Mercurial Mercurial > hg > sen-material / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | gz | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
updated
authorChristian Urban <christian dot urban at kcl dot ac dot uk>
Thu, 06 Nov 2014 17:41:55 +0000
changeset 287 0b9a16ddd625
parent 286 47e06cb75837
child 288 fd4bf1a2d38d
updated
handouts/ho02.pdf file | annotate | diff | comparison | revisions
handouts/ho02.tex file | annotate | diff | comparison | revisions
handouts/ho03.pdf file | annotate | diff | comparison | revisions
handouts/ho03.tex file | annotate | diff | comparison | revisions
handouts/ho05.pdf file | annotate | diff | comparison | revisions
handouts/ho05.tex file | annotate | diff | comparison | revisions 
Binary file handouts/ho02.pdf has changed
--- a/handouts/ho02.tex	Thu Nov 06 12:32:05 2014 +0000
+++ b/handouts/ho02.tex	Thu Nov 06 17:41:55 2014 +0000
@@ -449,9 +449,11 @@
 For example a good-enough and workable in-lecture online
 voting system where students' votes are anonymous and students
 cannot tamper with the outcome, I am sure, can be implemented. 
-\bigskip
+
 
-\noindent If you want to know more about e-voting, I recommend
+\subsubsection*{Further Reading}
+
+If you want to know more about e-voting, I recommend
 the highly entertaining online course by Alex Halderman at
 Coursera.
 
Binary file handouts/ho03.pdf has changed
--- a/handouts/ho03.tex	Thu Nov 06 12:32:05 2014 +0000
+++ b/handouts/ho03.tex	Thu Nov 06 17:41:55 2014 +0000
@@ -487,13 +487,15 @@
 amount of time. If we now use an address that lets us jump to
 any address in the grey area we are done. The target machine
 will execute these \pcode{NOP} operations until it reaches the
-shellcode. A moment of thought should convince you that this
-trick can hugely improve our odds of finding the right
-address---depending on the size of the buffer, it might only
-take a few tries to get the shellcode to run. And then we are
-in. The code for such an attack is shown in Figure~\ref{C3}.
-It is directly taken from the original paper about ``Smashing
-the Stack for Fun and Profit'' (see pointer given at the end).
+shellcode. That is why this NOP-part is often called
+\emph{NOP-sledge}. A moment of thought should convince you
+that this trick can hugely improve our odds of finding the
+right address---depending on the size of the buffer, it might
+only take a few tries to get the shellcode to run. And then we
+are in. The code for such an attack is shown in
+Figure~\ref{C3}. It is directly taken from the original paper
+about ``Smashing the Stack for Fun and Profit'' (see pointer
+given at the end).
 
 \begin{figure}[p]
 \lstinputlisting[language=C]{../progs/C3.c}
Binary file handouts/ho05.pdf has changed
--- a/handouts/ho05.tex	Thu Nov 06 12:32:05 2014 +0000
+++ b/handouts/ho05.tex	Thu Nov 06 17:41:55 2014 +0000
@@ -661,7 +661,7 @@
 Now the big question is, why on earth does this splitting
 of messages in half and additional message exchange help
 with defending against person-in-the-middle attacks? Well,
-let's try to be such an attacker. As before we intercept
+let's try to be an attacker. As before we intercept
 the messages where public keys are exchanged and inject
 our own.
 
@@ -772,7 +772,7 @@
 With this the protocol has ended. $E$ was able to decrypt all
 messages, but what messages did $A$ and $B$ receive and from
 whom? Do you notice that $A$ and $B$ will find out that
-something strange has happened and probably not talk on this
+something strange is going on and probably not talk on this
 channel anymore? I leave you to think about it.
 
 Recall from the beginning that a person-in-the middle
sen-material