Each assignment is due at the beginning of class on the due date.
By Friday, 9/17/04. Log in to your Math/CS account. Then work through Tutorials 1-4 of this Unix tutorail from the University of Surrey.
Bring questions to class.Due Wednesday, 9/22/04. Select a reasonably well-known incident from computer security history. Write a paper, no more than two pages double-spaced, about this incident. In your paper, you should tell the story of the incident, including a brief explanation of the specific security flaws that made the security breach possible. Then, you should discuss this incident in the context of Schneier's "Landscape" chapters: what special features of the Internet made this security breach possible? what kind of attack was involved? what kind of people were the attackers, and what were their motivations? what kinds of security needs of the victims were violated?
Due Wednesday, 9/29/04. Do these problems about binary arithmetic and IP addresses.
Due midnight Monday (that is, at the end of Monday), 10/4/04. Put an HTML page called cs100-1.html in your WebPub folder. Your page should include at least one each of the following: a link, a table, an <h2> heading, an <h3> heading, an image, colored text, a comment, and an ordered list. If you make the page amusing or interesting, all the better, but I will only grade you on achieving these basic features.
To learn some basic HTML, you can try this tutorial or this really old tutorial or any of the dozens of tutorials you can find by asking Google to look for "HTML tutorial". Please bring questions to class on Monday.
If you have written basic HTML documents before, then you should take this assignment as an opportunity to explore something you haven't tried before. Background images or XHTML or Cascading Style Sheets or whatever strikes your fancy. The requirements of the assignment are the same, but try to make sure you learn at least one new thing for the assignment.
Due Wednesday, 10/13/04. Ten-minute class presentations on the topics we assigned in class on 10/6.
Due Friday, 10/15/04. Some exercises on packet-sniffing and RSA cryptography.
Go through the Introduction, Syntax, Operators, Conditional Statements, Looping, Functions, and Forms sections of this PHP tutorial. You will probably have lots of questions, so write them down and bring them to class.
Due Wednesday, 10/27/04. This PHP exercise.
During class, 10/27/04. Some questions about the Internet Worm
Due Monday, 11/1/04. Write a short (3-5 pages) paper on Internet voting systems. Start by summarizing the vulnerabilities in the SERVE system that are discussed in Analyzing Internet Voting Security, by David Jefferson, Aviel D. Rubin, Barbara Simons, and David Wagner, Communications of the ACM 47(10), October 2004. Then search the Internet for other Internet voting systems or proposals. Pick one, and analyze its vulnerabilities based on what you have learned from the paper by Jefferson, et. al. Regardless of what system you examine, you will undoubtedly have incomplete information to work with; do your best to assess the system with the information available.
Final project. Project topic selection due on Monday, November 8. Web pages and presentations due by the beginning of the final exam period (3:30-6:00 Monday, November 22, in CMC319). You may work with a partner, if you wish.
Your job is to select a security-related topic and research it, presenting your results both as a collection of web pages and as an oral presentation to your classmates. You should strive to provide a reasonably deep and detailed discussion of your topic, and to create an attractive and interesting web-based presentation of the results of your researches.
Your web site should include a bibliography. If you use images from other sites, use this image citation style. As always, of course, provide appropriate citation whenever you quote use a significant idea from another person.
What topic should you choose? Here are a few ideas: identity theft, distributed denial of service attacks, password cracking, phishing, viruses in general, macro viruses in particular, firewalls, computer forensics, legal implications of hacking.
Regardless of what you choose, make sure to discuss the history of your topic, explain any relevant technical issues (e.g. protocols, techniques of attack, countermeasures), and talk about social implications, if any.
Questions? Let me know. Have a good time.
Exam, due on paper at 12:30PM Monday, 11/15/04.
Readings that are not in your textbooks will be available either on-line or on the bookshelves inside the 2nd-floor door of the Math Skills Center. Please treat the copies in the Skills Center as if they were on closed reserve--read them nearby, and bring them back promptly.
For Wednesday, 9/15/04. Read Chapters 1-3 of Secrets and Lies.
For Friday, 9/17/04. Read Chapters 4-5 of Secrets and Lies.
For Wednesday, 9/22/04. Read Chapters 12-19 of Douglas Comer's The Internet Book, which you can find on the bottom shelf of the bookshelves just inside the main door of the Math Skills Center on the second floor of the CMC.
For Monday, 10/4/04. Read Chapters 6-8 of Secrets and Lies.
For Friday, 10/22/04. Read Chapters 8-10 of Secrets and Lies.
For Monday, 10/25/04. Read Chapters 11-12 of Secrets and Lies.
For Friday, 10/29/04. Read Analyzing Internet Voting Security, by David Jefferson, Aviel D. Rubin, Barbara Simons, and David Wagner, Communications of the ACM 47(10), October 2004.
For Friday, 11/5/04. Read Reflections on Trusting Trust, by Ken Thompson. Prepare to discuss several matters:
For Friday, 11/12/04. Read An Evening With Berferd: In Which a Cracker is Lured, Endured, and Studied, by Bill Cheswick.