Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Lecture 6: CSCI E-1 Spring 2013
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Tommy MacWilliam
April 10, 2013
Education
1
500
Lecture 6: CSCI E-1 Spring 2013
Tommy MacWilliam
April 10, 2013
Tweet
Share
More Decks by Tommy MacWilliam
See All by Tommy MacWilliam
Lecture 9: CSCI E-1 Spring 2013
tmacwill
0
340
Lecture 8: CSCI E-1 Spring 2013
tmacwill
0
560
Lecture 7: CSCI E-1 Spring 2013
tmacwill
0
690
Lecture 5: CSCI E-1 Spring 2013
tmacwill
1
780
Incorporating Version Control into Programming Courses
tmacwill
1
120
Lecture 4: CSCI E-1 Spring 2013
tmacwill
0
450
Lecture 3: CSCI E-1 Spring 2013
tmacwill
0
540
Lecture 2: CSCI E-1 Spring 2013
tmacwill
0
890
Lecture 1: CSCI E-1 Spring 2013
tmacwill
0
330
Other Decks in Education
See All in Education
1125
cbtlibrary
0
170
1216
cbtlibrary
0
140
2025-12-11 nakanoshima.dev LT
takesection
0
100
Security, Privacy and Trust - Lecture 11 - Web Technologies (1019888BNR)
signer
PRO
0
3.2k
核軍備撤廃に向けた次の大きな一歩─核兵器を先には使わないと核保有国が約束すること
hide2kano
0
240
20251119 如果是勇者欣美爾的話, 他會怎麼做? 東海資工
pichuang
0
170
【旧:ZEPメタバース校舎操作ガイド】
ainischool
0
790
Flinga
matleenalaakso
3
15k
NUTMEG紹介スライド
mugiiicha
0
900
10分で学ぶ すてきなモナド
soukouki
1
150
KBS新事業創造体験2025_科目説明会
yasuchikawakayama
0
160
Node-REDで広がるプログラミング教育の可能性
ueponx
1
260
Featured
See All Featured
New Earth Scene 8
popppiees
1
1.5k
AI in Enterprises - Java and Open Source to the Rescue
ivargrimstad
0
1.1k
Statistics for Hackers
jakevdp
799
230k
Information Architects: The Missing Link in Design Systems
soysaucechin
0
780
Optimising Largest Contentful Paint
csswizardry
37
3.6k
From Legacy to Launchpad: Building Startup-Ready Communities
dugsong
0
140
Navigating the moral maze — ethical principles for Al-driven product design
skipperchong
2
240
How GitHub (no longer) Works
holman
316
140k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
659
61k
Intergalactic Javascript Robots from Outer Space
tanoku
273
27k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
231
54k
Building Flexible Design Systems
yeseniaperezcruz
330
40k
Transcript
Computer Science E-1 Lecture 6: Security
http://youtu.be/H542nLTTbu0
http://bing.com
http://vimeo.com/blog/post:564
Security
Authentication
Cookies
Sessions
GET /home.php HTTP/1.1 Host: www.facebook.com Cookie: PHPSESSID=5153d29ed84c4
GET /home.php HTTP/1.1 Host: www.facebook.com Cookie: PHPSESSID=5153d29ed84c4
Session Hijacking
None
HTTPS
Cryptography
GET /home.php HTTP/1.1 Host: www.facebook.com Encrypt ehosn9745t987gnlkjab 7@5uejfnjasdbfxb98@#
GET /home.php HTTP/1.1 Host: www.facebook.com Encrypt ehosn9745t987gnlkjab 7@5uejfnjasdbfxb98@# ehosn9745t987gnlkjab 7@5uejfnjasdbfxb98@#
GET /home.php HTTP/1.1 Host: www.facebook.com Decrypt
Wi-Fi Security
WEP, WPA, WPA2
CSRF
https://bank.com/money/transfer? to=67890&amount=100
None
Ka-Boom.
https://bank.com/money/transfer? to=67890&amount=100& token=8549ba93417cdef85
<input type="hidden" name="csrfTokenHidden" value="12345" id="csrfTokenHidden">
http://cse1.net/lecture6
XSS
<h1>Tommy</h1>
None
Ka-Boom.
http://cse1.net/lecture6
Databases
Name DOB Color Preference Shocked Cat 3/17/2010 white indoor Grumpy
Cat 4/4/2012 white indoor Keyboard Cat 1/1/1984 orange outdoor
SQL
SELECT name FROM cats
SELECT * from cats WHERE preference = ‘indoor’
INSERT INTO cats (name, dob, color, preference) VALUES ('Maru', '2008-06-01',
'gray', 'indoor')
UPDATE cats SET name = ‘shocked’ WHERE name = ‘Maru’
DELETE FROM cats WHERE name = ‘Maru’
CRUD
Create Read Update Delete
INSERT SELECT UPDATE DELETE
SELECT * FROM profiles WHERE username = ‘zuck’
I would like __ cheeseburgers cooked ____ and topped with
________.
I would like 2 cheeseburgers cooked medium-well and topped with
lettuce.
I would like 2 cheeseburgers cooked and then thrown at
the nearest customer’s head and topped with lettuce.
Injection
SELECT * FROM profiles WHERE username = ‘______’
‘ OR ‘1’ = ‘1
SELECT * FROM profiles WHERE username = ‘’ OR ‘1’
= ‘1’
Ka-Boom.
Authentication
SELECT * FROM users WHERE username = ‘_____’ AND password
= ‘_____’
SELECT * FROM users WHERE username = ‘rj’ AND password
= ‘’ OR ‘1’ = ‘1’
Ka-Boom.
’; DELETE FROM profiles; --
SELECT * FROM profiles WHERE username = ‘’; DELETE FROM
profiles; --’
None
Sanitizing Input
SELECT * FROM profiles WHERE username = '\' OR \'1\'
= \'1'
Permissions
http://cse1.net/lecture6
Encrypting Text
Caesar Cipher
ABCDEFGHIJKLMNOPQRSTUVWXYZ NOPQRSTUVWXYZABCDEFGHIJKLM
ROT13
banana
onanan
Brute-Force Attack
ROT26
Vigenère Cipher
banana + 246246
banana + 246246 detcrg
banana + cegceg detcrg
Plaintext: computer Key: benrj
computer + benrjben
computer + benrjben dszgduie
Symmetric-Key Cryptography
None
Asymmetric-Key Cryptography
Public/Private Keys
None
Trapdoor One-Way Function
2459 * 8863 = 21794117
Factor 21794117
RSA
Diffie-Hellman
Computer Science E-1 Lecture 6: Security
tmacwill
cbtlibrary
takesection
signer
hide2kano
pichuang
ainischool
matleenalaakso
mugiiicha
soukouki
yasuchikawakayama
ueponx
popppiees
ivargrimstad
jakevdp
soysaucechin
csswizardry
dugsong
skipperchong
holman
lemiorhan
tanoku
destraynor
yeseniaperezcruz
