--- a/slides01.tex Tue Sep 25 08:29:04 2012 +0100
+++ b/slides01.tex Tue Sep 25 13:37:42 2012 +0100
@@ -76,7 +76,7 @@
\begin{document}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}<1>[t]
\frametitle{%
@@ -430,7 +430,7 @@
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
-\frametitle{\begin{tabular}{c}Screwed Again\end{tabular}}
+\frametitle{\begin{tabular}{c}Being Screwed Again\end{tabular}}
\begin{flushright}
@@ -588,6 +588,88 @@
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
+\begin{frame}[t]
+\begin{itemize}
+\item While cookies are per web-page, this can be easily circumvented.
+\end{itemize}
+
+\begin{textblock}{1}(1.5,4.5)
+\begin{tabular}{c}
+\includegraphics[scale=0.07]{pics/servers.png}\\[-2mm]
+\small Pet Store\\[-2mm]
+\small Dot.com\\[-2mm]
+\end{tabular}
+\end{textblock}
+
+\begin{textblock}{1}(1.5,8)
+\begin{tabular}{c}
+\includegraphics[scale=0.07]{pics/servers.png}\\[-2mm]
+\small Dating.com
+\end{tabular}
+\end{textblock}
+
+\begin{textblock}{1}(10.5,7.5)
+\begin{tabular}{c}
+\includegraphics[scale=0.07]{pics/servers.png}\\[-2mm]
+\small Evil-Ad-No\\[-2mm]
+\small Privacy.com
+\end{tabular}
+\end{textblock}
+
+\begin{textblock}{1}(6,10.5)
+\begin{tabular}{c}
+\includegraphics[scale=0.16]{pics/rman.png}\\[-1mm]
+\small you
+\end{tabular}
+\end{textblock}
+
+\begin{textblock}{1}(4,5)
+ \begin{tikzpicture}[scale=1]
+ \draw[white] (0,0.5) node (X) {};
+ \draw[white] (5.7,-1) node (Y) {};
+ \draw[red, ->, line width = 0.5mm] (X) -- (Y);
+ \node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
+ \end{tikzpicture}
+\end{textblock}
+
+\begin{textblock}{1}(4,7.9)
+ \begin{tikzpicture}[scale=1]
+ \draw[white] (0,0) node (X) {};
+ \draw[white] (5.7,0) node (Y) {};
+ \draw[red, ->, line width = 0.5mm] (X) -- (Y);
+ \node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
+ \end{tikzpicture}
+\end{textblock}
+
+\begin{textblock}{1}(3.3,9.3)
+ \begin{tikzpicture}[scale=1.2]
+ \draw[white] (0,0) node (X) {};
+ \draw[white] (1.5,-1) node (Y) {};
+ \draw[red, <->, line width = 2mm] (X) -- (Y);
+ \node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
+ \draw[white] (0.9,0.3) node (X1) {};
+ \draw[white] (1.9,-1) node (Y1) {};
+ \draw[red, <->, line width = 2mm] (X1) -- (Y1);
+ \node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X1)!.5!(Y1) $) {};
+ \end{tikzpicture}
+\end{textblock}
+
+\begin{textblock}{1}(8.6,10.1)
+ \begin{tikzpicture}[scale=0.9]
+ \draw[white] (0,0) node (X) {};
+ \draw[white] (-2,-1) node (Y) {};
+ \draw[red, <->, line width = 0.5mm] (X) -- (Y);
+ \node [inner sep=5pt,label=above:\textcolor{black}{}] at ($ (X)!.5!(Y) $) {};
+ \end{tikzpicture}
+\end{textblock}
+
+
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
\begin{frame}[c]
\frametitle{\begin{tabular}{c}My First Webapp\end{tabular}}
@@ -653,7 +735,7 @@
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
\frametitle{\begin{tabular}{c}SHA-1\end{tabular}}
@@ -667,7 +749,8 @@
\end{itemize}
\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
@@ -699,38 +782,59 @@
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
\frametitle{\begin{tabular}{c}Unix Passwords\end{tabular}}
\begin{itemize}
-\item passwords are {\bf not} stored in clear text
+\item passwords are \alert{\bf not} stored in clear text
+\item instead \texttt{/etc/shadow} contains
\end{itemize}
+
+{\small
+\texttt{name:\$1\$QIGCa\$/ruJs8AvmrknzKTzM2TYE.:other\_info}
+}
+
+\begin{itemize}
+\item \texttt{\$} is separator
+\item \texttt{1} is MD5 (actually SHA-512 is used nowadays, \texttt{6})
+\item \texttt{QIGCa} is salt
+\item \texttt{ruJs8AvmrknzKTzM2TYE} $\rightarrow$ password + salt
+\end{itemize}
+
+\textcolor{gray}{\small
+(\texttt{openssl passwd -1 -salt QIGCa pippo})
+}
% Unix password
% http://ubuntuforums.org/showthread.php?p=5318038
\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
\frametitle{\begin{tabular}{c}Password Blunders\end{tabular}}
-in late 2009, when an SQL injection attack against online games
-service RockYou.com exposed 32 million plaintext passwords
+
+\begin{itemize}
+\item in late 2009, when an SQL injection attack against online games
+service RockYou.com exposed 32 million \alert{plaintext} passwords
-1.3 million Gawker credentials exposed in December 2010 contained MD5 hashes
