Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Lecture 6: CSCI E-1 Spring 2013
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Tommy MacWilliam
April 10, 2013
Education
510
1
Share
Lecture 6: CSCI E-1 Spring 2013
Tommy MacWilliam
April 10, 2013
More Decks by Tommy MacWilliam
See All by Tommy MacWilliam
Lecture 9: CSCI E-1 Spring 2013
tmacwill
0
350
Lecture 8: CSCI E-1 Spring 2013
tmacwill
0
570
Lecture 7: CSCI E-1 Spring 2013
tmacwill
0
700
Lecture 5: CSCI E-1 Spring 2013
tmacwill
1
790
Incorporating Version Control into Programming Courses
tmacwill
1
130
Lecture 4: CSCI E-1 Spring 2013
tmacwill
0
460
Lecture 3: CSCI E-1 Spring 2013
tmacwill
0
560
Lecture 2: CSCI E-1 Spring 2013
tmacwill
0
900
Lecture 1: CSCI E-1 Spring 2013
tmacwill
0
330
Other Decks in Education
See All in Education
応募課題(’25広島)
forget1900
0
980
アジャイルなマインドセットを「取り戻す」新人研修づくり
chinmo
2
320
What workforce agencies must have in place to compete for and deliver on RESTART grants
territorium
PRO
0
130
反応する前に「受容する」力を鍛える。 自分の安全地帯🌱 を育てよう / Cultivating and sharing ventral vagal safety.
spring_aki
0
120
Gitの仕組みと用語 / 01-b-term
kaityo256
PRO
0
260
Sponsorship 2026 | VizChitra
vizchitra
2
170
悩める リーダー達に 届けたい書籍|レジリエントマネジメント 書籍イントロダクション-260126
mimoza60
1
420
Railsチュートリアル × 反転学習の事例紹介
yasslab
PRO
3
180k
高校数学B「統計的な推測」 分野の問題と課題
shimizudan
2
130
Padlet opetuksessa
matleenalaakso
12
15k
P3NFEST 2026 Spring ハンズオン「ハッキング・ラブ!はじめてのハッキングをやってみよう」資料
nomizone
0
390
次期バージョン 14.5.1 Early Access Program が始まりました
harunakano
1
130
Featured
See All Featured
Navigating the moral maze — ethical principles for Al-driven product design
skipperchong
2
320
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
12
1.6k
How STYLIGHT went responsive
nonsquared
100
6k
Statistics for Hackers
jakevdp
799
230k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
12
1.1k
Hiding What from Whom? A Critical Review of the History of Programming languages for Music
tomoyanonymous
2
670
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
31
2.7k
Writing Fast Ruby
sferik
630
63k
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.6k
Documentation Writing (for coders)
carmenintech
77
5.3k
Max Prin - Stacking Signals: How International SEO Comes Together (And Falls Apart)
techseoconnect
PRO
0
140
Practical Orchestrator
shlominoach
191
11k
Transcript
Computer Science E-1 Lecture 6: Security
http://youtu.be/H542nLTTbu0
http://bing.com
http://vimeo.com/blog/post:564
Security
Authentication
Cookies
Sessions
GET /home.php HTTP/1.1 Host: www.facebook.com Cookie: PHPSESSID=5153d29ed84c4
GET /home.php HTTP/1.1 Host: www.facebook.com Cookie: PHPSESSID=5153d29ed84c4
Session Hijacking
None
HTTPS
Cryptography
GET /home.php HTTP/1.1 Host: www.facebook.com Encrypt ehosn9745t987gnlkjab 7@5uejfnjasdbfxb98@#
GET /home.php HTTP/1.1 Host: www.facebook.com Encrypt ehosn9745t987gnlkjab 7@5uejfnjasdbfxb98@# ehosn9745t987gnlkjab 7@5uejfnjasdbfxb98@#
GET /home.php HTTP/1.1 Host: www.facebook.com Decrypt
Wi-Fi Security
WEP, WPA, WPA2
CSRF
https://bank.com/money/transfer? to=67890&amount=100
None
Ka-Boom.
https://bank.com/money/transfer? to=67890&amount=100& token=8549ba93417cdef85
<input type="hidden" name="csrfTokenHidden" value="12345" id="csrfTokenHidden">
http://cse1.net/lecture6
XSS
<h1>Tommy</h1>
None
Ka-Boom.
http://cse1.net/lecture6
Databases
Name DOB Color Preference Shocked Cat 3/17/2010 white indoor Grumpy
Cat 4/4/2012 white indoor Keyboard Cat 1/1/1984 orange outdoor
SQL
SELECT name FROM cats
SELECT * from cats WHERE preference = ‘indoor’
INSERT INTO cats (name, dob, color, preference) VALUES ('Maru', '2008-06-01',
'gray', 'indoor')
UPDATE cats SET name = ‘shocked’ WHERE name = ‘Maru’
DELETE FROM cats WHERE name = ‘Maru’
CRUD
Create Read Update Delete
INSERT SELECT UPDATE DELETE
SELECT * FROM profiles WHERE username = ‘zuck’
I would like __ cheeseburgers cooked ____ and topped with
________.
I would like 2 cheeseburgers cooked medium-well and topped with
lettuce.
I would like 2 cheeseburgers cooked and then thrown at
the nearest customer’s head and topped with lettuce.
Injection
SELECT * FROM profiles WHERE username = ‘______’
‘ OR ‘1’ = ‘1
SELECT * FROM profiles WHERE username = ‘’ OR ‘1’
= ‘1’
Ka-Boom.
Authentication
SELECT * FROM users WHERE username = ‘_____’ AND password
= ‘_____’
SELECT * FROM users WHERE username = ‘rj’ AND password
= ‘’ OR ‘1’ = ‘1’
Ka-Boom.
’; DELETE FROM profiles; --
SELECT * FROM profiles WHERE username = ‘’; DELETE FROM
profiles; --’
None
Sanitizing Input
SELECT * FROM profiles WHERE username = '\' OR \'1\'
= \'1'
Permissions
http://cse1.net/lecture6
Encrypting Text
Caesar Cipher
ABCDEFGHIJKLMNOPQRSTUVWXYZ NOPQRSTUVWXYZABCDEFGHIJKLM
ROT13
banana
onanan
Brute-Force Attack
ROT26
Vigenère Cipher
banana + 246246
banana + 246246 detcrg
banana + cegceg detcrg
Plaintext: computer Key: benrj
computer + benrjben
computer + benrjben dszgduie
Symmetric-Key Cryptography
None
Asymmetric-Key Cryptography
Public/Private Keys
None
Trapdoor One-Way Function
2459 * 8863 = 21794117
Factor 21794117
RSA
Diffie-Hellman
Computer Science E-1 Lecture 6: Security
tmacwill
forget1900
chinmo
territorium
spring_aki
kaityo256
vizchitra
mimoza60
yasslab
shimizudan
matleenalaakso
nomizone
harunakano
skipperchong
tammyeverts
nonsquared
jakevdp
tomoyanonymous
marktimemedia
sferik
philnash
carmenintech
techseoconnect
shlominoach
