--- a/slides/slides01.tex Mon Sep 23 22:43:28 2013 +0100
+++ b/slides/slides01.tex Mon Sep 23 23:53:46 2013 +0100
@@ -1078,8 +1078,6 @@
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-
-
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
@@ -1192,10 +1190,99 @@
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
+\frametitle{\Large\begin{tabular}{c}User-Tracking Without Cookies\end{tabular}}
+
+Can you track a user {\bf without}:
+
+\begin{itemize}
+\item Cookies
+\item Javascript
+\item LocalStorage/SessionStorage/GlobalStorage
+\item Flash, Java or other plugins
+\item Your IP address or user agent string
+\item Any methods employed by Panopticlick\\
+\mbox{}\hfill $\rightarrow$ \textcolor{blue}{\url{https://panopticlick.eff.org/}}
+\end{itemize}
+
+Even when you disabled cookies entirely, have Javascript turned off and use a VPN service.\\\pause
+And numerous sites already use it.
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{\begin{tabular}{c}Web-Protocol\end{tabular}}
+
+\only<1->{
+\begin{textblock}{1}(2,2)
+ \begin{tikzpicture}[scale=1.3]
+ \draw[white] (0,0) node (X) {\includegraphics[scale=0.12]{pics/firefox.jpg}};
+ \end{tikzpicture}
+\end{textblock}}
+
+\only<1->{
+\begin{textblock}{1}(11,2)
+ \begin{tikzpicture}[scale=1.3]
+ \draw[white] (0,0) node (X) {\includegraphics[scale=0.15]{pics/servers.png}};
+ \end{tikzpicture}
+\end{textblock}}
+
+\only<1->{
+\begin{textblock}{1}(5,2.5)
+ \begin{tikzpicture}[scale=1.3]
+ \draw[white] (0,0) node (X) {};
+ \draw[white] (3,0) node (Y) {};
+ \draw[red, ->, line width = 2mm] (X) -- (Y);
+ \node [inner sep=5pt,label=above:\textcolor{black}{\small GET static.jpg}] at ($ (X)!.5!(Y) $) {};
+ \end{tikzpicture}
+\end{textblock}}
+
+\only<2->{
+\begin{textblock}{1}(5,6)
+ \begin{tikzpicture}[scale=1.3]
+ \draw[white] (0,0) node (X) {};
+ \draw[white] (3,0) node (Y) {};
+ \draw[red, <-, line width = 2mm] (X) -- (Y);
+ \node [inner sep=5pt,label=below:\textcolor{black}{\small ETag: 7b33de1}] at ($ (X)!.5!(Y) $) {};
+ \node [inner sep=5pt,label=above:{\includegraphics[scale=0.15]{pics/tvtestscreen.jpg}}] at ($ (X)!.5!(Y) $) {};
+ \end{tikzpicture}
+\end{textblock}}
+
+\only<3->{
+\begin{textblock}{1}(4.2,11)
+ \begin{tikzpicture}[scale=1.3]
+ \draw[white] (0,0) node (X) {};
+ \draw[white] (3,0) node (Y) {};
+ \draw[red, ->, line width = 2mm] (X) -- (Y);
+ \node [inner sep=5pt,label=above:\textcolor{black}{\small GET static.jpg ETag: 7b33de1}] at ($ (X)!.5!(Y) $) {};
+ \end{tikzpicture}
+\end{textblock}}
+
+\only<4->{
+\begin{textblock}{1}(4.2,13.9)
+ \begin{tikzpicture}[scale=1.3]
+ \draw[white] (0,0) node (X) {};
+ \draw[white] (3,0) node (Y) {};
+ \draw[red, <-, line width = 2mm] (X) -- (Y);
+ \node [inner sep=5pt,label=below:\textcolor{black}{\small HTTP/1.1 304 (Not Modified)}] at ($ (X)!.5!(Y) $) {};
+ \end{tikzpicture}
+\end{textblock}}
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
\frametitle{\begin{tabular}{c}Books + Homework\end{tabular}}
\begin{itemize}
-\item there is no single book I am following
+\item There is no single book I am following
\begin{center}
\includegraphics[scale=0.012]{pics/andersonbook1.jpg}
\includegraphics[scale=0.23]{pics/accesscontrolbook.jpg}
@@ -1227,65 +1314,20 @@
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
-\frametitle{\begin{tabular}{c}Thinking as a Defender\end{tabular}}
-
-\begin{itemize}
-\item What are you trying to protect?
-\item What properties are you trying to enforce?\medskip
-
-\item Who are the attackers? Capabilities? Motivations?
-\item What kind of attack are we trying to protect?
-\item Who can fix any vulnerabilities?\medskip
-
-\item What are the weaknesses of the system?
-\item What will successful attacks cost us?
-\item How likely are the attacks?
-\end{itemize}
-
-\small
-\textcolor{gray}{Security almost always is {\bf not} free!}
-
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
\frametitle{\begin{tabular}{c}The Security Mindset\end{tabular}}
\begin{itemize}
-\item How things can go wrong.
+\item How things can go wrong?
\item Think outside the box.
\end{itemize}\bigskip
-The difference between being criminal is to only \alert{\bf think} about how things can go wrong.
+The difference between being criminal is to only \alert{\bf think} about how things can go
+wrong, or be very careful with attacks.
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[t]
-\frametitle{\begin{tabular}{c}Maps in Scala\end{tabular}}
-
-\begin{itemize}
-\item {\bf\texttt{map}} takes a function, say f, and applies it to every element of the list:
-\end{itemize}
-
-\begin{textblock}{15}(2,7)
-\fontsize{13}{14}\selectfont
-\bf\texttt{List(1, 2, 3, 4, 5, 6, 7, 8, 9)}
-\end{textblock}
-
-\begin{textblock}{15}(2,10)
-\fontsize{13}{14}\selectfont
-\bf\texttt{List(1, 4, 9, 16, 25, 36, 49, 64, 81)}
-\end{textblock}
-
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-
\end{document}