+\item 1.3 million Gawker credentials exposed in December 2010 containing
+unsalted(?) \alert{MD5} hashes
+
+\item June 6th, 2012, 6 million unsalted SHA-1 passwords were leaked
% linkedIn password
% http://erratasec.blogspot.co.uk/2012/06/confirmed-linkedin-6mil-password-dump.html
-
+\end{itemize}\medskip
-
+\small
Web user maintains 25 separate accounts but uses just 6.5 passwords
\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%For instance, SHA512crypt, which is included in Mac OS X and most Unix-based operating systems, passes text through 5,000 iterations, a %hurdle that would have limited Gosney to slightly less than 2,600 guesses per second. The Bcrypt algorithm is even more computationally %expensive, in large part because it subjects text to multiple iterations of the Blowfish cipher that was deliberately modified to increase the %time required to generate a hash. PBKDF2, a function built into Microsoft's .Net software developer framework, offers similar benefits.
@@ -740,7 +844,7 @@
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
\frametitle{\begin{tabular}{c}Brute Forcing Passwords\end{tabular}}
@@ -779,29 +883,34 @@
\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
\frametitle{\begin{tabular}{c}Passwords\end{tabular}}
+How to recover from a breakin?\pause\medskip
+
\begin{itemize}
-\item How do recover from a breakin?
+\item Do not send passwords in plain text.
+\item Security questions are tricky to get right.
+\item QQ (Chinese Skype) authenticates you via contacts.
\end{itemize}
\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
\frametitle{\begin{tabular}{c}This Course\end{tabular}}
\begin{itemize}
-\item breakins (buffer overflows)
-\item access control (role based, data security / data integrity)
-\item protocols
+\item break-ins (buffer overflows)
+\item access control\\ (role based, data security / data integrity)
+\item protocols\\
+(specification)
\item access control logic
\item privacy
\begin{quote}
@@ -810,17 +919,42 @@
\end{itemize}
\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
-\frametitle{\begin{tabular}{c}Homework\end{tabular}}
+\frametitle{\begin{tabular}{c}Books + Homework\end{tabular}}
+\begin{itemize}
+\item there is no single book I am following
+\begin{center}
+\includegraphics[scale=0.012]{pics/andersonbook1.jpg}
+\includegraphics[scale=0.23]{pics/accesscontrolbook.jpg}
+\end{center}\medskip\pause
+
+\item The question ``Is this relevant for the exams'' is not appreciated!\medskip\\
+
+Whatever is in the homework sheets (and is not marked optional) is relevant for the
+exam.
+\end{itemize}
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{\begin{tabular}{c}Take-Home Points\end{tabular}}
+
+\begin{itemize}
+\item Never store passwords in plain text.\medskip
+\item Always salt your hashes!\medskip
+\item Use an existing algorithm; do not write your own!
+\end{itemize}
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
@@ -828,8 +962,8 @@
\frametitle{\begin{tabular}{c}Thinking as a Defender\end{tabular}}
\begin{itemize}
-\item What are we trying to protect?
-\item What properties are we trying to enforce?\medskip
+\item What are you trying to protect?
+\item What properties are you trying to enforce?\medskip
\item Who are the attackers? Capabilities? Motivations?
\item What kind of attack are we trying to protect?
@@ -837,10 +971,11 @@
\item What are the weaknesses of the system?
\item What will successful attacks cost us?
-\item How likely are the attacks?\medskip
+\item How likely are the attacks?
+\end{itemize}
-\item Security almost always is {\bf not} free!
-\end{itemize}
+\small
+\textcolor{gray}{Security almost always is {\bf not} free!}
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -853,9 +988,9 @@
\begin{itemize}
\item How things can go wrong.
\item Think outside the box.
-\end{itemize}
+\end{itemize}\bigskip
-The difference between a criminal is to only think about how things can go wrong.
+The difference between being criminal is to only \alert{\bf think} about how things can go wrong.
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -881,7 +1016,7 @@
\end{textblock}
\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\end{document}