Mercurial Mercurial > hg > sen-material / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | gz | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
updated
authorChristian Urban <urbanc@in.tum.de>
Mon, 24 Sep 2012 20:51:17 +0100
changeset 5 1280309e6bfc
parent 4 31ccabd34430
child 6 4c40d4b2d01c
updated
app0.scala file | annotate | diff | comparison | revisions
app1.scala file | annotate | diff | comparison | revisions
slides01.pdf file | annotate | diff | comparison | revisions
slides01.tex file | annotate | diff | comparison | revisions 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/app0.scala	Mon Sep 24 20:51:17 2012 +0100
@@ -0,0 +1,15 @@
+package controllers
+import play.api.mvc._
+
+object Application extends Controller {
+
+  // answering a GET request
+  val index = Action { request =>
+    
+    Ok("Hello world!")
+  }  
+  
+}
+
+
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/app1.scala	Mon Sep 24 20:51:17 2012 +0100
@@ -0,0 +1,28 @@
+object Application extends Controller {
+
+  // presenting login form
+  val index = Action { request =>
+    
+    val form = """<form method="post"> 
+                Login: <input type="text" name="login"><br>
+                Password: <input type="password" name="password"><br>
+                <input type="submit"></form>"""
+
+    Ok(form).as(HTML)
+  }  
+
+  
+  // processing the received login data
+  val receive = Action { request =>
+    
+    val form_data = Form (tuple ("login" -> text, "password" -> text))
+
+    val (login, password) = form_data.bindFromRequest()(request).get 
+    
+    Ok("Received login: " + login + " and password: " + password)
+  }
+  
+}
+
+
+
Binary file slides01.pdf has changed
--- a/slides01.tex	Mon Sep 24 08:23:12 2012 +0100
+++ b/slides01.tex	Mon Sep 24 20:51:17 2012 +0100
@@ -145,7 +145,7 @@
 \begin{itemize}
 \item Chip-and-PIN was introduced in the UK in 2004
 \item before that customers had to sign a receipt\medskip
-\item Is Chip-and-PIN a more secure system?
+\item Is Chip-and-PIN a more secure system? What do you think?
 \end{itemize}
 
 \begin{flushright}
@@ -166,8 +166,8 @@
 \draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm] 
 {\normalsize\color{darkgray}
 \begin{minipage}{10cm}\raggedright\small
-The Guardian (2006): ``Chip-and-PIN is so effective in this country that fraudsters are starting to move their activities overseas,'' 
-said Emile Abu-Shakra, spokesman for Lloyds TSB.
+``Chip-and-PIN is so effective in this country that fraudsters are starting to move their activities overseas,'' 
+said Emile Abu-Shakra, spokesman for Lloyds TSB (in the Guardian, 2006).
 \end{minipage}};
 \end{tikzpicture}\bigskip
 
@@ -185,7 +185,7 @@
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \mode<presentation>{
 \begin{frame}[c]
-\frametitle{\begin{tabular}{c}BUT\ldots\end{tabular}}
+\frametitle{\begin{tabular}{c}Let's see\ldots\end{tabular}}
 
 
 \begin{textblock}{1}(3,4)
@@ -226,8 +226,8 @@
 
 
 \begin{itemize}
-\item ``tamperesitant'' terminal playing Tetris on 
-\textcolor{blue}{\href{http://www.youtube.com/watch?v=wWTzkD9M0sU}{youtube}}\\
+\item A ``tamperesitant'' terminal playing Tetris on 
+\textcolor{blue}{\href{http://www.youtube.com/watch?v=wWTzkD9M0sU}{youtube}}.\\
 \textcolor{lightgray}{\footnotesize(\url{http://www.youtube.com/watch?v=wWTzkD9M0sU})}
 \end{itemize}
  
