Mercurial Mercurial > hg > sen-material / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | gz | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
updated
authorChristian Urban <christian dot urban at kcl dot ac dot uk>
Fri, 12 Feb 2016 05:33:38 +0000
changeset 450 f3d5e57ca00a
parent 449 7ecbf5339d0f
child 451 b6eb8142dec1
updated
handouts/ho01.pdf file | annotate | diff | comparison | revisions
handouts/ho01.tex file | annotate | diff | comparison | revisions
handouts/ho07.pdf file | annotate | diff | comparison | revisions
handouts/ho07.tex file | annotate | diff | comparison | revisions 
Binary file handouts/ho01.pdf has changed
--- a/handouts/ho01.tex	Thu Feb 11 11:25:47 2016 +0000
+++ b/handouts/ho01.tex	Fri Feb 12 05:33:38 2016 +0000
@@ -118,8 +118,13 @@
 authorisation. Even though the banks involved trumpeted their
 system as being absolutely secure and indeed fraud rates
 initially went down, security researchers were not convinced
-(especially not the group around Ross Anderson). To begin with,
-the Chip-and-PIN system introduced a ``new player'' into the
+(especially not the group around Ross
+Anderson).\footnote{Actually, historical data about fraud
+showed that first fraud rates went up (while early problems to
+do with the introduction of Chip-and-PIN we exploited), then
+down, but recently up again (because criminals getting more
+familiar with the technology and how it can be exloited).} To begin with, the
+Chip-and-PIN system introduced a ``new player'' into the
 system that needed to be trusted: the PIN terminals and their
 manufacturers. It was claimed that these terminals were
 tamper-resistant, but needless to say this was a weak link in
@@ -206,8 +211,12 @@
 cards such that they get all data that was on the Magstripe,
 except for three digits (the CVV number). Remember,
 Chip-and-PIN cards were introduced exactly for preventing
-this.
+this. Ross Anderson also talked about his research at the
+BlackHat Conference in 2014:
 
+\begin{center}
+\url{https://www.youtube.com/watch?v=ET0MFkRorbo}
+\end{center}
 
 \subsection*{Of Cookies and Salts}
 
Binary file handouts/ho07.pdf has changed
--- a/handouts/ho07.tex	Thu Feb 11 11:25:47 2016 +0000
+++ b/handouts/ho07.tex	Fri Feb 12 05:33:38 2016 +0000
@@ -62,7 +62,7 @@
 We would have hoped that after Snowden, Western governments
 would be a bit more sensitive and enlightned about the topic
 of privacy, but this is far from the truth. Ross Anderson
-wrote the following in his blog about the approach taken in
+wrote the following in his blog\footnote{\url{https://www.lightbluetouchpaper.org/2016/02/11/report-on-the-ip-bill/}} about the approach taken in
 the US to lessons learned from the Snowden leaks and contrasts
 this with the new snooping bill that is considered in the UK
 parliament:
sen-material