} +%% \end{center} -from the US National Vulnerability Database\\ -\small\url{http://web.nvd.nist.gov/view/vuln/statistics} +%% from the US National Vulnerability Database\\ +%% \small\url{http://web.nvd.nist.gov/view/vuln/statistics} -\end{frame} +%% \end{frame} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%