@@ -245,7 +245,7 @@
 
 
 \begin{itemize}
-\item in 2006, Shell petrol stations stopped accepting Chip-and-PIN after \pounds{}1m had been stolen from customer accounts 
+\item in 2006, Shell petrol stations stopped accepting Chip-and-PIN after \pounds{}1m had been stolen from customer accounts\smallskip 
 \item in 2008, hundreds of card readers for use in Britain, Ireland, the Netherlands, Denmark, and Belgium had been 
 expertly tampered with shortly after manufacture so that details and PINs of credit cards were sent during the 9 months 
 before over mobile phone networks to criminals in Lahore, Pakistan
@@ -265,12 +265,20 @@
 \end{flushright}
 
 \begin{itemize}
-\item Man-in-the-middle attacks by the group around Ross Anderson\medskip
+\item man-in-the-middle attacks by the group around Ross Anderson\medskip
 \end{itemize}
 
 \begin{center}
-\includegraphics[scale=0.5]{pics/chip-attack.png}
+\mbox{}\hspace{-20mm}\includegraphics[scale=0.5]{pics/chip-attack.png}
 \end{center}
+
+
+\begin{textblock}{1}(11.5,13.7)
+\begin{tabular}{l}
+\footnotesize on BBC Newsnight\\[-2mm] 
+\footnotesize in 2010 or \textcolor{blue}{\href{http://www.youtube.com/watch?v=JPAX32lgkrw}{youtube}}
+\end{tabular}
+\end{textblock}
   
 \end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
@@ -286,7 +294,7 @@
 \end{flushright}
 
 \begin{itemize}
-\item same group successfully attacked last this year card readers and ATM machines
+\item same group successfully attacked this year card readers and ATM machines
 \item the problem: several types of ATMs generate poor random numbers, which are used as nonces
 \end{itemize}
 
@@ -328,7 +336,7 @@
   
 \begin{textblock}{14}(1,13.5)
 \begin{itemize}
-\item the burden of proof for fraud and financial liability shifted to the costumer
+\item the burden of proof for fraud and financial liability was shifted to the costumer
 \end {itemize} 
 \end{textblock}
   
@@ -384,6 +392,34 @@
 \end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{\begin{tabular}{c}Scala + Play\end{tabular}}
+
+{\lstset{language=Scala}\fontsize{8}{10}\selectfont
+\texttt{\lstinputlisting{app0.scala}}}\bigskip
+
+\footnotesize
+alternative response:\\
+
+{\lstset{language=Scala}\fontsize{8}{10}\selectfont
+\texttt{Ok("<H1>Hello world!</H1>").as(HTML)}}
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+
+{\lstset{language=Scala}\fontsize{8}{10}\selectfont
+\texttt{\lstinputlisting{app1.scala}}}
+
+  
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
+
 % linkedIn password
 % http://erratasec.blogspot.co.uk/2012/06/confirmed-linkedin-6mil-password-dump.html
 
@@ -399,14 +435,14 @@
 \frametitle{\begin{tabular}{c}Brute Forcing Passwords\end{tabular}}
 
 \begin{itemize}
-\item How fast can hackers crack passwords? \pause
+\item How fast can hackers crack SHA-1 passwords? \pause
 
-\item The answer is 2 billion per second using a Radeon HD 7970
+\item The answer is 2 billion attempts per second\\ 
+using a Radeon HD 7970
 \end{itemize}
 
-
 \begin{center}
-\begin{tabular}{rl}
+\begin{tabular}{@ {\hspace{-12mm}}rl}
 password length & time\smallskip\\\hline
 5 letters & 5 secs\\
 6 letters & 500 secs\\
@@ -417,8 +453,19 @@
 \end{center}
 
 \small
-5 letters $=$ 100$^5$ $=$ 10 billion combinations\\ 
-(1 letter $\approx$ upper case, lower case, digits, symbols)
+5 letters $\approx$ 100$^5$ $=$ 10 billion combinations\\ 
+(1 letter - upper case, lower case, digits, symbols $\approx$ 100)
+
+\only<2->{
+\begin{textblock}{1}(12,5)
+\begin{tabular}{c}
+\includegraphics[scale=0.3]{pics/radeon.jpg}\\[-6mm]
+\footnotesize graphics card\\[-1mm]
+\footnotesize ca.~\pounds{}300
+\end{tabular}
+\end{textblock}}
+
+
 
 \end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
sen-material