SystemsSec 2016W Lecture 23

From Soma-notes

Topics and Readings

Notes

Midterm Discussion

 • Midterms almost all marked
 • Midterms will be returned on Thursday (April 7th), on average people did badly, we will discuss them in Thursday’s class
 • Question 1 was answered best overall, Anil had issues believing people had actually used the system before when they failed to supply enough detail
 • Question 2, most people just did not address all aspects of the question. Or argued for things that just were not true.
     o	Ex. Very few OS are verified, but lots of people claimed they were.
 • Question 3 also had several problems, he was extremely lenient with what qualified as a system (nowhere did the question say it had to be a computer system)
 • Example System: A Man carrying a suitcase full of cash
     o	Threat #1: Someone will steal the case
         Defense:  Get a bodyguard
           • Vulnerability: Guard could be bribed or could abandon you
     o	Threat #2: Hyperinflation reduces value of case contents to nothing
         Defense: Banks/Mints
           • Vulnerability: Currency minting plates get stolen
 • General Comment: FOLLOW THE FULL INSTRUCTIONS, BE SPECIFIC.
 • Concerns of time pressure leading to Anil thinking of 4 questions for the final

Paper: Boxify

 - Placeholder

Paper: Android Permissions Remystified

 - Placeholder

Anil: "Where the research is"

 - Placeholder